Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0451 1 Xblockout 1 Xbl 2026-04-16 N/A
Multiple buffer overflows in xbl before 1.0k allow local users to gain privileges via certain long command line arguments.
CVE-2003-0762 1 Foxweb 1 Foxweb 2026-04-16 N/A
Buffer overflow in (1) foxweb.dll and (2) foxweb.exe of Foxweb 2.5 allows remote attackers to execute arbitrary code via a long URL (PATH_INFO value).
CVE-2005-0300 1 Jsboard 1 Jsboard 2026-04-16 N/A
Directory traversal vulnerability in session.php in JSBoard 2.0.9 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the table parameter.
CVE-2003-0983 1 Cisco 2 80-7111-01 For The Unity-svrx255-1a, 80-7112-01 For The Unity-svrx255-2a 2026-04-16 N/A
Cisco Unity on IBM servers is shipped with default settings that should have been disabled by the manufacturer, which allows local or remote attackers to conduct unauthorized activities via (1) a "bubba" local user account, (2) an open TCP port 34571, or (3) when a local DHCP server is unavailable, a DHCP server on the manufacturer's test network.
CVE-2005-0309 1 Exponent 1 Exponent 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in (1) index.php or (2) mod.php in Exponent 0.95 allow remote attackers to inject arbitrary web script or HTML via the module parameter.
CVE-2003-1521 1 Sun 1 Java Plug-in 2026-04-16 N/A
Sun Java Plug-In 1.4 through 1.4.2_02 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model.
CVE-2002-1187 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Cross-site scripting vulnerability (XSS) in Internet Explorer 5.01 through 6.0 allows remote attackers to read and execute files on the local system via web pages using the <frame> or <iframe> element and javascript, aka "Frames Cross Site Scripting," as demonstrated using the PrivacyPolicy.dlg resource.
CVE-2005-0312 1 War Ftp Daemon 1 War Ftp Daemon 2026-04-16 N/A
WarFTPD 1.82 RC9, when running as an NT service, allows remote authenticated users to cause a denial of service (access violation) via a CWD command with a crafted pathname, as demonstrated using a large string of "%s" sequences, possibly indicating a format string vulnerability.
CVE-2004-0780 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in uustat in Sun Solaris 8 and 9 allows local users to execute arbitrary code via a long -S command line argument.
CVE-2005-0315 1 Amax Information Technologies 1 Magic Winmail Server 2026-04-16 N/A
The FTP service in Magic Winmail Server 4.0 Build 1112 does not verify that the IP address in a PORT command is the same as the IP address of the user of the FTP session, which allows remote authenticated users to use the server as an intermediary for port scanning.
CVE-2005-0316 1 Webwasher 1 Webwasher Classic 2026-04-16 N/A
WebWasher Classic 2.2.1 and 3.3, when running in server mode, does not properly drop CONNECT requests to the localhost from external systems, which could allow remote attackers to bypass intended access restrictions.
CVE-2002-1191 1 Sabre 1 Desktop Reservation Software 2026-04-16 N/A
The Sabserv client component in Sabre Desktop Reservation Software 4.2 through 4.4 allows remote attackers to cause a denial of service via malformed input to TCP port 1001.
CVE-2005-0318 1 Alt-n 1 Webadmin 2026-04-16 N/A
useredit_account.wdm in Alt-N WebAdmin 3.0.4 does not properly validate account edits by the logged in user, which allows remote authenticated users to edit other users' account information via a modified user parameter.
CVE-2004-1788 1 Asp-nuke 1 Asp-nuke 2026-04-16 N/A
ASP-Nuke 1.3 and earlier places user credentials under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to main.mdb.
CVE-2005-0613 1 Fckeditor 1 Fckeditor 2026-04-16 N/A
Unknown vulnerability in FCKeditor 2.0 RC2, when used with PHP-Nuke, allows remote attackers to upload arbitrary files.
CVE-2005-0968 1 Broadcom 1 Etrust Intrusion Detection 2026-04-16 N/A
Computer Associates (CA) eTrust Intrusion Detection 3.0 allows remote attackers to cause a denial of service via large size values that are not properly validated before calling the CPImportKey function in the Crypto API.
CVE-2005-0398 6 Altlinux, Ipsec-tools, Kame and 3 more 7 Alt Linux, Ipsec-tools, Racoon and 4 more 2026-04-16 N/A
The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets.
CVE-2005-1595 1 Codethat 1 Shoppingcart 2026-04-16 N/A
CodeThat ShoppingCart 1.3.1 stores config.ini under the web root, which allows remote attackers to obtain sensitive information via a direct request.
CVE-2005-2223 1 Mailenable 2 Mailenable Professional, Mailenable Standard 2026-04-16 N/A
Unknown vulnerability in the SMTP service in MailEnable Standard before 1.9 and Professional before 1.6 allows remote attackers to cause a denial of service (crash) during authentication.
CVE-2005-3015 1 Ibm 2 Lotus Domino, Lotus Domino Enterprise Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in IBM Lotus Domino 6.5.2 allows remote attackers to inject arbitrary web script or HTML via the (1) BaseTarget or (2) Src parameters.