Export limit exceeded: 348713 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29909 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29909 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1225 | 1 Sugarcrm | 1 Sugarcrm | 2026-04-16 | N/A |
| SQL injection vulnerability in SugarCRM Sugar Sales before 2.0.1a allows remote attackers to execute arbitrary SQL commands and gain privileges via the record parameter in a DetailView action to index.php, and record parameters in other functionality. | ||||
| CVE-2004-1226 | 1 Sugarcrm | 1 Sugarcrm | 2026-04-16 | N/A |
| SugarCRM Sugar Sales 2.0.1c and earlier allows remote attackers to gain sensitive information via certain requests to scripts that contain invalid input, which reveals the path in an error message, as demonstrated using phprint.php with an empty module parameter. | ||||
| CVE-2006-2406 | 1 Unclassified Newsboard | 1 Unclassified Newsboard | 2026-04-16 | N/A |
| Directory traversal vulnerability in bb_lib/abbc.css.php in Unclassified NewsBoard (UNB) 1.5.3-d and possibly earlier versions, when register_globals is enabled, allows remote attackers to include arbitrary files via .. (dot dot) sequences and a trailing null byte (%00) in the design_path parameter. NOTE: this is closely related, but a different vulnerability than the ABBC[Config][smileset] parameter. | ||||
| CVE-2006-1046 | 1 Monopd | 1 Monopd | 2026-04-16 | N/A |
| server.cpp in Monopd 0.9.3 allows remote attackers to cause a denial of service (CPU and memory consumption) via a string containing a large number of characters that are escaped when Monopd produces XML output. | ||||
| CVE-2006-2402 | 1 Outgun | 1 Outgun | 2026-04-16 | N/A |
| Buffer overflow in the changeRegistration function in servernet.cpp for Outgun 1.0.3 bot 2 and earlier allows remote attackers to change the registration information of other players via a long string. | ||||
| CVE-2004-1227 | 1 Sugarcrm | 1 Sugar Sales | 2026-04-16 | N/A |
| Directory traversal vulnerability in SugarCRM Sugar Sales 2.0.1c and earlier allows remote attackers to read arbitrary files and possibly execute arbitrary PHP code via .. (dot dot) sequences in the (1) module, (2) action, or (3) theme parameters to index.php, (4) the theme parameter to Login.php, and possibly other parameters or scripts. | ||||
| CVE-2004-1229 | 1 Gadu-gadu | 1 Gadu-gadu Instant Messenger | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in the parser for Gadu-Gadu allows remote attackers to inject arbitrary web script or HTML via (1) http:// or (2) news:// URLs, a different vulnerability than CVE-2004-1410. | ||||
| CVE-2002-0082 | 3 Apache-ssl, Mod Ssl, Redhat | 5 Apache-ssl, Mod Ssl, Linux and 2 more | 2026-04-16 | N/A |
| The dbm and shm session cache code in mod_ssl before 2.8.7-1.3.23, and Apache-SSL before 1.3.22+1.46, does not properly initialize memory using the i2d_SSL_SESSION function, which allows remote attackers to use a buffer overflow to execute arbitrary code via a large client certificate that is signed by a trusted Certificate Authority (CA), which produces a large serialized session. | ||||
| CVE-2004-1255 | 1 2fax | 1 2fax | 2026-04-16 | N/A |
| Buffer overflow in the expandtabs function in 2fax 3.04 allows remote attackers to execute arbitrary code via a text file that is converted to TIFF. | ||||
| CVE-2004-1256 | 1 Abcmidi | 1 Abcmidi | 2026-04-16 | N/A |
| Multiple buffer overflows in the (1) event_text and (2) event_specific functions in abc2midi 2004.12.04 allow remote attackers to execute arbitrary code via crafted ABC files. | ||||
