Export limit exceeded: 359472 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29946 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1115 | 1 Gentoo | 1 Linux | 2026-04-16 | N/A |
| The init scripts in Search for Extraterrestrial Intelligence (SETI) project 3.08-r3 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs. | ||||
| CVE-2004-1117 | 1 Gentoo | 1 Linux | 2026-04-16 | N/A |
| The init scripts in ChessBrain 20407 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs. | ||||
| CVE-2004-1119 | 1 Nullsoft | 1 Winamp | 2026-04-16 | N/A |
| Stack-based buffer overflow in IN_CDDA.dll in Winamp 5.05, and possibly other versions including 5.06, allows remote attackers to execute arbitrary code via a certain .m3u playlist file. | ||||
| CVE-2005-2020 | 1 3com | 1 3c15100d | 2026-04-16 | N/A |
| Directory traversal vulnerability in the web server for 3Com Network Supervisor 5.0.2 allows remote attackers to read arbitrary files via ".." sequences in the URL to TCP port 21700. | ||||
| CVE-2005-2023 | 1 Suse | 1 Suse Linux | 2026-04-16 | N/A |
| The send_pinentry_environment function in asshelp.c in gpg2 on SUSE Linux 9.3 does not properly handle certain options, which can prevent pinentry from being found and causes S/MIME signing to fail. | ||||
| CVE-2005-2024 | 1 Vipul | 1 Razor-agents | 2026-04-16 | N/A |
| Vipul Razor Agents (razor-agents) before 2.70 allows remote attackers to cause a denial of service via (1) certain "unusual HTML messages" or (2) "certain malformed headers" such as Content-Type. | ||||
| CVE-2005-2034 | 1 Blue-collar Productions | 1 I-gallery | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in folderview.asp for BlueCollar iGallery 3.3 allows remote attackers to inject arbitrary web script or HTML via the folder parameter. | ||||
| CVE-2004-1244 | 1 Microsoft | 1 Windows Media Player | 2026-04-16 | N/A |
| Windows Media Player 9 allows remote attackers to execute arbitrary code via a PNG file containing large (1) width or (2) height values, aka the "PNG Processing Vulnerability." | ||||
| CVE-2005-2060 | 1 Ubbcentral | 1 Ubb.threads | 2026-04-16 | N/A |
| Multiple HTTP Response Splitting vulnerabilities in (1) toggleshow.php, (2) togglecats.php, and (3) showprofile.php in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to spoof web content and poison web caches via CRLF ("%0d%0a") sequences in the Cat parameter. | ||||
| CVE-2004-1254 | 1 Rarlab | 1 Winrar | 2026-04-16 | N/A |
| WinRAR 3.40, and possibly earlier versions, allows remote attackers to execute arbitrary code via a ZIP file containing a file with a long filename, possibly causing an integer overflow that leads to a buffer overflow. | ||||
| CVE-2005-2061 | 1 Ubbcentral | 1 Ubb.threads | 2026-04-16 | N/A |
| Infopop UBB.Threads before 6.5.2 Beta allows remote attackers to include arbitrary files via the language parameter in a cookie followed by a null (%00) byte. | ||||
| CVE-2005-3918 | 1 Ovbb | 1 Ovbb | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in OvBB 0.08a allow remote attackers to execute arbitrary SQL commands via the (1) threadid parameter to thread.php and (2) userid parameter to profile.php. NOTE: the vendor disputes these issues, saying "these reports are completely unsubstantial. | ||||
| CVE-2004-1797 | 1 Freznoshop | 1 Freznoshop | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php for FreznoShop 1.3.0 RC1 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter. | ||||
| CVE-2005-2409 | 1 Nbsmtp | 1 Nbsmtp | 2026-04-16 | N/A |
| Format string vulnerability in util.c in nbsmtp 0.99 and earlier, while running in debug mode, allows remote attackers to execute arbitrary code via format string specifiers that are not properly handled in a syslog call. | ||||
| CVE-2002-1153 | 1 Ibm | 1 Websphere Application Server | 2026-04-16 | N/A |
| IBM Websphere 4.0.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP request with long HTTP headers, such as "Host". | ||||
| CVE-2002-1867 | 1 Bizdesign | 1 Imagefolio | 2026-04-16 | N/A |
| The default configuration of BizDesign ImageFolio 2.23 through 2.26 does not control access to (1) admin/setup.cgi, which allows remote attackers to create an administrative account, or (2) admin/nph-build.cgi, which allows remote attackers to cause a denial of service (CPU consumption). | ||||
| CVE-2002-1198 | 1 Mozilla | 1 Bugzilla | 2026-04-16 | N/A |
| Bugzilla 2.16.x before 2.16.1 does not properly filter apostrophes from an email address during account creation, which allows remote attackers to execute arbitrary SQL via a SQL injection attack. | ||||
| CVE-2003-0695 | 2 Openbsd, Redhat | 3 Openssh, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial of service or execute arbitrary code using (1) buffer_init in buffer.c, (2) buffer_free in buffer.c, or (3) a separate function in channels.c, a different vulnerability than CVE-2003-0693. | ||||
| CVE-2004-2048 | 1 Esesix | 7 Thintune Extreme, Thintune L, Thintune M and 4 more | 2026-04-16 | N/A |
| radmin in eSeSIX Thintune thin clients running firmware 2.4.38 and earlier starts a process port 25072 that can be accessed with a default "jstwo" password, which allows remote attackers to gain access. | ||||
| CVE-2004-2055 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php for PhpBB 2.0.4 and 2.0.9 allows remote attackers to inject arbitrary HTMl or web script via the search_author parameter. | ||||