Search Results (351250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-2291 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Microsoft Windows Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code via an embedded script that uses Shell Helper objects and a shortcut (link) to execute the target script.
CVE-2004-1966 1 Openbb 1 Openbb 2026-04-16 N/A
Multiple SQL injection vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) FID parameter in board.php, (2) sortorder, perpage, or id parameters in member.php, (3) forums parameter in search.php, or (4) PID or FID parameters in post.php.
CVE-2001-1577 1 Caldera 2 Openunix, Unixware 2026-04-16 N/A
Unknown vulnerability in CDE in Caldera OpenUnix 7.1.0, 7.1.1, and 8.0 allows an xterm session to gain privileges when the session is reused.
CVE-2003-1142 1 Network Instruments 1 Niprint Lpd-lpr Print Server 2026-04-16 N/A
Help in NIPrint LPD-LPR Print Server 4.10 and earlier executes Windows Explorer with SYSTEM privileges, which allows local users to gain privileges.
CVE-2001-1584 1 Michael Barretto 1 Cardboard 2026-04-16 N/A
CardBoard 2.4 greeting card CGI by Michael Barretto allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient field.
CVE-2004-2601 1 Ubertec 1 Help Center Live 2026-04-16 N/A
PHP remote file inclusion vulnerability in UberTec Help Center Live (HCL) allows remote attackers to read local files and possibly execute PHP code via a URL in the SKIN_inner parameter to inc/skin.php.
CVE-2001-1247 2 Php, Redhat 2 Php, Linux 2026-04-16 N/A
PHP 4.0.4pl1 and 4.0.5 in safe mode allows remote attackers to read and write files owned by the web server UID by uploading a PHP script that uses the error_log function to access the files.
CVE-2003-1144 1 Perception 1 Liteserve 2026-04-16 N/A
Buffer overflow in the log viewing interface in Perception LiteServe 1.25 through 2.2 allows remote attackers to execute arbitrary code via a GET request with a long file name.
CVE-2004-1337 3 Conectiva, Gnu, Ubuntu 3 Linux, Realtime Linux Security Module, Ubuntu Linux 2026-04-16 N/A
The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 does not properly handle the credentials of a process that is launched before the module is loaded, which allows local users to gain privileges.
CVE-2003-1254 1 Active Php Bookmarks 1 Active Php Bookmarks 2026-04-16 N/A
Active PHP Bookmarks (APB) 1.1.01 allows remote attackers to execute arbitrary PHP code via (1) head.php, (2) apb_common.php, or (3) apb_view_class.php by modifying the APB_SETTINGS parameter to reference a URL on a remote web server that contains the code.
CVE-2001-1456 4 Mcafee, Network Associates, Pgp and 1 more 5 Webshield Smtp, Gauntlet Firewall, Mcafee E-ppliance and 2 more 2026-04-16 N/A
Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message.
CVE-2002-2318 1 Blueface 1 Falcon Web Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Falcon web server 2.0.0.1009 through 2.0.0.1021 allows remote attackers to inject arbitrary web script or HTML via the URI, which is inserted into 301 error messages and executed by 404 error messages.
CVE-2006-0510 1 Daffodil Software 1 Daffodil Crm 2026-04-16 N/A
SQL injection vulnerability in userlogin.jsp in Daffodil CRM 1.5 allows remote attackers to execute arbitrary SQL commands via unspecified parameters in a login action.
CVE-2003-1145 1 Openautoclassifieds 1 Openautoclassifieds 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in friendmail.php in OpenAutoClassifieds 1.0 allows remote attackers to inject arbitrary web script or HTML via the listing parameter.
CVE-2001-1458 1 Novell 1 Groupwise 2026-04-16 N/A
Directory traversal vulnerability in Novell GroupWise 5.5 and 6.0 allows remote attackers to read arbitrary files via a request for /servlet/webacc?User.html= that contains "../" (dot dot) sequences and a null character.
CVE-2001-1158 1 Checkpoint 1 Firewall-1 2026-04-16 N/A
Check Point VPN-1/FireWall-1 4.1 base.def contains a default macro, accept_fw1_rdp, which can allow remote attackers to bypass intended restrictions with forged RDP (internal protocol) headers to UDP port 259 of arbitrary hosts.
CVE-2001-0763 3 Debian, Redhat, Suse 3 Debian Linux, Linux, Suse Linux 2026-04-16 N/A
Buffer overflow in Linux xinetd 2.1.8.9pre11-1 and earlier may allow remote attackers to execute arbitrary code via a long ident response, which is not properly handled by the svc_logprint function.
CVE-2001-0767 1 Steve Poulsen 1 Guildftpd 2026-04-16 N/A
Directory traversal vulnerability in GuildFTPd 0.9.7 allows attackers to list or read arbitrary files and directories via a .. in (1) LS or (2) GET.
CVE-2002-0002 4 Engardelinux, Mandrakesoft, Redhat and 1 more 4 Secure Linux, Mandrake Linux, Linux and 1 more 2026-04-16 N/A
Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code.
CVE-2001-1467 1 Don Libes 1 Expect 2026-04-16 N/A
mkpasswd in expect 5.2.8, as used by Red Hat Linux 6.2 through 7.0, seeds its random number generator with its process ID, which limits the space of possible seeds and makes it easier for attackers to conduct brute force password attacks.