Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-1182 1 Mpm 1 Mpm Guestbook 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in MPM Guestbook 1.2 allows remote attackers to inject arbitrary web script or HTML via the lng parameter.
CVE-2006-1165 1 Andreas Gohr 1 Dokuwiki 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the mediamanager module in DokuWiki before 2006-03-05 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors relating to "handling EXIF data."
CVE-2003-1262 1 Http Fetcher 1 Http Fetcher Library 2026-04-16 N/A
Buffer overflow in the http_fetch function of HTTP Fetcher 1.0.0 and 1.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL request via a long (1) host, (2) referer, or (3) userAgent value.
CVE-2005-4233 1 Php Web Scripts 1 Ad Manager Pro 2026-04-16 N/A
SQL injection vulnerability in advertiser_statistic.php in Ad Manager Pro 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the ad_number parameter.
CVE-2003-1192 1 Truenorth Software 1 Ia Webmail Server 2026-04-16 N/A
Stack-based buffer overflow in IA WebMail Server 3.1.0 allows remote attackers to execute arbitrary code via a long GET request.
CVE-2003-1263 1 Brown Bear Software 1 Ical 2026-04-16 N/A
ICAL.EXE in iCal 3.7 allows remote attackers to cause a denial of service (crash) via a malformed HTTP request, possibly due to an invalid method name.
CVE-2003-1193 1 Oracle 2 Application Server Portal, Oracle9i 2026-04-16 N/A
Multiple SQL injection vulnerabilities in the Portal DB (1) List of Values (LOVs), (2) Forms, (3) Hierarchy, and (4) XML components packages in Oracle Oracle9i Application Server 9.0.2.00 through 3.0.9.8.5 allow remote attackers to execute arbitrary SQL commands via the URL.
CVE-2003-1198 1 Cherokee 1 Cherokee Httpd 2026-04-16 N/A
connection.c in Cherokee web server before 0.4.6 allows remote attackers to cause a denial of service via an HTTP POST request without a Content-Length header field.
CVE-2005-4281 1 Zaygo 1 Hostingcart 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Zaygo HostingCart 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via certain search module parameters, possibly the root parameter to zaygo.cgi.
CVE-2005-4298 1 Atlantpro.com 1 Atlantforum 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in atl.cgi in AtlantForum 4.02 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) sch_allsubct, (2) before, and (3) ct parameters.
CVE-2005-2668 2 Broadcom, Ca 28 Advantage Data Transport, Adviseit, Brightstor Portal and 25 more 2026-04-16 N/A
Multiple buffer overflows in Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allow remote attackers to execute arbitrary code via unknown vectors.
CVE-2006-0055 1 Freebsd 1 Freebsd 2026-04-16 N/A
The ispell_op function in ee on FreeBSD 4.10 to 6.0 uses predictable filenames and does not confirm which file is being written, which allows local users to overwrite arbitrary files via a symlink attack when ee invokes ispell.
CVE-2005-2944 1 Brent Ely 1 Gnome Workstation Command Center 2026-04-16 N/A
The perform_file_save function in GNOME Workstation Command Center (gwcc) 0.9.6 and earlier allows local users to create and overwrite arbitrary files via a symlink attack on the gwcc_out.txt temporary file.
CVE-2005-4470 1 Blender 1 Blenloader 2026-04-16 N/A
Heap-based buffer overflow in the get_bhead function in readfile.c in Blender BlenLoader 2.0 through 2.40pre allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a .blend file with a negative bhead.len value, which causes less memory to be allocated than expected, possibly due to an integer overflow.
CVE-2005-4308 1 Scriptscenter 1 Ezupload Pro 2026-04-16 N/A
index.php in ezUpload Pro 2.2 and earlier allows remote attackers to include files via the mode parameter.
CVE-2002-0362 1 Aol 1 Instant Messenger 2026-04-16 N/A
Buffer overflow in AOL Instant Messenger (AIM) 4.2 and later allows remote attackers to execute arbitrary code via a long AddExternalApp request and a TLV type greater than 0x2711.
CVE-2004-0042 1 Beasts 1 Vsftpd 2026-04-16 N/A
vsftpd 1.1.3 generates different error messages depending on whether or not a valid username exists, which allows remote attackers to identify valid usernames.
CVE-2004-0074 1 Michael Bischoff 1 Xsok 2026-04-16 N/A
Multiple buffer overflows in xsok 1.02 allows local users to gain privileges via (1) a long LANG environment variable, or (2) a long -xsokdir command line argument, a different vulnerability than CVE-2003-0949.
CVE-2004-0052 3 Clearswift, F-secure, Paul L Daniels 3 Mailsweeper, Internet Gatekeeper, Ripmime 2026-04-16 N/A
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard separator characters, or use standard separators incorrectly, within MIME headers, fields, parameters, or values, which may be interpreted differently by mail clients.
CVE-2004-0053 3 Clearswift, F-secure, Paul L Daniels 3 Mailsweeper, Internet Gatekeeper, Ripmime 2026-04-16 N/A
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use fields that use RFC2047 encoding, which may be interpreted differently by mail clients.