Search Results (367033 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0281 1 Codeworx Technologies 1 Dcp-portal 2026-04-16 N/A
Cross-site scripting vulnerability in DCP-Portal 4.2 and earlier allows remote attackers to gain privileges of other portal users by providing Javascript in the job information field to user_update.php.
CVE-2002-0279 1 Hp 1 Hp-ux 2026-04-16 N/A
The kernel in HP-UX 11.11 does not properly provide arguments for setrlimit, which could allow local attackers to cause a denial of service (kernel panic) and possibly gain privileges.
CVE-2006-0351 1 Don Moore 1 Mydns 2026-04-16 N/A
Unspecified "critical denial-of-service vulnerability" in MyDNS before 1.1.0 has unknown impact and attack vectors.
CVE-2006-3984 2 Gianluca Baldo, Phpadsnew 2 Phpauction, Phpadsnew 2026-04-16 N/A
PHP remote file inclusion vulnerability in phpAdsNew/view.inc.php in Albasoftware Phpauction 2.1 and possibly later versions, with phpAdsNew 2.0.5, allows remote attackers to execute arbitrary PHP code via a URL in the phpAds_path parameter.
CVE-2002-0273 1 Netwin 1 Cwmail 2026-04-16 N/A
Buffer overflow in CWMail.exe in NetWin before 2.8a allows remote authenticated users to execute arbitrary code via a long item parameter.
CVE-2005-3619 1 Vmware 1 Esx 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the management interface for VMware ESX 2.5.x before 2.5.2 upgrade patch 2, 2.1.x before 2.1.2 upgrade patch 6, and 2.0.x before 2.0.1 upgrade patch 6 allows remote attackers to inject arbitrary web script or HTML via messages that are not sanitized when viewing syslog log files.
CVE-2005-3652 1 Citrix 1 Ica Program Neighborhood Client 2026-04-16 N/A
Heap-based buffer overflow in Citrix Program Neighborhood client 9.0 and earlier allows remote attackers to execute arbitrary code via a long name value in an Application Set response.
CVE-2005-3618 1 Vmware 1 Esx 2026-04-16 N/A
Cross-site request forgery (CSRF) vulnerability in the management interface for VMware ESX Server 2.0.x before 2.0.2 patch 1, 2.1.x before 2.1.3 patch 1, and 2.x before 2.5.3 patch 2 allows allows remote attackers to perform unauthorized actions as the administrator via URLs, as demonstrated using the setUsr operation to change a password. NOTE: this issue can be leveraged with CVE-2005-3619 to automatically perform the attacks.
CVE-2002-0271 1 Ada Core Technologies 1 Gnat Pro Native 2026-04-16 N/A
Runtime library in GNU Ada compiler (GNAT) 3.12p through 3.14p allows local users to modify files of other users via a symlink attack on temporary files.
CVE-2006-3982 1 Knusperleicht 1 Quickie 2026-04-16 N/A
PHP remote file inclusion vulnerability in quickie.php in Knusperleicht Quickie, probably 0.2, allows remote attackers to execute arbitrary PHP code via a URL in the QUICK_PATH parameter.
CVE-2002-0268 1 Identix 1 Biologon 2026-04-16 N/A
Identix BioLogon 3 allows users with physical access to the system to gain administrative privileges by using CTRL-ALT-DEL and running a "Browse" function, which runs Explorer with SYSTEM privileges.
CVE-2005-3596 1 Iisworks 1 Aspknowledgebase 2026-04-16 N/A
SQL injection vulnerability in ASPKnowledgebase allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username and (2) password fields in adminlogin.asp.
CVE-2005-3595 1 Microsoft 1 Windows Xp 2026-04-16 N/A
By default Microsoft Windows XP Home Edition installs with a blank password for the Administrator account, which allows remote attackers to gain control of the computer.
CVE-2002-0264 1 Cooolsoft 1 Powerftp 2026-04-16 N/A
PowerFTP Personal FTP Server 2.03 through 2.10 stores sensitive account information in plaintext in the ftpserver.ini file, which allows attackers with access to the file to gain privileges.
CVE-2006-3980 1 Mambo 1 Mambo Gallery Manager 2026-04-16 N/A
PHP remote file inclusion vulnerability in administrator/components/com_mgm/help.mgm.php in Mambo Gallery Manager (MGM) 0.95r2 and earlier for Mambo 4.5 allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVE-2005-3681 1 Xoops 1 Wf-downloads 2026-04-16 N/A
SQL injection vulnerability in viewcat.php in XOOPS WF-Downloads module 2.05 allows remote attackers to execute arbitrary SQL commands via the list parameter.
CVE-2002-0263 1 Ezne.net 1 Ezboard 2000 2026-04-16 N/A
Buffer overflow in EasyBoard 2000 1.27 (aka EZboard) allows remote attackers to execute arbitrary code via a long boundary value in a multipart Content-Type header to (1) ezboard.cgi, (2) ezman.cgi, or (3) ezadmin.cgi.
CVE-2005-3567 1 Ibm 1 Tivoli Directory Server 2026-04-16 N/A
slapd daemon in IBM Tivoli Directory Server (ITDS) 5.2.0 and 6.0.0 binds using SASL EXTERNAL, which allows attackers to bypass authentication and modify and delete directory data via unknown attack vectors.
CVE-2005-3441 1 Oracle 1 Database Server 2026-04-16 N/A
Unspecified vulnerability in Intelligent Agent in Oracle Database Server 9i up to 9.0.1.5 has unknown impact and attack vectors, aka Oracle Vuln# DB14.
CVE-2002-0210 1 Tolis Group 1 Bru 2026-04-16 N/A
setlicense for TOLIS Group Backup and Restore Utility (BRU) 17.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/brutest.$$ temporary file.