Export limit exceeded: 364527 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 364527 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364527 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0870 1 Cisco 2 Content Services Switch 11000, Webns 2026-04-16 N/A
The original patch for the Cisco Content Service Switch 11000 Series authentication bypass vulnerability (CVE-2001-0622) was incomplete, which still allows remote attackers to gain additional privileges by directly requesting the web management URL instead of navigating through the interface, possibly via a variant of the original attack, as identified by Cisco bug ID CSCdw08549.
CVE-2001-0386 1 Analogx 1 Simpleserver Www 2026-04-16 N/A
AnalogX SimpleServer:WWW 1.08 allows remote attackers to cause a denial of service via an HTTP request to the /aux directory.
CVE-2001-0388 3 Freebsd, Mandrakesoft, Suse 3 Freebsd, Mandrake Linux, Suse Linux 2026-04-16 N/A
time server daemon timed allows remote attackers to cause a denial of service via malformed packets.
CVE-2001-0394 1 Oreilly 1 Website Pro 2026-04-16 N/A
Remote manager service in Website Pro 3.0.37 allows remote attackers to cause a denial of service via a series of malformed HTTP requests to the /dyn directory.
CVE-2001-0395 1 Lightwavemo 2 Consoleserver 3200, Consoleserver 3200 Firmware 2026-04-16 9.8 Critical
Lightwave ConsoleServer 3200 does not disconnect users after unsuccessful login attempts, which could allow remote attackers to conduct brute force password guessing.
CVE-2002-0326 1 Working Resources Inc. 1 Badblue 2026-04-16 N/A
Cross-site scripting vulnerability in BadBlue before 1.6.1 beta allows remote attackers to execute arbitrary script and possibly additional commands via a URL that contains Javascript.
CVE-2001-0397 1 Silent Runner 1 Silent Runner Collector Src 2026-04-16 N/A
Buffer overflow in Silent Runner Collector (SRC) 1.6.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long SMTP HELO command.
CVE-2001-0398 1 Ritlabs 1 The Bat 2026-04-16 N/A
The BAT! mail client allows remote attackers to bypass user warnings of an executable attachment and execute arbitrary commands via an attachment whose file name contains many spaces, which also causes the BAT! to misrepresent the attachment's type with a different icon.
CVE-2002-0327 1 Century Software 1 Term 2026-04-16 N/A
Buffer overflow in Century Software TERM allows local users to gain root privileges via a long tty argument to the callin program.
CVE-2002-0871 2 Redhat, Xinetd 2 Linux, Xinetd 2026-04-16 N/A
xinetd 2.3.4 leaks file descriptors for the signal pipe to services that are launched by xinetd, which could allow those services to cause a denial of service via the pipe.
CVE-2001-0399 1 Caucho Technology 1 Resin 2026-04-16 N/A
Caucho Resin 1.3b1 and earlier allows remote attackers to read source code for Javabean files by inserting a .jsp before the WEB-INF specifier in an HTTP request.
CVE-2002-0328 1 Ikonboard.com 1 Ikonboard 2026-04-16 N/A
Cross-site scripting vulnerability in Ikonboard 3.0.1 allows remote attackers to execute arbitrary script as other Ikonboard users and steal cookies via Javascript in an IMG tag.
CVE-2003-0201 7 Apple, Compaq, Hp and 4 more 10 Mac Os X, Tru64, Cifs-9000 Server and 7 more 2026-04-16 N/A
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.
CVE-2003-1286 1 Sambar 1 Sambar Server 2026-04-16 N/A
HTTP Proxy in Sambar Server before 6.0 beta 6, when security.ini lacks a 127.0.0.1 proxydeny entry, allows remote attackers to send proxy HTTP requests to the Sambar Server's administrative interface and external web servers, by making a "Connection: keep-alive" request before the proxy requests.
CVE-2005-3200 1 Utopia Software 1 Utopia News Pro 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Utopia News Pro (UNP) 1.1.3 and 1.1.4 allow remote attackers to inject arbitrary web script or HTML via (1) the sitetitle parameter in header.php and (2) the version and (3) query_count parameters in footer.php.
CVE-2005-3686 1 Newsboard 1 Unclassified Newsboard 2026-04-16 N/A
SQL injection vulnerability in search.inc.php in Unclassified NewsBoard before 1.5.3 Patch 4 allows remote attackers to execute arbitrary SQL commands via the (1) DateFrom or (2) DateUntil parameter to forum.php.
CVE-2001-0400 1 Matt Tourtillott 1 Nph-maillist 2026-04-16 N/A
nph-maillist.pl allows remote attackers to execute arbitrary commands via shell metacharacters ("`") in the email address.
CVE-2002-0872 1 L2tpd 1 L2tpd 2026-04-16 N/A
l2tpd 0.67 does not initialize the random number generator, which allows remote attackers to hijack sessions.
CVE-2001-0401 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in tip in Solaris 8 and earlier allows local users to execute arbitrary commands via a long HOME environmental variable.
CVE-2002-0873 1 L2tpd 1 L2tpd 2026-04-16 N/A
Vulnerability in l2tpd 0.67 allows remote attackers to overwrite the vendor field via a long value in an attribute/value pair, possibly via a buffer overflow.