Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1743 | 1 Mirabilis | 1 Icq | 2026-04-16 | N/A |
| AOL ICQ 2002a Build 3722 allows remote attackers to cause a denial of service (crash) via a malformed .hpf file. | ||||
| CVE-2003-0163 | 1 Gaim-encryption | 1 Gaim-encryption | 2026-04-16 | N/A |
| decrypt_msg for the Gaim-Encryption GAIM plugin 1.15 and earlier does not properly validate a message length parameter, which allows remote attackers to cause a denial of service (crash) via a negative length, which overwrites arbitrary heap memory with a zero byte. | ||||
| CVE-2003-1305 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Microsoft Internet Explorer allows remote attackers to cause a denial of service (resource consumption) via a Javascript src attribute that recursively loads the current web page. | ||||
| CVE-2002-1744 | 1 Microsoft | 1 Internet Information Services | 2026-04-16 | N/A |
| Directory traversal vulnerability in CodeBrws.asp in Microsoft IIS 5.0 allows remote attackers to view source code and determine the existence of arbitrary files via a hex-encoded "%c0%ae%c0%ae" string, which is the Unicode representation for ".." (dot dot). | ||||
| CVE-2003-0167 | 1 Mutt | 1 Mutt | 2026-04-16 | N/A |
| Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and earlier, and Balsa 1.2.4 and earlier, allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a specially crafted mail folder, a different vulnerability than CVE-2003-0140. | ||||
| CVE-2002-1746 | 1 Maxim Krasnyansky | 1 Vtun | 2026-04-16 | N/A |
| Vtun 2.5b1 allows remote attackers to inject data into user sessions by sniffing and replaying packets. | ||||
| CVE-2006-0784 | 1 D-link | 1 Dwl-g700ap | 2026-04-16 | N/A |
| D-Link DWL-G700AP with firmware 2.00 and 2.01 allows remote attackers to cause a denial of service (CAMEO HTTP service crash) via a request composed of "GET" followed by a space and two newlines, possibly triggering the crash due to missing arguments. | ||||
| CVE-2006-0785 | 1 Phpkit | 1 Phpkit | 2026-04-16 | N/A |
| Absolute path traversal vulnerability in include.php in PHPKIT 1.6.1 Release 2 and earlier allows remote attackers to include and execute arbitrary local files via a direct request with a path parameter with a null character and beginning with (1) '/' (slash) for an absolute pathname or (2) a drive letter (such as "C:"), which bypasses checks for ".." sequences and trailing ".php" extensions. | ||||
| CVE-2006-0796 | 1 Clever Copy | 1 Clever Copy | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in default.php in Clever Copy 3.0 allows remote attackers to inject arbitrary web script or HTML via the Subject field when sending private messages (privatemessages.php). NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-0798 | 1 Macallan | 1 Mail Solution | 2026-04-16 | N/A |
| Multiple directory traversal vulnerabilities in the IMAP service in Macallan Mail Solution before 4.8.05.004 allow remote authenticated users to read e-mails of other users or create, modify, or delete directories via a .. (dot dot) in the argument to the (1) CREATE, (2) SELECT, (3) DELETE, or (4) RENAME commands. | ||||
| CVE-2006-0803 | 2 Novell, Suse | 2 Suse Linux, Suse Linux | 2026-04-16 | N/A |
| The signature verification functionality in the YaST Online Update (YOU) script handling relies on a gpg feature that is not intended for signature verification, which prevents YOU from detecting malicious scripts or code that do not pass the signature check when gpg 1.4.x is being used. | ||||
| CVE-2006-0804 | 1 Tin | 1 Tin | 2026-04-16 | N/A |
| Off-by-one error in TIN 1.8.0 and earlier might allow attackers to execute arbitrary code via unknown vectors that trigger a buffer overflow. | ||||
| CVE-2006-0808 | 1 Mute | 1 Mute | 2026-04-16 | N/A |
| MUTE 0.4 allows remote attackers to cause a denial of service (messages not forwarded) and obtain sensitive information about a target by filling a client's mWebCache cache with malicious "zombie" nodes. | ||||
| CVE-2006-0809 | 1 Skate Board | 1 Skate Board | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Skate Board 0.9 allow remote attackers to execute arbitrary SQL commands via the (1) usern parameter in (a) sendpass.php, and the (2) usern and (3) passwd parameters and (4) sf_cookie cookie in (b) login.php and (c) logged.php. | ||||
| CVE-2006-0811 | 1 Skate Board | 1 Skate Board | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in reguser.php in Skate Board 0.9 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters involved with the registration form. | ||||
| CVE-2006-0812 | 1 Visnetic | 1 Visnetic Antivirus Plug-in For Mail Server | 2026-04-16 | N/A |
| The VisNetic AntiVirus Plug-in (DKAVUpSch.exe) for Mail Server 4.6.0.4, 4.6.1.1, and possibly other versions before 4.6.1.2, does not drop privileges before executing other programs, which allows local users to gain privileges. | ||||
| CVE-2006-0815 | 1 Networkactiv | 1 Networkactiv Web Server | 2026-04-16 | N/A |
| NetworkActiv Web Server 3.5.15 allows remote attackers to read script source code via a crafted URL with a "/" (forward slash) after the file extension. | ||||
| CVE-2006-0816 | 1 Orionserver | 1 Orion Application Server | 2026-04-16 | N/A |
| Orion Application Server before 2.0.7, when running on Windows, allows remote attackers to obtain the source code of JSP files via (1) . (dot) and (2) space characters in the extension of a URL. | ||||
| CVE-2006-0819 | 1 Gnome | 1 Dwarf Http Server | 2026-04-16 | N/A |
| Dwarf HTTP Server 1.3.2 allows remote attackers to obtain the source code of JSP files via (1) dot, (2) space, (3) slash, or (4) NULL characters in the filename extension of an HTTP request. | ||||
| CVE-2006-0820 | 1 Gnome | 1 Dwarf Http Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Dwarf HTTP Server 1.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified error messages. | ||||