Search Results (351250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0879 1 Microsoft 4 Sql Server, Windows 2000, Windows Nt and 1 more 2026-04-16 N/A
Format string vulnerability in the C runtime functions in SQL Server 7.0 and 2000 allows attackers to cause a denial of service.
CVE-2005-2838 1 Mywebland 1 Mybloggie 2026-04-16 N/A
SQL injection vulnerability in login.php in myBloggie 2.1.3-beta and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2001-0899 2 Phpnuke, Rick Fournier 2 Php-nuke, Network Tools 2026-04-16 N/A
Network Tools 0.2 for PHP-Nuke allows remote attackers to execute commands on the server via shell metacharacters in the $hostinput variable.
CVE-2001-0904 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 5.5 and 6 with the Q312461 (MS01-055) patch modifies the HTTP_USER_AGENT (UserAgent) information that indicates that the patch has been installed, which could allow remote malicious web sites to more easily identify and exploit vulnerable clients.
CVE-2001-0906 2 Redhat, Tetex 2 Linux, Tetex 2026-04-16 N/A
teTeX filter before 1.0.7 allows local users to gain privileges via a symlink attack on temporary files that are produced when printing .dvi files using lpr.
CVE-2001-0911 2 Francisco Burzi, Postnuke Software Foundation 2 Php-nuke, Postnuke 2026-04-16 N/A
PHP-Nuke 5.1 stores user and administrator passwords in a base-64 encoded cookie, which could allow remote attackers to gain privileges by stealing or sniffing the cookie and decoding it.
CVE-2001-0912 1 Mandrakesoft 1 Mandrake Linux 2026-04-16 N/A
Packaging error for expect 8.3.3 in Mandrake Linux 8.1 causes expect to search for its libraries in the /home/snailtalk directory before other directories, which could allow a local user to gain root privileges.
CVE-2001-0402 3 Darren Reed, Freebsd, Openbsd 3 Ipfilter, Freebsd, Openbsd 2026-04-16 N/A
IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port.
CVE-2001-0440 4 Conectiva, Licq, Mandrakesoft and 1 more 5 Linux, Licq, Mandrake Linux and 2 more 2026-04-16 N/A
Buffer overflow in logging functions of licq before 1.0.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands.
CVE-2002-0832 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 5, 5.6, and 6 allows remote attackers to bypass cookie privacy settings and store information across browser sessions via the userData (storeuserData) feature.
CVE-2003-1031 1 Jelsoft 1 Vbulletin 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in register.php for vBulletin 3.0 Beta 2 allows remote attackers to inject arbitrary HTML or web script via optional fields such as (1) "Interests-Hobbies", (2) "Biography", or (3) "Occupation."
CVE-2004-2494 1 Code-crafters 1 Ability Mail Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in _error in Ability Mail Server 1.18 allows remote attackers to inject arbitrary web script or HTML via the erromsg parameter.
CVE-2005-0088 2 Apache, Redhat 2 Mod Python, Enterprise Linux 2026-04-16 N/A
The publisher handler for mod_python 2.7.8 and earlier allows remote attackers to obtain access to restricted objects via a crafted URL.
CVE-2005-4467 1 Phpgedview 1 Phpgedview 2026-04-16 N/A
Directory traversal vulnerability in help_text_vars.php in PHPGedView 3.3.7 and earlier allows remote attackers to read and include arbitrary files via a .. (dot dot) in the PGV_BASE_DIRECTORY parameter.
CVE-2005-4468 1 Phpgedview 1 Phpgedview 2026-04-16 N/A
PHP remote file include vulnerability in help_text_vars.php in PHPGedView 3.3.7 and earlier allows remote attackers to execute arbitrary code via a URL in the PGV_BASE_DIRECTORY parameter.
CVE-2006-0032 1 Microsoft 3 Windows 2000, Windows 2003 Server, Windows Xp 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the Indexing Service in Microsoft Windows 2000, XP, and Server 2003, when the Encoding option is set to Auto Select, allows remote attackers to inject arbitrary web script or HTML via a UTF-7 encoded URL, which is injected into an error message whose charset is set to UTF-7.
CVE-2005-2256 1 Phppgadmin 1 Phppgadmin 2026-04-16 N/A
Encoded directory traversal vulnerability in phpPgAdmin 3.1 to 3.5.3 allows remote attackers to access arbitrary files via "%2e%2e%2f" (encoded dot dot) sequences in the formLanguage parameter.
CVE-2005-2258 1 Squitosoft 1 Squito Gallery 2026-04-16 N/A
PHP remote file inclusion vulnerability in photolist.inc.php in Squito Gallery 1.33 allows remote attackers to execute arbitrary code via the photoroot parameter.
CVE-2001-0215 1 Martin Hamilton 1 Roads 2026-04-16 N/A
ROADS search.pl program allows remote attackers to read arbitrary files by specifying the file name in the form parameter and terminating the filename with a null byte.
CVE-2001-0221 1 Freebsd 1 Ja-xklock 2026-04-16 N/A
Buffer overflow in ja-xklock 2.7.1 and earlier allows local users to gain root privileges.