Export limit exceeded: 344908 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344908 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-0935 | 1 Samba | 1 Samba | 2026-04-16 | N/A |
| Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows local users to overwrite arbitrary files via a symlink attack on the cgi.log file. | ||||
| CVE-2000-0938 | 1 Samba | 1 Samba | 2026-04-16 | N/A |
| Samba Web Administration Tool (SWAT) in Samba 2.0.7 supplies a different error message when a valid username is provided versus an invalid name, which allows remote attackers to identify valid users on the server. | ||||
| CVE-2002-0251 | 1 Licq | 1 Licq | 2026-04-16 | N/A |
| Buffer overflow in licq 1.0.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string of format string characters such as "%d". | ||||
| CVE-2004-0598 | 2 Greg Roelofs, Redhat | 2 Libpng, Enterprise Linux | 2026-04-16 | N/A |
| The png_handle_iCCP function in libpng 1.2.5 and earlier allows remote attackers to cause a denial of service (application crash) via a certain PNG image that triggers a null dereference. | ||||
| CVE-2000-0939 | 1 Samba | 1 Samba | 2026-04-16 | N/A |
| Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows remote attackers to cause a denial of service by repeatedly submitting a nonstandard URL in the GET HTTP request and forcing it to restart. | ||||
| CVE-2005-1596 | 1 Fusion | 1 Sbx | 2026-04-16 | N/A |
| index.php in Fusion SBX 1.2 and earlier does not properly use the extract function, which allows remote attackers to bypass authentication by setting the is_logged parameter or execute arbitrary code via the maxname2 parameter. | ||||
| CVE-2000-0940 | 1 Metertek | 1 Pagelog.cgi | 2026-04-16 | N/A |
| Directory traversal vulnerability in Metertek pagelog.cgi allows remote attackers to read arbitrary files via a .. (dot dot) attack on the "name" or "display" parameter. | ||||
| CVE-2002-0252 | 1 Apple | 1 Quicktime | 2026-04-16 | N/A |
| Buffer overflow in Apple QuickTime Player 5.01 and 5.02 allows remote web servers to execute arbitrary code via a response containing a long Content-Type MIME header. | ||||
| CVE-2000-0941 | 1 Kootenay Web Inc | 1 Kootenay Web Inc Whois | 2026-04-16 | N/A |
| Kootenay Web KW Whois 1.0 CGI program allows remote attackers to execute arbitrary commands via shell metacharacters in the "whois" parameter. | ||||
| CVE-2002-0253 | 1 Php | 1 Php | 2026-04-16 | N/A |
| PHP, when not configured with the "display_errors = Off" setting in php.ini, allows remote attackers to obtain the physical path for an include file via a trailing slash in a request to a directly accessible PHP program, which modifies the base path, causes the include directive to fail, and produces an error message that contains the path. | ||||
| CVE-2000-0942 | 1 Microsoft | 1 Indexing Service | 2026-04-16 | N/A |
| The CiWebHitsFile component in Microsoft Indexing Services for Windows 2000 allows remote attackers to conduct a cross site scripting (CSS) attack via a CiRestriction parameter in a .htw request, aka the "Indexing Services Cross Site Scripting" vulnerability. | ||||
| CVE-2000-0943 | 1 Max-wilhelm Bruker | 1 Bftpd | 2026-04-16 | N/A |
| Buffer overflow in bftp daemon (bftpd) 1.0.11 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long USER command. | ||||
| CVE-2002-0254 | 1 Mirabilis | 1 Icq | 2026-04-16 | N/A |
| ICQ 2001b Build 3659 allows remote attackers to cause a denial of service (crash) via a malformed picture that contains large height and width values, which causes the crash when viewed in Userdetails. | ||||
| CVE-2002-0256 | 1 Arescom | 1 Netdsl | 2026-04-16 | N/A |
| The telnet port in Arescom NetDSL 1000 router allows remote attackers to cause a denial of service via a series of connections with long strings, which causes a large number of login failures and causes the telnet service to stop. | ||||
| CVE-2000-0944 | 1 Cgi | 1 Script Center News Update | 2026-04-16 | 9.8 Critical |
| CGI Script Center News Update 1.1 does not properly validate the original news administration password during a password change operation, which allows remote attackers to modify the password without knowing the original password. | ||||
| CVE-2002-0257 | 2 Apache, Usanet Creations | 2 Http Server, Makebid Auction Deluxe | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in auction.pl of MakeBid Auction Deluxe 3.30 allows remote attackers to obtain information from other users via the form fields (1) TITLE, (2) DESCTIT, (3) DESC, (4) searchstring, (5) ALIAS, (6) EMAIL, (7) ADDRESS1, (8) ADDRESS2, (9) ADDRESS3, (10) PHONE1, (11) PHONE2, (12) PHONE3, or (13) PHONE4. | ||||
| CVE-2000-0946 | 1 Compaq | 1 Easy Access Keyboard Software | 2026-04-16 | N/A |
| Compaq Easy Access Keyboard software 1.3 does not properly disable access to custom buttons when the screen is locked, which could allow an attacker to gain privileges or execute programs without authorization. | ||||
| CVE-2005-1617 | 1 Willings | 2 Webcam, Webcam Lite | 2026-04-16 | N/A |
| Willings WebCam and WebCam Lite 2.8 and earlier stores the password in memory in plaintext, which allows local users to gain sensitive information. | ||||
| CVE-2006-1987 | 1 Apple | 1 Safari | 2026-04-16 | N/A |
| Apple Safari 2.0.3 allows remote attackers to cause a denial of service and possibly execute code via an invalid FRAME tag, possibly due to (1) multiple SCROLLING attributes with no values, or (2) a SRC attribute with no value. NOTE: due to lack of diagnosis by the researcher, it is unclear which vector is responsible. | ||||
| CVE-2000-0947 | 1 Gnu | 1 Cfengine | 2026-04-16 | N/A |
| Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0a11 allows attackers to execute arbitrary commands via format characters in the CAUTH command. | ||||