Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0828 1 Gus And Psilord 1 Freesweep 2026-04-16 N/A
Buffer overflow in freesweep in Debian GNU/Linux 3.0 allows local users to gain "games" group privileges when processing environment variables.
CVE-2005-0641 1 Broadcom 1 Unicenter Asset Management 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the Reporter for Computer Associates (CA) Unicenter Asset Management (UAM) 4.0 allows remote attackers to inject arbitrary HTML or web script via the (1) name or (2) description in a report template.
CVE-2003-0832 1 Webfs 1 Webfs 2026-04-16 N/A
Directory traversal vulnerability in webfs before 1.20 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a Hostname header.
CVE-2005-0642 1 Broadcom 1 Unicenter Asset Management 2026-04-16 N/A
SQL injection vulnerability in the Query Designer for Computer Associates (CA) Unicenter Asset Management (UAM) 4.0 allows remote attackers to execute arbitrary SQL via an imported file.
CVE-2003-0835 1 Mplayer 1 Mplayer 2026-04-16 N/A
Multiple buffer overflows in asf_http_request of MPlayer before 0.92 allows remote attackers to execute arbitrary code via an ASX header with a long hostname.
CVE-2003-0838 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Internet Explorer allows remote attackers to bypass zone restrictions to inject and execute arbitrary programs by creating a popup window and inserting ActiveX object code with a "data" tag pointing to the malicious code, which Internet Explorer treats as HTML or Javascript, but later executes as an HTA application, a different vulnerability than CVE-2003-0532, and as exploited using the QHosts Trojan horse (aka Trojan.Qhosts, QHosts-1, VBS.QHOSTS, or aolfix.exe).
CVE-2004-1030 2 Gentoo, Thibault Godouet 2 Linux, Fcron 2026-04-16 N/A
fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to gain sensitive information by calling fcronsighup with an arbitrary file, which reveals the contents of the file that can not be parsed in an error message.
CVE-2002-1683 1 Working Resources Inc. 1 Badblue 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in BadBlue Personal Edition 1.7.3 allows remote attackers to execute arbitrary script as other users by injecting script into the cleanSearchString() function.
CVE-2003-0839 1 Microsoft 1 Windows 2003 Server 2026-04-16 N/A
Directory traversal vulnerability in the "Shell Folders" capability in Microsoft Windows Server 2003 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a "shell:" link.
CVE-2003-0840 1 Hp 1 Hp-ux 2026-04-16 N/A
Buffer overflow in dtprintinfo on HP-UX 11.00, and possibly other operating systems, allows local users to gain root privileges via a long DISPLAY environment variable.
CVE-2003-0843 1 Dag Apt Repository 1 Mod Gzip 2026-04-16 N/A
Format string vulnerability in mod_gzip_printf for mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode and using the Apache log, allows remote attackers to execute arbitrary code via format string characters in an HTTP GET request with an "Accept-Encoding: gzip" header.
CVE-2004-1957 1 Postnuke Software Foundation 1 Postnuke 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in PostNuke 0.726 allows remote attackers to inject arbitrary web script or HTML via the (1) lid and query parameters to the Downloads module, (2) query parameter to the Web_links module, or (3) hlpfile parameter to openwindow.php.
CVE-2005-0652 1 Hp 1 Openvms 2026-04-16 N/A
Unknown vulnerability in HP OpenVMS VAX 7.x and 6.x and OpenVMS Alpha 7.x or 6.x allows local users to access privileged files.
CVE-2002-1812 1 Gdam 1 Gdam 2026-04-16 N/A
Buffer overflow in gdam123 0.933 and 0.942 allows local users to execute arbitrary code via a long filename parameter.
CVE-2003-0925 2 Ethereal Group, Redhat 3 Ethereal, Enterprise Linux, Linux 2026-04-16 N/A
Buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed GTP MSISDN string.
CVE-2005-0655 1 Arif Supriyanto 1 Auracms 2026-04-16 N/A
auraCMS 1.5 allows remote attackers to obtain sensitive information via an HTTP request with an invalid id parameter to (1) teman.php, (2) hal.php, or (3) arsip.php, which reveals the path in a PHP error message.
CVE-2002-1823 1 Lonerunner 1 Zeroo Http Server 2026-04-16 N/A
Buffer overflow in the HttpGetRequest function in Zeroo HTTP server 1.5 allows remote attackers to execute arbitrary code via a long HTTP request.
CVE-2003-0928 1 Clearswift 1 Mailsweeper 2026-04-16 N/A
Clearswift MAILsweeper before 4.3.15 does not properly detect and filter RAR 3.20 encoded files, which allows remote attackers to bypass intended policy.
CVE-2003-0936 1 Symantec 1 Pcanywhere 2026-04-16 N/A
Symantec PCAnywhere 10.x and 11, when started as a service, allows attackers to gain SYSTEM privileges via the help interface using AWHOST32.exe.
CVE-2005-0660 1 Adalis 1 D-forum 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in D-Forum 1.11 allows remote attackers to inject arbitrary web script or HTML via certain fields, as demonstrated using the page parameter in nav.php3.