Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-1607 1 Remote Cart 1 Remote Cart 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in shop.cgi in Remote Cart allows remote attackers to inject arbitrary web script or HTML via the (1) merchant or (2) demo parameters.
CVE-2005-3151 1 Blender 1 Blender 2026-04-16 N/A
Buffer overflow in blenderplay in Blender Player 2.37a allows attackers to execute arbitrary code via a long command line argument.
CVE-2006-0463 1 Ideosoft Design 1 Ideocontent Manager 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in IdeoContent Manager allows remote attackers to inject arbitrary web script or HTML via the (1) goto_id parameter to index.php or (2) page parameter to news_full.php.
CVE-2003-0894 1 Oracle 1 Oracle9i 2026-04-16 N/A
Buffer overflow in the (1) oracle and (2) oracleO programs in Oracle 9i Database 9.0.x and 9.2.x before 9.2.0.4 allows local users to execute arbitrary code via a long command line argument.
CVE-2002-1065 1 T. Hauck 1 Jana Web Server 2026-04-16 N/A
Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, does not restrict the number of unsuccessful login attempts, which makes it easier for remote attackers to gain privileges via brute force username and password guessing.
CVE-2004-2221 1 Mercantec 1 Softcart 2026-04-16 N/A
Buffer overflow in SoftCart.exe in Mercantec SoftCart 4.00b allows remote attackers to execute arbitrary code via a long parameter in an HTTP GET request.
CVE-2001-0151 1 Microsoft 1 Internet Information Services 2026-04-16 N/A
IIS 5.0 allows remote attackers to cause a denial of service via a series of malformed WebDAV requests.
CVE-2002-1076 1 Ipswitch 1 Imail 2026-04-16 N/A
Buffer overflow in the Web Messaging daemon for Ipswitch IMail before 7.12 allows remote attackers to execute arbitrary code via a long HTTP GET request for HTTP/1.0.
CVE-2001-1194 1 Zyxel 2 Prestige 1600, Prestige 681 2026-04-16 N/A
Zyxel Prestige 681 and 1600 SDSL Routers allow remote attackers to cause a denial of service via malformed packets with (1) an IP length less than actual packet size, or (2) fragmented packets whose size exceeds 64 kilobytes after reassembly.
CVE-2002-1083 1 Visualshapers 1 Ezcontents 2026-04-16 N/A
Directory traversal vulnerabilities in ezContents 1.41 and earlier allow remote attackers to cause ezContents to (1) create directories using the Maintain Images:Add New:Create Subdirectory item, or (2) list directories using the Maintain Images file listing, via .. (dot dot) sequences.
CVE-2006-4256 1 Horde 1 Application Framework 2026-04-16 N/A
index.php in Horde Application Framework before 3.1.2 allows remote attackers to include web pages from other sites, which could be useful for phishing attacks, via a URL in the url parameter, aka "cross-site referencing." NOTE: some sources have referred to this issue as XSS, but it is different than classic XSS.
CVE-2002-1095 1 Cisco 3 Secure Access Control Server, Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client 2026-04-16 N/A
Cisco VPN 3000 Concentrator before 2.5.2(F), with encryption enabled, allows remote attackers to cause a denial of service (reload) via a Windows-based PPTP client with the "No Encryption" option set.
CVE-2006-4258 1 John Hanna 1 Anti-spam Smtp Proxy Server 2026-04-16 N/A
Absolute path traversal vulnerability in the get functionality in Anti-Spam SMTP Proxy (ASSP) allows remote authenticated users to read arbitrary files via (1) C:\ (Windows drive letter), (2) UNC, and possibly other types of paths in the file parameter.
CVE-2002-1148 2 Apache, Redhat 3 Tomcat, Rhel Stronghold, Stronghold 2026-04-16 N/A
The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet.
CVE-2004-2151 1 Virtual Projects 1 Chatman 2026-04-16 N/A
Chatman 1.1.1 RC1 and earlier allows remote attackers to cause a denial of service (memory consumption or application crash) via a very large data size.
CVE-2004-2179 1 Microsoft 2 Frontpage, Ie 2026-04-16 N/A
asycpict.dll, as used in Microsoft products such as Front Page 97 and 98, allows remote attackers to cause a denial of service (hang) via a JPEG image with maximum height and width values.
CVE-2002-1170 2 Net-snmp, Redhat 2 Net-snmp, Linux 2026-04-16 N/A
The handle_var_requests function in snmp_agent.c for the SNMP daemon in the Net-SNMP (formerly ucd-snmp) package 5.0.1 through 5.0.5 allows remote attackers to cause a denial of service (crash) via a NULL dereference.
CVE-2002-0531 1 Emumail 3 Emumail, Emumail Red Hat Linux, Emumail Unix 2026-04-16 N/A
Directory traversal vulnerability in emumail.cgi in EMU Webmail 4.5.x and 5.1.0 allows remote attackers to read arbitrary files or list arbitrary directories via a .. (dot dot) in the type parameter.
CVE-2004-0524 1 Thiago Melo De Paula 1 Change Passwd 2026-04-16 N/A
Buffer overflow in the chpasswd command in the Change_passwd plugin before 4.0, as used in SquirrelMail, allows local users to gain root privileges via a long user name.
CVE-2002-1178 1 Jetty 1 Jetty Http Server 2026-04-16 N/A
Directory traversal vulnerability in the CGIServlet for Jetty HTTP server before 4.1.0 allows remote attackers to execute arbitrary commands via ..\ (dot-dot backslash) sequences in an HTTP request to the cgi-bin directory.