Search Results (363015 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0357 1 Seattle Lab Software 1 Slmail Pro 2026-04-16 N/A
Stack-based buffer overflows in SL Mail Pro 2.0.9 allow remote attackers to execute arbitrary code via (1) user.dll, (2) loadpageadmin.dll or (3) loadpageuser.dll.
CVE-2004-2072 1 Mambo 1 Mambo Open Source 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php for Mambo Open Source 4.6, and possibly earlier versions, allows remote attackers to execute script on other clients via the Itemid parameter.
CVE-2005-2232 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in invscout in IBM AIX 5.1.0 through 5.3.0 might allow local users to execute arbitrary code via a long command line argument.
CVE-2004-0358 1 Virtuasystems 1 Virtuanews Pro 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in VirtuaNews Admin Panel Pro 1.0.3 allows remote attackers to execute arbitrary script as other users via (1) the mainnews parameter in admin.php, (2) the expand parameter in admin.php, (3) the id parameter in admin.php, (4) the catid parameter in admin.php, or (5) an unnamed parameter during the newslogo_upload action in admin.php.
CVE-2004-0360 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Unknown vulnerability in passwd(1) in Solaris 8.0 and 9.0 allows local users to gain privileges via unknown attack vectors.
CVE-2004-0364 1 Symantec 1 Norton Internet Security 2026-04-16 N/A
The WrapNISUM ActiveX component (WrapUM.dll) in Norton Internet Security 2004 is marked safe for scripting, which allows remote attackers to execute arbitrary programs via the LaunchURL method.
CVE-2004-2340 1 Even Balance 1 Punkbuster Database 2026-04-16 N/A
** UNVERIFIABLE ** SQL injection vulnerability in PunkBuster Screenshot Database (PB-DB) Alpha 6 allows remote attackers to execute arbitrary SQL commands via the username and password fields of the login form. NOTE: the original vulnerability report contains several significant inconsistencies that make it unclear whether the report is accurate, including (1) PB-DB is really the "PunkBuster Screenshot Database" and not "PunkBuster" itself; (2) there is no apparent association between PunkBuster and "Punky Brewster"; (3) the claimed source code is not anywhere in Alpha 6.
CVE-2005-2234 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in the getlvname command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long command line arguments.
CVE-2004-0366 1 Pam-pgsql 1 Pam-pgsql 2026-04-16 N/A
SQL injection vulnerability in the libpam-pgsql library before 0.5.2 allows attackers to execute arbitrary SQL statements.
CVE-2005-2236 1 Ibm 1 Aix 2026-04-16 N/A
Format string vulnerability in the paginit command in IBM AIX 5.3, and possibly other versions, might allow local users to execute arbitrary code via format strings in command line arguments.
CVE-2004-0372 1 Xine 1 Xine 2026-04-16 N/A
xine allows local users to overwrite arbitrary files via a symlink attack on a bug report email that is generated by the (1) xine-bugreport or (2) xine-check scripts.
CVE-2004-0375 1 Symantec 4 Client Firewall, Client Security, Norton Internet Security and 1 more 2026-04-16 N/A
SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton Personal Firewall 2003 and 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 and 1.1 allow remote attackers to cause a denial of service (infinite loop) via a TCP packet with (1) SACK option or (2) Alternate Checksum Data option followed by a length of zero.
CVE-2004-0376 1 Oftpd 1 Oftpd 2026-04-16 N/A
oftpd 0.3.6 and earlier allows remote attackers to cause a denial of service (crash) via a PORT command with a large value.
CVE-2004-0377 2 Activestate, Larry Wall 2 Activeperl, Perl 2026-04-16 N/A
Buffer overflow in the win32_stat function for (1) ActiveState's ActivePerl and (2) Larry Wall's Perl before 5.8.3 allows local or remote attackers to execute arbitrary commands via filenames that end in a backslash character.
CVE-2005-2246 1 Iphotoalbum 1 Iphotoalbum 2026-04-16 N/A
Multiple PHP remote file inclusion vulnerabilities in iPhotoAlbum 1.1 allow remote attackers to execute arbitrary code via the (1) doc_path parameter to getpage.php or (2) set_menu parameter to lib/static/header.php.
CVE-2003-0433 1 Gnocatan-develop 1 Gnocatan 2026-04-16 N/A
Multiple buffer overflows in gnocatan 0.6.1 and earlier allow attackers to execute arbitrary code.
CVE-2004-0379 1 Microsoft 1 Sharepoint Portal Server 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Microsoft SharePoint Portal Server 2001 allow remote attackers to process arbitrary web content and steal cookies via certain server scripts.
CVE-2004-0386 3 Gentoo, Mandrakesoft, Mplayer 3 Linux, Mandrake Linux, Mplayer 2026-04-16 N/A
Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote attackers to execute arbitrary code via a long Location header.
CVE-2004-1304 3 File, Gentoo, Trustix 3 File, Linux, Secure Linux 2026-04-16 N/A
Stack-based buffer overflow in the ELF header parsing code in file before 4.12 allows attackers to execute arbitrary code via a crafted ELF file.
CVE-2005-2249 1 Jinzora 1 Jinzora 2026-04-16 N/A
Multiple unknown vulnerabilities in Jinzora 2.0.1 have unknown impact and attack vectors, possibly involving a PHP file inclusion vulnerability.