Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0141 1 Infopop 1 Ultimate Bulletin Board 2026-04-16 N/A
Infopop Ultimate Bulletin Board (UBB) allows remote attackers to execute commands via shell metacharacters in the topic hidden field.
CVE-2002-1463 1 Symantec 4 Enterprise Firewall, Gateway Security, Raptor Firewall and 1 more 2026-04-16 N/A
Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections.
CVE-2004-1463 1 Moinmoin 1 Moinmoin 2026-04-16 N/A
Unknown vulnerability in the PageEditor in MoinMoin 1.2.2 and earlier, related to Access Control Lists (ACL), has unknown impact.
CVE-2005-1463 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2026-04-16 N/A
Multiple format string vulnerabilities in the (1) DHCP and (2) ANSI A dissectors in Ethereal before 0.10.11 may allow remote attackers to execute arbitrary code.
CVE-2003-1269 1 An 1 An-http 2026-04-16 N/A
AN HTTP 1.41e allows remote attackers to obtain the root web server path via an HTTP request with a long argument to a script, which leaks the path in an error message.
CVE-2002-0163 2 Redhat, Squid 2 Linux, Squid 2026-04-16 N/A
Heap-based buffer overflow in Squid before 2.4 STABLE4, and Squid 2.5 and 2.6 until March 12, 2002 distributions, allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via compressed DNS responses.
CVE-2002-0175 1 Avaya 1 Libsafe 2026-04-16 N/A
libsafe 2.0-11 and earlier allows attackers to bypass protection against format string vulnerabilities via format strings that use the "'" and "I" characters, which are implemented in libc but not libsafe.
CVE-2002-0174 1 Sgi 1 Irix 2026-04-16 N/A
nsd on SGI IRIX before 6.5.11 allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the nsd.dump file.
CVE-2004-2644 1 Asn.1 Compiler 1 Asn.1 Compiler 2026-04-16 N/A
Unspecified vulnerability in ASN.1 Compiler (asn1c) before 0.9.7 has unknown impact and attack vectors when processing "ANY" type tags.
CVE-2004-1397 1 Usemod 1 Usemodwiki 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in UseModWiki 1.0 allows remote attackers to inject arbitrary web script or HTML via an argument to wiki.pl.
CVE-2005-2443 1 Kshout 1 Kshout 2026-04-16 N/A
Kshout 2.x and 3.x stores settings.dat under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as usernames and passwords.
CVE-2000-1064 1 Hp 1 Jetdirect 2026-04-16 N/A
Buffer overflow in the LPD service in HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service.
CVE-2001-0173 2 Nobreak Technologies, Qdecoder 2 Crazywwwboard, Qdecoder 2026-04-16 N/A
Buffer overflow in qDecoder library 5.08 and earlier, as used in CrazyWWWBoard, CrazySearch, and other CGI programs, allows remote attackers to execute arbitrary commands via a long MIME Content-Type header.
CVE-2004-1403 1 Sir 1 Gnuboard 2026-04-16 N/A
PHP remote file inclusion vulnerability in index.php in GNUBoard 3.39 and earlier allows remote attackers to execute arbitrary PHP code by modifying the doc parameter to reference a URL on a remote web server that contains the code.
CVE-1999-1532 1 Netscape 1 Messaging Server 2026-04-16 N/A
Netscape Messaging Server 3.54, 3.55, and 3.6 allows a remote attacker to cause a denial of service (memory exhaustion) via a series of long RCPT TO commands.
CVE-2002-1664 1 Yahoo 1 Messenger 2026-04-16 N/A
Yahoo! Messenger before February 2002 allows remote attackers to add arbitrary users to another user's buddy list and possibly obtain sensitive information.
CVE-2005-3336 1 Mantis 1 Mantis 2026-04-16 N/A
SQL injection vulnerability in Mantis 1.0.0RC2 and 0.19.2 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2003-1175 1 Synthetic Reality 1 Sympoll 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in Sympoll 1.5 allows remote attackers to inject arbitrary web script or HTML via the vo parameter.
CVE-2005-3444 1 Oracle 1 Database Server 2026-04-16 N/A
Multiple unspecified vulnerabilities in the Programmatic Interface in Oracle Database Server from 8i up to 9.2.0.5 have unknown impact and attack vectors, aka Oracle Vuln# DB26.
CVE-2003-1176 1 Bdc Enterprises 1 Web Wiz Forums 2026-04-16 N/A
post_message_form.asp in Web Wiz Forums 6.34 through 7.5, when quote mode is used, allows remote attackers to read or write to private forums by modifying the FID (forum ID) parameter.