Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0743 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Safari in Mac OS X before 10.3.5, after sending form data using the POST method, may re-send the data to a GET method URL if that URL is redirected after the POST data and the user uses the forward or backward buttons, which may cause an information leak.
CVE-2004-2443 1 Jaws 1 Jaws 2026-04-16 N/A
Jaws 0.3 allows remote attackers to bypass authentication and via an HTTP request to admin.php with the logged cookie set to the MD5 hash of a null password, which is compared against the logged session variable by the logged_on function in application.php.
CVE-2004-2371 1 Redstorm 3 Desert Siege, Ghost Recon, The Sum Of All Fears 2026-04-16 N/A
Multiple Red Storm web-based games, including Ghost Recon 1.4 and earlier, Desert Siege, and The Sum of all Fears 1.1.1.0 and earlier, do not properly check return values from certain functions, which allows remote attackers to cause a denial of service (hang) via packets that contain text strings with incorrect size values.
CVE-2005-2010 1 Uapplication 1 Ublog Reload 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in trackback.asp in Ublog Reload 1.0.5 allows remote attackers to inject arbitrary web script or HTML via the btitle parameter.
CVE-2004-2459 1 Gnu 1 Gnubiff 2026-04-16 N/A
Unknown vulnerability in gnubiff 1.2.0 and earlier allows local users to obtain passwords, related to the password table.
CVE-2000-1226 1 Snort 1 Snort 2026-04-16 N/A
Snort 1.6, when running in straight ASCII packet logging mode or IDS mode with straight decoded ASCII packet logging selected, allows remote attackers to cause a denial of service (crash) by sending non-IP protocols that Snort does not know about, as demonstrated by an nmap protocol scan.
CVE-2005-3422 1 10-4 Aps 1 Asp Fast Forum 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in error.asp in ASP Fast Forum allows remote attackers to inject arbitrary web script or HTML via the error parameter.
CVE-2000-1233 1 Phorum 1 Phorum 2026-04-16 N/A
SQL injection vulnerability in read.php3 and other scripts in Phorum 3.0.7 allows remote attackers to execute arbitrary SQL queries via the sSQL parameter.
CVE-2000-1240 1 Anyportal Php 1 Anyportal Php 2026-04-16 N/A
Unspecified vulnerability in siteman.php3 in AnyPortal(php) before 22 APR 00 allows remote attackers to obtain sensitive information via unknown attack vectors, which reveal the absolute path. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
CVE-2003-0059 2 Mit, Redhat 3 Kerberos 5, Enterprise Linux, Linux 2026-04-16 N/A
Unknown vulnerability in the chk_trans.c of the libkrb5 library for MIT Kerberos V5 before 1.2.5 allows users from one realm to impersonate users in other realms that have the same inter-realm keys.
CVE-2001-0001 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
cookiedecode function in PHP-Nuke 4.4 allows users to bypass authentication and gain access to other user accounts by extracting the authentication information from a cookie.
CVE-2003-0060 1 Mit 1 Kerberos 5 2026-04-16 N/A
Format string vulnerabilities in the logging routines for MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in Kerberos principal names.
CVE-2006-1852 1 Scriptsfrenzy 1 Article Publisher Pro 2026-04-16 N/A
SQL injection vulnerability in category.php in Article Publisher Pro 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the cname parameter.
CVE-2003-1074 1 Sun 1 Solaris 2026-04-16 N/A
Unknown vulnerability in newtask for Solaris 9 allows local users to gain root privileges.
CVE-2003-1085 1 Thomson 2 Tcm Cable Modem, Tcw Cable Modem 2026-04-16 N/A
The HTTP server in the Thomson TWC305, TWC315, and TCW690 cable modem ST42.03.0a allows remote attackers to cause a denial of service (unstable service) via a long GET request, possibly caused by a buffer overflow.
CVE-2001-0034 1 Kth 1 Kth Kerberos 2026-04-16 N/A
KTH Kerberos IV allows local users to specify an alternate proxy using the krb4_proxy variable, which allows the user to generate false proxy responses and possibly gain privileges.
CVE-2001-0055 1 Cisco 2 Broadband Operating System, Cisco 6xx Routers 2026-04-16 N/A
CBOS 2.4.1 and earlier in Cisco 600 routers allows remote attackers to cause a denial of service via a slow stream of TCP SYN packets.
CVE-2006-3884 1 Gonafish 1 Linkscaffe 2026-04-16 N/A
Multiple SQL injection vulnerabilities in links.php in Gonafish LinksCaffe 3.0 allow remote attackers to execute arbitrary SQL commands via the (1) offset and (2) limit parameters, (3) newdays parameter in a new action, and the (4) link_id parameter in a deadlink action. NOTE: this issue can also be used for path disclosure by a forced SQL error, or to modify PHP files using OUTFILE.
CVE-2003-1087 1 Hp 1 Hp-ux 2026-04-16 N/A
Unknown vulnerability in diagmond and possibly other applications in HP9000 Series 700/800 running HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows remote attackers to cause a denial of service (program failure) via certain network traffic.
CVE-2001-0058 1 Cisco 2 Broadband Operating System, Cisco 6xx Routers 2026-04-16 N/A
The Web interface to Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a URL that does not end in a space character.