Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1030 1 Bea 1 Weblogic Server 2026-04-16 N/A
Race condition in Performance Pack in BEA WebLogic Server and Express 5.1.x, 6.0.x, 6.1.x and 7.0 allows remote attackers to cause a denial of service (crash) via a flood of data and connections.
CVE-2005-0882 1 Birdblog 1 Birdblog 2026-04-16 N/A
SQL injection vulnerability in admincore.php in BirdBlog before 1.2.0 allows remote attackers to execute arbitrary SQL commands via the (1) userid or (2) userpw parameters.
CVE-2006-4917 1 Pt News 1 Pt News 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in search.php in PT News 1.7.8 allows remote attackers to inject arbitrary web script or HTML via the pgname parameter.
CVE-2005-0892 1 Smail 1 Smail 2026-04-16 N/A
Buffer overflow in smail 3.2.0.120 allows remote attackers or local users to execute arbitrary code via a long string in the MAIL FROM command and possibly other SMTP commands.
CVE-2002-1022 1 Working Resources Inc. 1 Badblue 2026-04-16 N/A
BadBlue server stores passwords in plaintext in the ext.ini file, which could allow local and possibly remote attackers to gain privileges.
CVE-2005-0933 1 Coinsoft Technologies 1 Phpcoin 2026-04-16 N/A
Directory traversal vulnerability in auxpage.php for phpCOIN 1.2.1b and earlier allows remote attackers to read arbitrary files via the page parameter.
CVE-2002-1025 1 Macromedia 1 Jrun 2026-04-16 N/A
JRun 3.0 through 4.0 allows remote attackers to read JSP source code via an encoded null byte in an HTTP GET request, which causes the server to send the .JSP file unparsed.
CVE-2005-0993 1 Sco 1 Openserver 2026-04-16 N/A
Buffer overflow in nwprint in SCO OpenServer 5.0.7 allows local users to execute arbitrary code via a long command line argument.
CVE-2006-4947 1 Drupal 1 Search Keyword Module 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the Drupal 4.7 Search Keywords module before 1.15 2006/09/15 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "lack of validation on output."
CVE-2006-2586 1 Iplogger 1 Iplogger 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in IpLogger 1.7 and earlier allows remote attackers to inject arbitrary HTML or web script via the HTTP_REFERER header in an HTTP request.
CVE-2005-0971 1 Apple 1 Mac Os X 2026-04-16 N/A
Stack-based buffer overflow in the semop system call in Mac OS X 10.3.9 and earlier allows local users to gain privileges via crafted arguments.
CVE-2005-0973 1 Apple 1 Mac Os X 2026-04-16 N/A
Unknown vulnerability in the setsockopt system call in Mac OS X 10.3.9 and earlier allows local users to cause a denial of service (memory exhaustion) via crafted arguments.
CVE-2002-1031 1 Key Focus 1 Kf Web Server 2026-04-16 N/A
KeyFocus (KF) web server 1.0.2 allows remote attackers to list directories and read restricted files via an HTTP request containing a %00 (null) character.
CVE-2002-1032 1 Key Focus 1 Kf Web Server 2026-04-16 N/A
Buffer overflow in KeyFocus (KF) web server 1.0.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed HTTP header.
CVE-2002-1040 1 Ibm 1 Aix 2026-04-16 N/A
Unknown vulnerability in the WebSecure (DFSWeb) configuration utilities in AIX 4.x, possibly related to relative pathnames.
CVE-2002-1041 1 Ibm 1 Aix 2026-04-16 N/A
Unknown vulnerability in DCE (1) SMIT panels and (2) configuration commands, possibly related to relative pathnames.
CVE-2002-1042 2 Netscape, Sun 4 Enterprise Server, Iplanet Web Server, One Application Server and 1 more 2026-04-16 N/A
Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the NS-query-pat parameter.
CVE-2002-1121 4 Gfi, Network Associates, Roaring Penguin and 1 more 5 Mailsecurity, Webshield Smtp, Canit and 2 more 2026-04-16 N/A
SMTP content filter engines, including (1) GFI MailSecurity for Exchange/SMTP before 7.2, (2) InterScan VirusWall before 3.52 build 1494, (3) the default configuration of MIMEDefang before 2.21, and possibly other products, do not detect fragmented emails as defined in RFC2046 ("Message Fragmentation and Reassembly") and supported in such products as Outlook Express, which allows remote attackers to bypass content filtering, including virus checking, via fragmented emails of the message/partial content type.
CVE-2002-1122 1 Iss 1 Internet Scanner 2026-04-16 N/A
Buffer overflow in the parsing mechanism for ISS Internet Scanner 6.2.1, when using the license banner HTTP check, allows remote attackers to execute arbitrary code via a long web server response.
CVE-2002-1131 2 Redhat, Squirrelmail 2 Linux, Squirrelmail 2026-04-16 N/A
Cross-site scripting vulnerabilities in SquirrelMail 1.2.7 and earlier allows remote attackers to execute script as other web users via (1) addressbook.php, (2) options.php, (3) search.php, or (4) help.php.