Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1996 1 Postnuke Software Foundation 1 Postnuke 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in PostNuke 0.71 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) name parameter in modules.php and (2) catid parameter in index.php.
CVE-2004-1747 1 Network Everywhere 1 Nr041 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in NetworkEverywhere NR041 running firmware 1.2 Release 03 allows remote attackers to inject arbitrary web script or HTML via the DHCP HOSTNAME option.
CVE-2002-2039 1 Qnx 1 Rtos 2026-04-16 N/A
/bin/su in QNX realtime operating system (RTOS) 4.25 and 6.1.0 allows local users to obtain sensitive information from core dump files by sending the SIGSERV (invalid memory reference) signal.
CVE-2002-2046 1 Xqus 1 X-news 2026-04-16 N/A
x_news.php in X-News (x_news) 1.1 and earlier allows remote attackers to gain administrative privileges by stealing and replaying the md5_password cookie.
CVE-2005-3901 1 Macromedia 1 Flash Communication Server 2026-04-16 N/A
Macromedia Flash Communication Server MX 1.0 and 1.5 does not sufficiently validate certain RTMP data, which allows attackers to cause a denial of service (instability or crash), as demonstrated using an alpha release build of Flash Player 8.5 (build 133).
CVE-2002-2048 1 Michael Baumer 1 Pfinger 2026-04-16 N/A
Buffer overflow in PFinger 0.7.8 client allows remote attackers to execute arbitrary code via a long query value passed to the (1) finger program, (2) -l, (3) -d, and (4) -t options. NOTE: if PFinger is not setuid or setgid, then this issue would not cross privilege boundaries and would not be considered a vulnerability.
CVE-2004-1773 2 Gnu, Redhat 2 Sharutils, Enterprise Linux 2026-04-16 N/A
Multiple buffer overflows in sharutils 4.2.1 and earlier may allow attackers to execute arbitrary code via (1) long output from wc to shar, or (2) unknown vectors in unshar.
CVE-2002-2266 1 Netscreen 1 Screenos 2026-04-16 N/A
NetScreen ScreenOS 2.8 through 4.0, when forwarding H.323 or Netmeeting traffic, allows remote attackers to cause a denial of service (firewall session table consumption) by establishing multiple half-open H.323 sessions, which are not cleaned up on garbage removal and do not time out for 36 hours.
CVE-2002-2267 1 Bogofilter 1 Bogopass Email Filter 2026-04-16 N/A
bogopass in bogofilter 0.9.0.4 allows local users to overwrite arbitrary files via a symlink attack on the bogopass temporary file.
CVE-2004-1776 1 Cisco 1 Ios 2026-04-16 N/A
Cisco IOS 12.1(3) and 12.1(3)T allows remote attackers to read and modify device configuration data via the cable-docsis read-write community string used by the Data Over Cable Service Interface Specification (DOCSIS) standard.
CVE-2002-2281 1 Symantec 1 Java 2026-04-16 N/A
Symantec Java! JIT (Just-In-Time) Compiler for Netscape Communicator 4.0 through 4.8 allows remote attackers to execute arbitrary Java commands via an applet that uses a jump call, which is not correctly compiled by the JIT compiler.
CVE-2004-1785 1 Invision Power Services 1 Invision Board 2026-04-16 N/A
SQL injection vulnerability in calendar.php for Invision Power Board 1.3 allows remote attackers to execute arbitrary SQL commands via the m parameter, which sets the $this->chosen_month variable.
CVE-2002-2284 1 Netscape 1 Communicator 2026-04-16 N/A
Netscape Communicator 4.0 through 4.79 allows remote attackers to bypass JVM security and execute arbitrary Java code via an applet that loads user-supplied Java classes.
CVE-2004-1790 1 Edimax 1 Full Rate Adsl Router 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the web management interface in Edimax AR-6004 ADSL Routers allows remote attackers to inject arbitrary web script or HTML via the URL.
CVE-2004-1812 1 Broadcom 1 Unicenter Tng 2026-04-16 N/A
Multiple stack-based buffer overflows in Agent Common Services (1) cam.exe and (2) awservices.exe in Unicenter TNG 2.4 allow remote attackers to execute arbitrary code.
CVE-2004-1815 2 Macromedia, Sun 3 Coldfusion, Jrun, One Application Server 2026-04-16 N/A
Unknown vulnerability in ColdFusion MX 6.0 and 6.1, and JRun 4.0, when a SOAP web service expects an array of objects as an argument, allows remote attackers to cause a denial of service (memory consumption).
CVE-2004-1827 2 Simple Machines, Yabb 2 Simple Machines Smf, Yabb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in YaBB 1 Gold(SP1.3) and YaBB SE 1.5.1 Final allows remote attackers to inject arbitrary web script via the background:url property in (1) glow or (2) shadow tags.
CVE-1999-0256 2 Jgaa, Microsoft 3 Warftpd, Windows 95, Windows Nt 2026-04-16 N/A
Buffer overflow in War FTP allows remote execution of commands.
CVE-2004-1880 1 Openldap 1 Openldap 2026-04-16 N/A
Memory leak in the back-bdb backend for OpenLDAP 2.1.12 and earlier allows remote attackers to cause a denial of service (memory consumption).
CVE-2004-1884 2 Ipswitch, Progress 3 Ws Ftp Pro, Ws Ftp Server, Ws Ftp Server 2026-04-16 N/A
Ipswitch WS_FTP Server 4.0.2 has a backdoor XXSESS_MGRYY username with a default password, which allows remote attackers to gain access.