Search Results (351250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0035 1 Kth 1 Kth Kerberos 2026-04-16 N/A
Buffer overflow in the kdc_reply_cipher function in KTH Kerberos IV allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long authentication request.
CVE-2006-1926 1 Thwboard 1 Thwboard 2026-04-16 N/A
SQL injection vulnerability in showtopic.php in ThWboard 2.84 beta 3 and earlier allows remote attackers to execute arbitrary SQL commands via the pagenum parameter.
CVE-2005-1307 2 Adobe, Apple 2 Version Cue, Mac Os X 2026-04-16 N/A
The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to execute arbitrary code by copying and calling the scripts from a user-controlled directory.
CVE-2006-0209 1 Tanklogger 1 Tanklogger 2026-04-16 N/A
SQL injection vulnerability in general_functions.php in TankLogger 2.4 allows remote attackers to execute arbitrary SQL commands via the (1) livestock_id parameter to showInfo.php and (2) tank_id parameter, possibly to livestock.php.
CVE-2005-3054 1 Php 1 Php 2026-04-16 N/A
fopen_wrappers.c in PHP 4.4.0, and possibly other versions, does not properly restrict access to other directories when the open_basedir directive includes a trailing slash, which allows PHP scripts in one directory to access files in other directories whose names are substrings of the original directory.
CVE-2005-3300 1 Phpmyadmin 1 Phpmyadmin 2026-04-16 N/A
The register_globals emulation layer in grab_globals.php for phpMyAdmin before 2.6.4-pl3 does not perform safety checks on values in the _FILES array for uploaded files, which allows remote attackers to include arbitrary files by using direct requests to library scripts that do not use grab_globals.php, then modifying certain configuration values for the theme.
CVE-2001-0055 1 Cisco 2 Broadband Operating System, Cisco 6xx Routers 2026-04-16 N/A
CBOS 2.4.1 and earlier in Cisco 600 routers allows remote attackers to cause a denial of service via a slow stream of TCP SYN packets.
CVE-2006-3884 1 Gonafish 1 Linkscaffe 2026-04-16 N/A
Multiple SQL injection vulnerabilities in links.php in Gonafish LinksCaffe 3.0 allow remote attackers to execute arbitrary SQL commands via the (1) offset and (2) limit parameters, (3) newdays parameter in a new action, and the (4) link_id parameter in a deadlink action. NOTE: this issue can also be used for path disclosure by a forced SQL error, or to modify PHP files using OUTFILE.
CVE-2003-1087 1 Hp 1 Hp-ux 2026-04-16 N/A
Unknown vulnerability in diagmond and possibly other applications in HP9000 Series 700/800 running HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows remote attackers to cause a denial of service (program failure) via certain network traffic.
CVE-2001-0058 1 Cisco 2 Broadband Operating System, Cisco 6xx Routers 2026-04-16 N/A
The Web interface to Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a URL that does not end in a space character.
CVE-2001-0060 2 Redhat, Stunnel 2 Linux, Stunnel 2026-04-16 N/A
Format string vulnerability in stunnel 3.8 and earlier allows attackers to execute arbitrary commands via a malformed ident username.
CVE-2003-1088 1 Phpoutsourcing 1 Zorum 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php for Zorum 3.4 and 3.5 allows remote attackers to inject arbitrary web script or HTML via the method parameter.
CVE-2004-2516 1 Myserver 1 Myserver 2026-04-16 N/A
Directory traversal vulnerability in myServer 0.7 allows remote attackers to list arbitrary directories via an HTTP GET command with a large number of "./" sequences followed by "../" sequences.
CVE-2005-2180 1 Gnu 1 Gnats 2026-04-16 N/A
gen-index in GNATS 4.0, 4.1.0, and possibly earlier versions, when installed setuid, does not properly check files passed to the -o argument and opens the file with write access, which allows local users to overwrite arbitrary files.
CVE-2001-0065 1 Max-wilhelm Bruker 1 Bftpd 2026-04-16 N/A
Buffer overflow in bftpd 1.0.13 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long SITE CHOWN command.
CVE-2006-4124 1 Lesstif 1 Lesstif 2026-04-16 N/A
The libXm library in LessTif 0.95.0 and earlier allows local users to gain privileges via the DEBUG_FILE environment variable, which is used to create world-writable files when libXm is run from a setuid program.
CVE-2004-2517 1 Myserver 1 Myserver 2026-04-16 N/A
myServer 0.7.1 allows remote attackers to cause a denial of service (crash) via a long HTTP POST request in a View=Logon operation to index.html.
CVE-2005-2192 1 Alexander Palmo 1 Simple Php Blog 2026-04-16 N/A
SimplePHPBlog 0.4.0 stores password hashes in config/password.txt with insufficient access control, which allows remote attackers to obtain passwords via a brute force attack.
CVE-2006-1953 1 Caucho Technology 1 Resin 2026-04-16 N/A
Directory traversal vulnerability in Caucho Resin 3.0.17 and 3.0.18 for Windows allows remote attackers to read arbitrary files via a "C:%5C" (encoded drive letter) in a URL.
CVE-2001-0520 1 Aladdin Knowledge Systems 1 Esafe Gateway 2026-04-16 N/A
Aladdin eSafe Gateway versions 3.0 and earlier allows a remote attacker to circumvent filtering of SCRIPT tags by embedding the scripts within certain HTML tags including (1) onload in the BODY tag, (2) href in the A tag, (3) the BUTTON tag, (4) the INPUT tag, or (5) any other tag in which scripts can be defined.