| CVE-2004-1257 | 1 Abc2mtex | 1 Abc2mtex | 2026-04-16 | N/A |
| Buffer overflow in the process_abc function in abc.c for abc2mtex 1.6.1 allows remote attackers to execute arbitrary code via crafted ABC files. | ||||
| CVE-2006-0986 | 1 Wordpress | 1 Wordpress | 2026-04-16 | N/A |
| WordPress 2.0.1 and earlier allows remote attackers to obtain sensitive information via a direct request to (1) default-filters.php, (2) template-loader.php, (3) rss-functions.php, (4) locale.php, (5) wp-db.php, and (6) kses.php in the wp-includes/ directory; and (7) edit-form-advanced.php, (8) admin-functions.php, (9) edit-link-form.php, (10) edit-page-form.php, (11) admin-footer.php, and (12) menu.php in the wp-admin directory; and possibly (13) list directory contents of the wp-includes directory. NOTE: the vars.php, edit-form.php, wp-settings.php, and edit-form-comment.php vectors are already covered by CVE-2005-4463. The menu-header.php vector is already covered by CVE-2005-2110. Other vectors might be covered by CVE-2005-1688. NOTE: if the typical installation of WordPress does not list any site-specific files to wp-includes, then vector [13] is not an exposure. | ||||
| CVE-2006-2310 | 1 New Atlanta Communications | 2 Bluedragon Server, Bluedragon Server Jx | 2026-04-16 | N/A |
| BlueDragon Server and Server JX 6.2.1.286 for Windows allows remote attackers to cause a denial of service (hang) via a request for a .cfm file whose name contains an MS-DOS device name such as (1) con, (2) aux, (3) com1, and (4) com2. | ||||
| CVE-2004-1259 | 1 Abcpp | 1 Abcpp | 2026-04-16 | N/A |
| Multiple buffer overflows in the handle_directive function in abcpp.c for abcpp 1.3.0 allow remote attackers to execute arbitrary code via crafted ABC files. | ||||
| CVE-2005-1200 | 1 Azbb | 1 Az Bulletin Board | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in main_index.php in AZ Bulletin Board (AZbb) 1.0.07a through 1.0.07c allows remote attackers to execute arbitrary PHP code by modifying the (1) dir_src or (2) abs_layer parameter to reference a URL on a remote web server that contains the code. | ||||
| CVE-2006-1960 | 1 Cisco | 1 Wireless Lan Solution Engine | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the appliance web user interface in Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express before 2.13 allows remote attackers to inject arbitrary web script or HTML, possibly via the displayMsg parameter to archiveApplyDisplay.jsp, aka bug ID CSCsc01095. | ||||
| CVE-2004-1260 | 1 Abctab2ps | 1 Abctab2ps | 2026-04-16 | N/A |
| Multiple buffer overflows in the (1) write_heading function in subs.cpp or (2) trim_title function in parse.cpp for abctab2ps 1.6.3 allow remote attackers to execute arbitrary code via crafted ABC files. | ||||
| CVE-2004-1261 | 1 Asp2php | 1 Asp2php | 2026-04-16 | N/A |
| Multiple buffer overflows in the preparse function in asp2php 0.76.23 allow remote attackers to execute arbitrary code via crafted ASP scripts. | ||||
| CVE-2006-2308 | 1 Etype | 1 Eserv | 2026-04-16 | N/A |
| Directory traversal vulnerability in the IMAP service in EServ/3 3.25 allows remote authenticated users to read other user's email messages, create/rename arbitrary directories on the system, and delete empty directories via directory traversal sequences in the (1) CREATE, (2) SELECT, (3) DELETE, (4) RENAME, (5) COPY or (6) APPEND commands. | ||||
| CVE-2004-1262 | 1 Stuart Cunningham | 1 Bsb2ppm | 2026-04-16 | N/A |
| Buffer overflow in the bsb_open_header function in libbsb for bsb2ppm 0.0.6 allows remote attackers to execute arbitrary code via crafted BSB pictures. | ||||