Export limit exceeded: 29880 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29880 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-0804 | 4 Debian, Linux, Redhat and 1 more | 4 Debian Linux, Linux Kernel, Linux and 1 more | 2025-04-03 | N/A |
| Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths. | ||||
| CVE-2005-4157 | 1 Kerio | 1 Winroute Firewall | 2025-04-03 | N/A |
| Unspecified vulnerability in Kerio WinRoute Firewall before 6.1.3 allows remote attackers to authenticate to the service using an account that has been disabled. | ||||
| CVE-2005-4159 | 1 Simple Machines | 1 Simple Machines Forum | 2025-04-03 | N/A |
| NOTE: this issue has been disputed by the vendor and third parties. SQL injection vulnerability in Memberlist.php in Simple Machines Forum (SMF) 1.1 rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the start parameter. NOTE: the vendor says that since only one character can be modified, there is no SQL injection. Thus this might be an "invalid SQL syntax error." Multiple followups support the vendor | ||||
| CVE-1999-1184 | 1 Elm Development Group | 1 Elm | 2025-04-03 | N/A |
| Buffer overflow in Elm 2.4 and earlier allows local users to gain privileges via a long TERM environmental variable. | ||||
| CVE-2001-1078 | 1 Extremail | 1 Extremail | 2025-04-03 | N/A |
| Format string vulnerability in flog function of eXtremail 1.1.9 and earlier allows remote attackers to gain root privileges via format specifiers in the SMTP commands (1) HELO, (2) EHLO, (3) MAIL FROM, or (4) RCPT TO, and the POP3 commands (5) USER and (6) other commands that can be executed after POP3 authentication. | ||||
| CVE-2005-4258 | 1 Cisco | 71 Catalyst, Catalyst 1200 Series, Catalyst 1900 Series and 68 more | 2025-04-03 | N/A |
| Unspecified Cisco Catalyst Switches allow remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LanD). NOTE: the provenance of this issue is unknown; the details are obtained solely from the BID. | ||||
| CVE-2005-4259 | 1 Aspbb | 1 Aspbb | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in ASPBB 0.4 allow remote attackers to execute arbitrary SQL commands via the (1) TID parameter in topic.asp, (2) FORUM_ID parameter in forum.asp, and (3) PROFILE_ID parameter in profile.asp. NOTE: the provenance of this issue is unknown; the details are obtained solely from the BID. | ||||
| CVE-2005-4270 | 1 Watchfire | 1 Appscan Qa | 2025-04-03 | N/A |
| Buffer overflow in Watchfire AppScan QA 5.0.609 and 5.0.134 allows remote web servers to execute arbitrary code via an HTTP 401 response with a WWW-Authenticate header containing a long Realm field. | ||||
| CVE-2005-4277 | 1 Toenda Software Development | 1 Toendacms | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in toendaCMS before 0.7 Beta allows remote attackers to inject arbitrary web script or HTML via the id parameter. | ||||
| CVE-2005-4282 | 1 Zaygo | 1 Domaincart | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Zaygo DomainCart 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML, possibly via the root parameter to zaygo.cgi. | ||||
| CVE-2005-4285 | 1 Dick Copits | 1 Pdestore | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in pdestore.cgi in Dick Copits PDEstore 1.8 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) the search module parameter or the (2) product and (3) cart_id parameters. | ||||
| CVE-2005-4301 | 1 Phpxplorer | 1 Phpxplorer | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in phpXplorer 0.9.12 and earlier allows remote attackers to inject arbitrary web script or HTML via the address bar field. | ||||
| CVE-2005-4307 | 1 Jonathan Bravata | 1 Scarecrow | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in ScareCrow 2.13 and earlier allows remote attackers to inject arbitrary web script or HTML via the forum parameter to (1) forum.cgi and (2) post.cgi, or (3) the user parameter to profile.cgi. | ||||
| CVE-2005-4374 | 1 Allinta | 1 Allinta | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Allinta 2.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) s parameter to faq.asp and (2) searchQuery parameter to search.asp. | ||||
| CVE-2005-4375 | 1 Box Uk | 1 Amaxus | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Amaxus 3 and earlier allows remote attackers to inject arbitrary web script or HTML via the change parameter. NOTE: it is possible that this is resultant from CVE-2005-4376. | ||||
| CVE-2005-4385 | 1 Cofax | 1 Cofax | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in search.htm in Cofax 2.0 RC3 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchstring parameter. | ||||
| CVE-2005-4390 | 1 Contentserv | 1 Contentserv | 2025-04-03 | N/A |
| SQL injection vulnerability in index.php in ContentServ 3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the StoryID parameter. | ||||
| CVE-2005-4413 | 1 Ibm | 1 Websphere Application Server | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in sample scripts in IBM WebSphere Application Server 6 allow remote attackers to inject arbitrary web script or HTML via the (1) E-mail address field to (a) PlantsByWebSphere/login.jsp, (2) message field to (b) TechnologySample/BulletinBoard Script, (3) Email address field to (c) TechnologySamples/Subscription, and the (4) Movie Name, (5) Movie Reviewer, and (6) Movie Review fields to (d) TechnologySamples/MovieReview2_1. | ||||
| CVE-2000-0968 | 1 Valve Software | 1 Half-life Dedicated Server | 2025-04-03 | N/A |
| Buffer overflow in Half Life dedicated server before build 3104 allows remote attackers to execute arbitrary commands via a long rcon command. | ||||
| CVE-2002-0784 | 1 Lysias | 1 Lidik Webserver | 2025-04-03 | N/A |
| Directory traversal vulnerability in Lysias Lidik web server 0.7b allows remote attackers to list directories via an HTTP request with a ... (modified dot dot). | ||||