Export limit exceeded: 362730 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 362730 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (362730 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-4532 1 Scponly 1 Scponly 2026-04-16 N/A
scponlyc in scponly 4.1 and earlier, when the operating system supports LD_PRELOAD mechanisms, allows local users to execute arbitrary code with root privileges by creating a chroot directory in their home directory, hard linking to a system setuid application, and using a modified LD_PRELOAD to modify expected function calls in the setuid application.
CVE-2002-2079 2 Mosix Project, Openmosix Project 2 Mosix, Openmosix 2026-04-16 N/A
mosix-protocol-stack in Multicomputer Operating System for UnIX (MOSIX) 1.5.7 allows remote attackers to cause a denial of service via malformed packets.
CVE-2004-1555 1 Broadboard Instant 1 Asp Message Board 2026-04-16 N/A
Multiple SQL injection vulnerabilities in BroadBoard Instant ASP Message Board allow remote attackers to run arbitrary SQL commands via the (1) keywords parameter to search.asp, (2) handle parameter to profile.asp, (3) txtUserHandle parameter to reg2.asp or (4) txtUserEmail parameter to forgot.asp.
CVE-2002-2088 1 Mosix Project 1 Clump Os 2026-04-16 N/A
The MOSIX Project clump/os 5.4 creates a default VNC account without a password, which allows remote attackers to gain root access.
CVE-2002-2100 1 Microsoft 1 Outlook 2026-04-16 N/A
Microsoft Outlook 2002 allows remote attackers to embed bypass the file download restrictions for attachments via an HTML email message that uses an IFRAME to reference malicious content.
CVE-2004-1556 1 Mywebserver 1 Mywebserver 2026-04-16 N/A
MyWebServer 1.0.3 allows remote attackers to cause a denial of service (application crash) via a large number of connections within a short time.
CVE-2002-2107 1 Veridis 1 Openkeyserver 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the lookup script in Veridis OpenKeyServer (OKS) 1.2 allows remote attackers to inject arbitrary web script or HTML via the search parameter.
CVE-2002-2116 1 Netgear 2 Rm356, Rt338 2026-04-16 N/A
Netgear RM-356 and RT-338 series SOHO routers allow remote attackers to cause a denial of service (crash) via a UDP port scan, as demonstrated using nmap.
CVE-2005-4533 1 Scponly 1 Scponly 2026-04-16 N/A
Argument injection vulnerability in scponlyc in scponly 4.1 and earlier, when both scp and rsync compatibility are enabled, allows local users to execute arbitrary applications via "getopt" style argument specifications, which are not filtered.
CVE-2002-2139 1 Cisco 1 Pix Firewall Software 2026-04-16 N/A
Cisco PIX Firewall 6.0.3 and earlier, and 6.1.x to 6.1.3, do not delete the duplicate ISAKMP SAs for a user's VPN session, which allows local users to hijack a session via a man-in-the-middle attack.
CVE-2002-2144 1 Free Peers 1 Bearshare 2026-04-16 N/A
Directory traversal vulnerability in BearShare 4.0.5 and 4.0.6 allows remote attackers to read files outside of the web root by hex-encoding the "/" (forward slash) or "." (dot) characters.
CVE-2004-1557 1 Mywebserver 1 Mywebserver 2026-04-16 N/A
MyWebServer 1.0.3 allows remote attackers to bypass authentication, modify configuration, and read arbitrary files via a direct HTTP request to (1) /admin or (2) ServerProperties.html.
CVE-2002-2145 1 Savant 1 Savant Webserver 2026-04-16 N/A
Savant Web Server 3.1 and earlier allows remote attackers to bypass authentication for password protected user folders via a URL with a hex encoded space (%20) and a '.' (%2e) at the end of the filename.
CVE-2004-1558 1 Ypops 1 Ypops 2026-04-16 N/A
Multiple stack-based buffer overflows in YPOPs! (aka YahooPOPS) 0.4 through 0.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) POP3 USER command or (2) SMTP request.
CVE-2002-2146 1 Savant 1 Savant Webserver 2026-04-16 N/A
cgitest.exe in Savant Web Server 3.1 and earlier allows remote attackers to cause a denial of service (crash) via a long HTTP request.
CVE-2002-2189 2 Activxperts Software, Microsoft 2 Activwebserver, Windows 2003 Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in ActiveXperts Software ActiveWebserver allows remote attackers to execute arbitrary web script via a link.
CVE-2005-4534 1 Mozilla 1 Bugzilla 2026-04-16 N/A
The shadow database feature (syncshadowdb) in Bugzilla 2.9 through 2.16.10 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-2002-2321 1 Phplinkat 1 Phplinkat 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in (1) showcat.php and (2) addyoursite.php in phpLinkat 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the catid parameter.
CVE-2005-4545 1 Netdirect 1 Shopengine 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in search.asp in NetDirect ShopEngine allows remote attackers to inject arbitrary web script or HTML via the EXPS parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2004-1559 1 Wordpress 1 Wordpress 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Wordpress 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) redirect_to, text, popupurl, or popuptitle parameters to wp-login.php, (2) redirect_url parameter to admin-header.php, (3) popuptitle, popupurl, content, or post_title parameters to bookmarklet.php, (4) cat_ID parameter to categories.php, (5) s parameter to edit.php, or (6) s or mode parameter to edit-comments.php.