Export limit exceeded: 364436 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 364436 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 364436 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-0059 1 Livedata 1 Iccp Server 2026-04-16 N/A
Heap-based buffer overflow in the ISO Transport Service over TCP (RFC 1006) implementation of LiveData ICCP Server before 5.00.035 allows remote attackers to cause a denial of service or execute arbitrary code via malformed packets.
CVE-2004-1569 1 Illustrate 2 Dbpoweramp Audio Player, Dbpoweramp Music Converter 2026-04-16 N/A
Buffer overflow in (1) MusicConverter.exe, (2) playlist.exe, and (3) amp.exe in dBpowerAMP Audio Player 2.0 and dbPowerAmp Music Converter 10.0 allows remote attackers to cause a denial of service or execute arbitrary code via a .pls or .m3u playlist that contains long File1 (filename) fields.
CVE-2003-0983 1 Cisco 2 80-7111-01 For The Unity-svrx255-1a, 80-7112-01 For The Unity-svrx255-2a 2026-04-16 N/A
Cisco Unity on IBM servers is shipped with default settings that should have been disabled by the manufacturer, which allows local or remote attackers to conduct unauthorized activities via (1) a "bubba" local user account, (2) an open TCP port 34571, or (3) when a local DHCP server is unavailable, a DHCP server on the manufacturer's test network.
CVE-2006-1856 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
Certain modifications to the Linux kernel 2.6.16 and earlier do not add the appropriate Linux Security Modules (LSM) file_permission hooks to the (1) readv and (2) writev functions, which might allow attackers to bypass intended access restrictions.
CVE-2003-1527 2 Ibm, Iss 2 Internet Security Systems Blackice Defender, Blackice Server Protection 2026-04-16 N/A
BlackICE Defender 2.9.cap and Server Protection 3.5.cdf, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets.
CVE-2004-1570 1 Eaden Mckee 1 Bblog 2026-04-16 N/A
SQL injection vulnerability in bBlog 0.7.2 and 0.7.3 allows remote attackers to execute arbitrary SQL commands via the p parameter.
CVE-2004-1788 1 Asp-nuke 1 Asp-nuke 2026-04-16 N/A
ASP-Nuke 1.3 and earlier places user credentials under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to main.mdb.
CVE-2005-1213 1 Microsoft 1 Outlook Express 2026-04-16 N/A
Stack-based buffer overflow in the news reader for Microsoft Outlook Express (MSOE.DLL) 5.5 SP2, 6, and 6 SP1 allows remote malicious NNTP servers to execute arbitrary code via a LIST response with a long second field.
CVE-2004-2459 1 Gnu 1 Gnubiff 2026-04-16 N/A
Unknown vulnerability in gnubiff 1.2.0 and earlier allows local users to obtain passwords, related to the password table.
CVE-2005-1008 1 Asp-dev 1 Xm Forum 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in posts.asp for ASP-DEv XM Forum RC3 allows remote attackers to inject arbitrary web script or HTML via a "javascript:" URL in an IMG tag.
CVE-2006-2461 1 Bea 1 Weblogic Server 2026-04-16 N/A
BEA WebLogic Server before 8.1 Service Pack 4 does not properly set the Quality of Service in certain circumstances, which prevents some transmissions from being encrypted via SSL, and allows remote attackers to more easily read potentially sensitive network traffic.
CVE-2005-1015 1 Mailenable 1 Imapd 2026-04-16 N/A
Buffer overflow in MailEnable Imapd (MEIMAP.exe) allows remote attackers to execute arbitrary code via a long LOGIN command.
CVE-2005-1595 1 Codethat 1 Shoppingcart 2026-04-16 N/A
CodeThat ShoppingCart 1.3.1 stores config.ini under the web root, which allows remote attackers to obtain sensitive information via a direct request.
CVE-2006-2462 1 Bea 1 Weblogic Server 2026-04-16 N/A
BEA WebLogic Server 8.1 before Service Pack 4 and 7.0 before Service Pack 6, may send sensitive data over non-secure channels when using JTA transactions, which allows remote attackers to read potentially sensitive network traffic.
CVE-2005-2021 1 Cpanel 1 Cpanel 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in cPanel 9.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the user parameter in the login page.
CVE-2004-1571 1 Aj-fork 1 Aj-fork 2026-04-16 N/A
AJ-Fork 167 allows remote attackers to gain sensitive information via a direct request to (1) auto-acronyms.php, (2) auto-archive.php, (3) ount-article-views.php, (4) kses.php, (5) custom-quick-tags.php, (6) disable-all-comments.php, (7) easy-date-format.php, (8) enable-disable-comments.php, (9) filter-by-author.php, (10) format-switcher.php, (11) long-to-short.php, (12) prospective-posting.php, or (13) sort-by-xfield.php, which displays the full path in an error message.
CVE-2005-2232 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in invscout in IBM AIX 5.1.0 through 5.3.0 might allow local users to execute arbitrary code via a long command line argument.
CVE-2005-2236 1 Ibm 1 Aix 2026-04-16 N/A
Format string vulnerability in the paginit command in IBM AIX 5.3, and possibly other versions, might allow local users to execute arbitrary code via format strings in command line arguments.
CVE-2006-2463 1 Out Of The Trees Web Design 1 Selectapix 2026-04-16 N/A
view_album.php in SelectaPix 1.31 and earlier allows remote attackers to obtain the installation path via a certain request, which displays the path in an error message, possibly due to an invalid or missing parameter.
CVE-2005-2799 1 Linksys 1 Wrt54g 2026-04-16 N/A
Buffer overflow in apply.cgi in Linksys WRT54G 3.01.03, 3.03.6, and possibly other versions before 4.20.7, allows remote attackers to execute arbitrary code via a long HTTP POST request.