Export limit exceeded: 364200 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (6039 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0417 6 Cvs, Gentoo, Openbsd and 3 more 6 Cvs, Linux, Openbsd and 3 more 2026-04-16 N/A
Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space.
CVE-2002-0060 2 Linux, Redhat 2 Linux Kernel, Linux 2026-04-16 N/A
IRC connection tracking helper module in the netfilter subsystem for Linux 2.4.18-pre9 and earlier does not properly set the mask for conntrack expectations for incoming DCC connections, which could allow remote attackers to bypass intended firewall restrictions.
CVE-1999-0297 5 Bsdi, Freebsd, Netbsd and 2 more 5 Bsd Os, Freebsd, Netbsd and 2 more 2026-04-16 N/A
Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable.
CVE-2004-0409 2 Redhat, Xchat 3 Enterprise Linux, Linux, Xchat 2026-04-16 N/A
Stack-based buffer overflow in the Socks-5 proxy code for XChat 1.8.0 to 2.0.8, with socks5 traversal enabled, allows remote attackers to execute arbitrary code.
CVE-2004-0418 6 Cvs, Gentoo, Openbsd and 3 more 6 Cvs, Linux, Openbsd and 3 more 2026-04-16 N/A
serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data.
CVE-2002-0059 2 Redhat, Zlib 3 Linux, Powertools, Zlib 2026-04-16 9.8 Critical
The decompression algorithm in zlib 1.1.3 and earlier, as used in many different utilities and packages, causes inflateEnd to release certain memory more than once (a "double free"), which may allow local and remote attackers to execute arbitrary code via a block of malformed compression data.
CVE-2002-0046 2 Linux, Redhat 2 Linux Kernel, Linux 2026-04-16 N/A
Linux kernel, and possibly other operating systems, allows remote attackers to read portions of memory via a series of fragmented ICMP packets that generate an ICMP TTL Exceeded response, which includes portions of the memory in the response packet.
CVE-2003-0370 4 Apple, Kde, Redhat and 1 more 7 Safari, Kde, Konqueror Embedded and 4 more 2026-04-16 N/A
Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack.
CVE-2002-0036 2 Mit, Redhat 3 Kerberos 5, Enterprise Linux, Linux 2026-04-16 N/A
Integer signedness error in MIT Kerberos V5 ASN.1 decoder before krb5 1.2.5 allows remote attackers to cause a denial of service via a large unsigned data element length, which is later used as a negative value.
CVE-2002-0014 2 Redhat, University Of Washington 2 Linux, Pine 2026-04-16 N/A
URL-handling code in Pine 4.43 and earlier allows remote attackers to execute arbitrary commands via a URL enclosed in single quotes and containing shell metacharacters (&).
CVE-2005-0977 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The shmem_nopage function in shmem.c for the tmpfs driver in Linux kernel 2.6 does not properly verify the address argument, which allows local users to cause a denial of service (kernel crash) via an invalid address.
CVE-2003-0020 2 Apache, Redhat 5 Http Server, Enterprise Linux, Linux and 2 more 2026-04-16 N/A
Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.
CVE-2002-0013 2 Redhat, Snmp 3 Linux, Powertools, Snmp 2026-04-16 N/A
Vulnerabilities in the SNMPv1 request handling of a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via (1) GetRequest, (2) GetNextRequest, and (3) SetRequest messages, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available.
CVE-2002-0012 2 Redhat, Snmp 3 Linux, Powertools, Snmp 2026-04-16 N/A
Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available.
CVE-1999-1542 1 Redhat 1 Linux 2026-04-16 N/A
RPMMail before 1.4 allows remote attackers to execute commands via an e-mail message with shell metacharacters in the "MAIL FROM" command.
CVE-2002-0003 2 Gnu, Redhat 2 Groff, Linux 2026-04-16 N/A
Buffer overflow in the preprocessor in groff 1.16 and earlier allows remote attackers to gain privileges via lpd in the LPRng printing system.
CVE-2004-0233 4 Redhat, Sgi, Slackware and 1 more 5 Enterprise Linux, Linux, Propack and 2 more 2026-04-16 N/A
Utempter allows device names that contain .. (dot dot) directory traversal sequences, which allows local users to overwrite arbitrary files via a symlink attack on device names in combination with an application that trusts the utmp or wtmp files.
CVE-2002-0002 4 Engardelinux, Mandrakesoft, Redhat and 1 more 4 Secure Linux, Mandrake Linux, Linux and 1 more 2026-04-16 N/A
Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code.
CVE-2004-0226 5 Gentoo, Midnight Commander, Redhat and 2 more 6 Linux, Midnight Commander, Enterprise Linux and 3 more 2026-04-16 N/A
Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.
CVE-2004-0191 2 Mozilla, Redhat 3 Mozilla, Enterprise Linux, Linux 2026-04-16 N/A
Mozilla before 1.4.2 executes Javascript events in the context of a new page while it is being loaded, allowing it to interact with the previous page (zombie document) and enable cross-domain and cross-site scripting (XSS) attacks, as demonstrated using onmousemove events.