Export limit exceeded: 20044 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363821 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-4046 1 Sun 2 Java System Application Server, One Application Server 2026-04-16 N/A
Unspecified vulnerability in Reverse SSL Proxy Plug-in for Sun Java System Application Server Standard Edition 7 2004Q2, Application Server Enterprise Edition 8.1 2005Q1, and Sun ONE Application Server 7 Standard Edition, as used in multiple web servers, allows remote attackers to conduct man-in-the-middle (MITM) attacks and "compromise data privacy."
CVE-1999-0987 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Windows NT does not properly download a system policy if the domain user logs into the domain with a space at the end of the domain name.
CVE-2005-4047 1 Iisworks 1 Aspknowledgebase 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in kb.asp in IISWorks ASPKnowledgeBase 2.0 allows remote attackers to inject arbitrary web script or HTML via the a parameter.
CVE-1999-1365 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Windows NT searches a user's home directory (%systemroot% by default) before other directories to find critical programs such as NDDEAGNT.EXE, EXPLORER.EXE, USERINIT.EXE or TASKMGR.EXE, which could allow local users to bypass access restrictions or gain privileges by placing a Trojan horse program into the root directory, which is writable by default.
CVE-1999-1412 2 Apache, Apple 2 Http Server, Macos 2026-04-16 N/A
A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service (crash) via a flood of HTTP GET requests to CGI programs, which generates a large number of processes.
CVE-2005-4049 1 Netart Media 1 Blog System 2026-04-16 N/A
Multiple SQL injection vulnerabilities in Blog System 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the cat parameter in index.php and (2) the note parameter in blog.php.
CVE-2005-4050 1 Multi-tech Systems 1 Multivoip 2026-04-16 N/A
Buffer overflow in multiple Multi-Tech Systems MultiVOIP devices with firmware before x.08 allows remote attackers to execute arbitrary code via a long INVITE field in a Session Initiation Protocol (SIP) packet.
CVE-2005-4051 1 E107 1 E107 2026-04-16 N/A
e107 0.6174 allows remote attackers to vote multiple times for a download via repeated requests to rate.php.
CVE-2001-0537 1 Cisco 1 Ios 2026-04-16 N/A
HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL.
CVE-2005-4052 1 E107 1 E107 2026-04-16 N/A
e107 0.6174 allows remote attackers to redirect users to other web sites via the download parameter in rate.php, which is used after a user submits a file download rating. NOTE: in the default installation, the e_BASE variable restricts the redirection to the same web site.
CVE-2002-0029 3 Astaro, Isc, Redhat 3 Security Linux, Bind, Enterprise Linux 2026-04-16 N/A
Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the (1) getnetbyname, or (2) getnetbyaddr functions, aka "LIBRESOLV: buffer overrun" and a different vulnerability than CVE-2002-0684.
CVE-2005-4053 1 Cowiki 1 Cowiki 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in coWiki 0.3.4 allows remote attackers to inject arbitrary web script or HTML via the q parameter, as demonstrated using 26.html.
CVE-2003-1418 1 Apache 1 Http Server 2026-04-16 N/A
Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows remote attackers to obtain sensitive information via (1) the ETag header, which reveals the inode number, or (2) multipart MIME boundary, which reveals child process IDs (PID).
CVE-2005-4054 1 Pluggedout 1 Pluggedout Blog 2026-04-16 N/A
SQL injection vulnerability in index.php in PluggedOut Blog 1.9.5 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) categoryid, (2) entryid, (3) year, (4) month, and (5) day parameter.
CVE-2003-1497 1 Linksys 1 Befsx41 2026-04-16 N/A
Buffer overflow in the system log viewer of Linksys BEFSX41 1.44.3 allows remote attackers to cause a denial of service via an HTTP request with a long Log_Page_Num variable.
CVE-2005-4055 1 Cars Portal 1 Cars Portal 2026-04-16 N/A
SQL injection vulnerability in index.php in Cars Portal 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) page and (2) car parameters.
CVE-2005-4056 1 Jonathan Beckett 1 Pluggedout Nexus 2026-04-16 N/A
SQL injection vulnerability in search.php in PluggedOut Nexus 0.1 allows remote attackers to execute arbitrary SQL commands via the (1) Location, (2) Last Name, and (3) First Name parameters.
CVE-2005-4057 1 Jonathan Beckett 1 Pluggedout Nexus 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in search.php in PluggedOut Nexus 0.1 allows remote attackers to inject arbitrary web script or HTML via the (1) Location, (2) Last Name, and (3) First Name parameters.
CVE-2005-4058 1 Saralblog 1 Saralblog 2026-04-16 N/A
SQL injection vulnerability in saralblog 1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to viewprofile.php.
CVE-2003-1504 1 Goldscripts 1 Goldlink 2026-04-16 N/A
SQL injection vulnerability in variables.php in Goldlink 3.0 allows remote attackers to execute arbitrary SQL commands via the (1) vadmin_login or (2) vadmin_pass cookie in a request to goldlink.php.