Export limit exceeded: 360766 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0497 1 Mtr 1 Mtr 2026-04-16 N/A
Buffer overflow in mtr 0.46 and earlier, when installed setuid root, allows local users to access a raw socket via a long MTR_OPTIONS environment variable.
CVE-2002-1403 1 Phystech 1 Dhcpcd 2026-04-16 N/A
dhcpcd DHCP client daemon 1.3.22 and earlier allows local users to execute arbitrary code via shell metacharacters that are fed from a dhcpd .info script into a .exe script.
CVE-2005-2917 2 Redhat, Squid 2 Enterprise Linux, Squid 2026-04-16 N/A
Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, does not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart).
CVE-2005-2918 1 Gtkdiskfree 1 Gtkdiskfree 2026-04-16 N/A
The open_cmd_tube function in mount.c for gtkdiskfree 1.9.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on the gtkdiskfree temporary file.
CVE-2005-0208 2 Redhat, Rob Flynn 2 Enterprise Linux, Gaim 2026-04-16 N/A
The HTML parsing functions in Gaim before 1.1.4 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0473.
CVE-2005-3628 2 Redhat, Xpdf 2 Enterprise Linux, Xpdf 2026-04-16 N/A
Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via unknown attack vectors.
CVE-2005-2984 1 Data Center Resources 1 Avocent 2026-04-16 N/A
Avocent CCM console server running firmware 2.1 CCM4850 allows remote authenticated attackers to bypass port restrictions by connecting to the server via SSH and using the connect command to access the serial port.
CVE-2005-3772 1 Joomla 1 Joomla 2026-04-16 N/A
Multiple SQL injection vulnerabilities in Joomla! before 1.0.4 allow remote attackers to execute arbitrary SQL commands via the (1) Itemid variable in the Polls modules and (2) multiple unspecified methods in the mosDBTable class.
CVE-2002-0599 1 Blahz-dns 1 Blahz-dns 2026-04-16 N/A
Blahz-DNS 0.2 and earlier allows remote attackers to bypass authentication and modify configuration by directly requesting CGI programs such as dostuff.php instead of going through the login screen.
CVE-2002-1437 1 Novell 1 Netware 2026-04-16 N/A
Directory traversal vulnerability in the web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to read arbitrary files via an HTTP request containing "..%5c" (URL-encoded dot-dot backslash) sequences.
CVE-2005-2990 1 Linecontrol 1 Java Client 2026-04-16 N/A
AuthInfo.java in LineContol Java Client (jlc) before 0.8.1 stores sensitive information such as user passwords in log files.
CVE-2005-3639 1 Ubertec 1 Help Center Live 2026-04-16 N/A
PHP file inclusion vulnerability in the osTicket module in Help Center Live before 2.0.3 allows remote attackers to access or include arbitrary files via the file parameter, possibly due to a directory traversal vulnerability.
CVE-2005-2996 1 Symantec Veritas 2 Storage Exec, Storagecentral 2026-04-16 N/A
Multiple heap-based and stack-based buffer overflows in certain DCOM server components in VERITAS Storage Exec Storage Exec 5.3 before Hotfix 9 and StorageCentral 5.2 before Hot Fix 2 allow remote attackers to execute arbitrary code via certain ActiveX controls.
CVE-2005-3004 1 Interakt 1 Mx Shop 2026-04-16 N/A
SQL injection vulnerability in Interakt MX Shop 3.2.0 allows remote attackers to execute arbitrary SQL commands via the (1) idp, (2) id_ctg, or (3) id_prd parameters to the pages module in index.php.
CVE-2006-0383 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
IPSec when used with VPN networks in Mac OS X 10.4 through 10.4.5 allows remote attackers to cause a denial of service (application crash) via unspecified vectors involving the "incorrect handling of error conditions".
CVE-2006-2634 1 Neocrome 1 Seditio 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Neocrome Land Down Under (LDU) in Neocrome Seditio 102 allows remote attackers to inject arbitrary web script or HTML via an HTTP Referer field.
CVE-2006-0387 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Stack-based buffer overflow in Safari in Mac OS X 10.4.5 and earlier, and 10.3.9 and earlier, allows remote attackers to execute arbitrary code via unspecified vectors involving a web page with crafted JavaScript, a different vulnerability than CVE-2005-4504.
CVE-2005-3933 1 88script 1 88script Event Calendar 2026-04-16 N/A
SQL injection vulnerability in index.php in 88Script's Event Calendar 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the m parameter.
CVE-2006-0389 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Syndication (Safari RSS) in Mac OS X 10.4 through 10.4.5 allows remote attackers to execute arbitrary JavaScript via unspecified vectors involving RSS feeds.
CVE-2006-0396 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Buffer overflow in Mail in Apple Mac OS X 10.4 up to 10.4.5, when patched with Security Update 2006-001, allows remote attackers to execute arbitrary code via a long Real Name value in an e-mail attachment sent in AppleDouble format, which triggers the overflow when the user double-clicks on an attachment.