Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-1457 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Safari on Apple Mac OS X 10.4.6, when "Open `safe' files after downloading" is enabled, will automatically expand archives, which could allow remote attackers to overwrite arbitrary files via an archive that contains a symlink.
CVE-2006-2550 1 Perlpodder 1 Perlpodder 2026-04-16 N/A
perlpodder before 0.5 allows remote attackers to execute arbitrary code via shell metacharacters in the URL of a podcast, which are executed when saving the URL to a log file. NOTE: the wget vector is already covered by CVE-2006-2548.
CVE-2000-0801 1 Hp 1 Hp-ux 2026-04-16 N/A
Buffer overflow in bdf program in HP-UX 11.00 may allow local users to gain root privileges via a long -t option.
CVE-2002-0998 1 Care 2002 1 Care 2002 2026-04-16 N/A
Directory traversal vulnerability in cafenews.php for CARE 2002 before beta 1.0.02 allows remote attackers to read arbitrary files via .. (dot dot) sequences and null characters in the lang parameter, which is processed by a call to the include function.
CVE-2006-1466 1 Apple 2 Mac Os X, Xcode 2026-04-16 N/A
Xcode Tools before 2.3 for Mac OS X 10.4, when running the WebObjects plugin, allows remote attackers to access or modify WebObjects projects through a network service.
CVE-2006-1505 1 Basic Analysis And Security Engine 1 Base 2026-04-16 N/A
base_maintenance.php in Basic Analysis and Security Engine (BASE) before 1.2.4 (melissa), when running in standalone mode, allows remote attackers to bypass authentication, possibly by setting the standalone parameter to "yes".
CVE-2004-1219 1 Php Arena 1 Pafiledb 2026-04-16 N/A
paFileDB 3.1, when using sessions authentication and while the administrator logs on, allows remote attackers to read the administrator's password hash and conduct brute force password guessing attacks by listing the contents of the sessions directory and reading the associated file for the administrator session.
CVE-2005-1349 1 Perl 1 Convert Uulib 2026-04-16 N/A
Buffer overflow in Convert-UUlib (Convert::UUlib) before 1.051 allows remote attackers to execute arbitrary code via a malformed parameter to a read operation.
CVE-2005-1353 1 Forum.pl 1 Forum.pl 2026-04-16 N/A
The forum.pl script allows remote attackers to read arbitrary files via a full pathname in the argument.
CVE-2004-0680 1 Zoom 1 Model 5560 X3 Ethernet Adsl Modem 2026-04-16 N/A
Zoom X3 ADSL modem has a terminal running on port 254 that can be accessed using the default HTML management password, even if the password has been changed for the HTTP interface, which could allow remote attackers to gain unauthorized access.
CVE-2005-1367 1 Pico Server 1 Pico Server 2026-04-16 N/A
Pico Server (pServ) 3.2 and earlier allows local users to read arbitrary files as the pServ user via a symlink to a file outside of the web document root.
CVE-2004-2137 1 Microsoft 1 Outlook Express 2026-04-16 N/A
Outlook Express 6.0, when sending multipart e-mail messages using the "Break apart messages larger than" setting, leaks the BCC recipients of the message to the addresses listed in the To and CC fields, which may allow remote attackers to obtain sensitive information.
CVE-2005-1369 1 Linux 1 Linux Kernel 2026-04-16 N/A
The (1) it87 and (2) via686a drivers in I2C for Linux 2.6.x before 2.6.11.8, and 2.6.12 before 2.6.12-rc2, create the sysfs "alarms" file with write permissions, which allows local users to cause a denial of service (CPU consumption) by attempting to write to the file, which does not have an associated store function.
CVE-2002-2015 1 Postnuke Software Foundation 1 Postnuke 2026-04-16 N/A
PHP file inclusion vulnerability in user.php in PostNuke 0.703 allows remote attackers to include arbitrary files and possibly execute code via the caselist parameter.
CVE-2002-0656 4 Apple, Openssl, Oracle and 1 more 8 Mac Os X, Openssl, Application Server and 5 more 2026-04-16 N/A
Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in SSL3.
CVE-2005-4419 1 Quicksquare Development 2 Honeycomb Archive, Honeycomb Archive Enterprise 2026-04-16 N/A
Multiple SQL injection vulnerabilities in CategoryResults.cfm in Honeycomb Archive and Honeycomb Archive Enterprise 3.0 allow remote attackers to execute arbitrary SQL commands via the (1) series, (2) cat_parent, (3) cat, and (4) div parameters.
CVE-2005-0686 1 Mlterm 1 Mlterm 2026-04-16 N/A
Integer overflow in mlterm 2.5.0 through 2.9.1, with gdk-pixbuf support enabled, allows remote attackers to execute arbitrary code via a large image file that is used as a background.
CVE-2002-1571 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The linux 2.4 kernel before 2.4.19 assumes that the fninit instruction clears all registers, which could lead to an information leak on processors that do not clear all relevant SSE registers.
CVE-2005-0687 1 Hashcash 1 Hashcash 2026-04-16 N/A
Format string vulnerability in Hashcash 1.16 allows remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via format string specifiers in a reply address, which is not properly handled when printing the header.
CVE-2005-3062 1 Alstrasoft 1 E-friends 2026-04-16 N/A
PHP remote file inclusion vulnerability in index.php in AlstraSoft E-Friends 4.0 allows remote attackers to execute arbitrary PHP code via the mode parameter.