Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-4505 1 Mcafee 2 Common Management Agent, Virusscan Enterprise 2026-04-16 N/A
Unquoted Windows search path vulnerability in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run by naPrdMgr.exe when it attempts to execute EntVUtil.EXE under an unquoted "Program Files" path.
CVE-2002-0205 1 Plumtree 1 Plumtree Corporate Portal 2026-04-16 N/A
Cross-site scripting (CSS) vulnerability in error.asp for Plumtree Corporate Portal 3.5 through 4.5 allows remote attackers to execute arbitrary script on other clients via the "Description" parameter.
CVE-2005-4587 1 Juniper 1 Netscreen-security Manager 2004 2026-04-16 N/A
Juniper NetScreen-Security Manager (NSM) 2004 FP2 and FP3 allow remote attackers to cause a denial of service (crash or hang of server components that are automatically restarted) via a long crafted string on (1) port 7800 (the GUI Server port) or (2) port 7801 (the Device Server port).
CVE-2005-4591 1 Bogofilter 1 Email Filter 2026-04-16 N/A
Heap-based buffer overflow in bogofilter 0.96.2, 0.95.2, 0.94.14, 0.94.12, and other versions from 0.93.5 to 0.96.2, when using Unicode databases, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via "invalid input sequences" that lead to heap corruption when bogofilter or bogolexer converts character sets.
CVE-2005-4350 1 Sun 1 Wbem Services 2026-04-16 N/A
Unspecified vulnerability in WBEM Services A.01.x before A.01.05.12 and A.02.x before A.02.00.08 on HP-UX B.11.00 through B.11.23 allows remote attackers to cause an unspecified denial of service via unknown attack vectors.
CVE-2002-0210 1 Tolis Group 1 Bru 2026-04-16 N/A
setlicense for TOLIS Group Backup and Restore Utility (BRU) 17.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/brutest.$$ temporary file.
CVE-2002-0212 1 Hosting Controller 1 Hosting Controller 2026-04-16 N/A
The login for Hosting Controller 1.1 through 1.4.1 returns different error messages when a valid or invalid user is provided, which allows remote attackers to determine the existence of valid usernames and makes it easier to conduct a brute force attack.
CVE-2005-4592 1 Bogofilter 1 Email Filter 2026-04-16 N/A
Heap-based buffer overflow in bogofilter and bogolexer 0.96.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via words that are longer than the input buffer used by flex.
CVE-2002-0225 1 Cisco 1 Tacacs\+ 2026-04-16 N/A
tac_plus Tacacs+ daemon F4.0.4.alpha, originally maintained by Cisco, creates files from the accounting directive with world-readable and writable permissions, which allows local users to access and modify sensitive files.
CVE-2002-0231 1 Khaled Mardam-bey 1 Mirc 2026-04-16 N/A
Buffer overflow in mIRC 5.91 and earlier allows a remote server to execute arbitrary code on the client via a long nickname.
CVE-2005-4378 1 Nma 1 Baseline Cms 2026-04-16 N/A
SQL injection vulnerability in Page.asp in Baseline CMS 1.95 and earlier allows remote attackers to execute arbitrary SQL commands via the SiteNodeID parameter.
CVE-2002-0237 1 Iss 3 Blackice Agent, Blackice Defender, Realsecure Server Sensor 2026-04-16 N/A
Buffer overflow in ISS BlackICE Defender 2.9 and earlier, BlackICE Agent 3.0 and 3.1, and RealSecure Server Sensor 6.0.1 and 6.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a flood of large ICMP ping packets.
CVE-2005-4593 1 Joshua Eichorn 1 Phpdocumentor 2026-04-16 N/A
PHP remote file inclusion vulnerability in phpDocumentor 1.3.0 rc4 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary code via a URL in the (1) FORUM[LIB] parameter in Documentation/tests/bug-559668.php and (2) the root_dir parameter in docbuilder/file_dialog.php.
CVE-2006-3328 1 Starflow Software 1 Hostflow 2026-04-16 N/A
new_ticket.cgi in Hostflow 2.2.1-15 allows remote attackers to steal and replay authentication credentials via an IMG tag in the desc parameter ("Ticket Description" field) that points to a URL that captures referer URLs, possibly due to a cross-site scripting (XSS) vulnerability or a leak of credentials in referer URLs.
CVE-2002-0239 1 Hanterm 1 Hanterm 2026-04-16 N/A
Buffer overflow in hanterm 3.3.1 and earlier allows local users to execute arbitrary code via a long string in the (1) -fn, (2) -hfb, or (3) -hfn argument.
CVE-2002-0242 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Cross-site scripting vulnerability in Internet Explorer 6 earlier allows remote attackers to execute arbitrary script via an Extended HTML Form, whose output from the remote server is not properly cleansed.
CVE-2005-4601 2 Imagemagick, Redhat 2 Imagemagick, Enterprise Linux 2026-04-16 N/A
The delegate code in ImageMagick 6.2.4.5-0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename that is processed by the display command.
CVE-2006-3329 1 Deltascripts 1 Php Classifieds 2026-04-16 N/A
SQL injection vulnerability in search.php in PHP/MySQL Classifieds (PHP Classifieds) allows remote attackers to execute arbitrary SQL commands via the rate parameter.
CVE-2002-0245 1 Lotus 1 Domino 2026-04-16 N/A
Lotus Domino server 5.0.8 with NoBanner enabled allows remote attackers to (1) determine the physical path of the server via a request for a nonexistent file with a .pl (Perl) extension, which leaks the pathname in the error message, or (2) make any request that causes an HTTP 500 error, which leaks the server's version name in the HTTP error message.
CVE-2005-4602 1 Mybulletinboard 1 Mybulletinboard 2026-04-16 N/A
SQL injection vulnerability in inc/function_upload.php in MyBB before 1.0.1 allows remote attackers to execute arbitrary SQL commands via the file extension of an uploaded file attachment.