Export limit exceeded: 29908 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29908 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29908 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0288 | 1 Hiroaki Shirouzu | 1 Ip Messenger | 2026-04-16 | N/A |
| Buffer overflow in the file & folder transfer mechanism for IP Messenger for Win 2.00 through 2.02 allows remote attackers to execute arbitrary code via file with a long filename, which triggers the overflow when the user saves the file. | ||||
| CVE-2004-2063 | 1 Antiboard | 1 Antiboard | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in antiboard.php in AntiBoard 0.7.2 and earlier allows remote attackers to inject arbitrary HTML or web script via the feedback parameter. | ||||
| CVE-2003-0320 | 1 Andy Prevost | 1 Ttcms | 2026-04-16 | N/A |
| header.php in ttCMS 2.3 and earlier allows remote attackers to inject arbitrary PHP code by setting the ttcms_user_admin parameter to "1" and modifying the admin_root parameter to point to a URL that contains a Trojan horse header.inc.php script. | ||||
| CVE-2003-0326 | 1 Slocate | 1 Slocate | 2026-04-16 | N/A |
| Integer overflow in parse_decode_path() of slocate may allow attackers to execute arbitrary code via a LOCATE_PATH with a large number of ":" (colon) characters, whose count is used in a call to malloc. | ||||
| CVE-2004-1269 | 2 Easy Software Products, Redhat | 3 Cups, Enterprise Linux, Fedora Core | 2026-04-16 | N/A |
| lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it encounters a file-size resource limit while writing to passwd.new, which causes subsequent invocations of lppasswd to fail. | ||||
| CVE-2003-0330 | 1 Ambrosia Software | 1 Maelstrom | 2026-04-16 | N/A |
| Buffer overflow in unknown versions of Maelstrom allows local users to execute arbitrary code via a long -player command line argument. | ||||
| CVE-2004-1272 | 1 Bolthole | 1 Filter | 2026-04-16 | N/A |
| Buffer overflow in the save_embedded_address function in filter.c for elm/bolthole filter 2.6.1 allows remote attackers to execute arbitrary code via a crafted email message. | ||||
| CVE-2004-2071 | 1 Macallan | 1 Mail Solution | 2026-04-16 | N/A |
| Macallan Mail Solution 2.8.4.6 (Build 260), and possibly earlier versions, allows remote attackers to bypass authentication in the web interface via an HTTP GET request with two slashes ("//") after the server name. | ||||
| CVE-2003-0336 | 1 Qualcomm | 1 Eudora | 2026-04-16 | N/A |
| Qualcomm Eudora 5.2.1 allows remote attackers to read arbitrary files via an email message with a carriage return (CR) character in a spoofed "Attachment Converted:" string, which is not properly handled by Eudora. | ||||
| CVE-2003-0355 | 2 Apple, Kde | 2 Safari, Konqueror Embedded | 2026-04-16 | N/A |
| Safari 1.0 Beta 2 (v73) and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates. | ||||
| CVE-2003-0363 | 1 Licq | 1 Licq | 2026-04-16 | N/A |
| Format string vulnerability in LICQ 1.2.6, 1.0.3 and possibly other versions allows remote attackers to perform unknown actions via format string specifiers. | ||||
| CVE-2004-1276 | 1 Iglooftp | 1 Iglooftp | 2026-04-16 | N/A |
| IglooFTP 0.6.1, when recursively uploading a directory, allows local users to overwrite the files that are being uploaded by creating temporary files with names generated by the tmpnam function, before the files are opened by IglooFTP. | ||||
| CVE-2004-1277 | 1 Iglooftp | 1 Iglooftp | 2026-04-16 | N/A |
| The download_selection_recursive() function in ftplist.c for IglooFTP 0.6.1 allows remote malicious FTP servers to overwrite arbitrary files via filenames that contain / (slash) characters. | ||||
| CVE-2003-0366 | 1 Lysator | 1 Lyskom-server | 2026-04-16 | N/A |
| lyskom-server 2.0.7 and earlier allows unauthenticated users to cause a denial of service (CPU consumption) via a large query. | ||||
| CVE-2004-1279 | 1 Jpegtoavi | 1 Jpegtoavi | 2026-04-16 | N/A |
| Buffer overflow in the get_file_list_stdin function in jpegtoavi 1.5 allows remote attackers to execute arbitrary code via a crafted set of JPEG files and filenames. | ||||
| CVE-2004-1280 | 1 Junkie | 1 Junkie Ftp Client | 2026-04-16 | N/A |
| The gui_popup_view_fly function in gui_tview_popup.c for junkie 0.3.1 allows remote malicious FTP servers to execute arbitrary commands via shell metacharacters in a filename. | ||||
| CVE-2003-0370 | 4 Apple, Kde, Redhat and 1 more | 7 Safari, Kde, Konqueror Embedded and 4 more | 2026-04-16 | N/A |
| Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack. | ||||
| CVE-2003-0375 | 1 Xmb Forum | 1 Xmb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in member.php of XMBforum XMB 1.8.x (aka Partagium) allows remote attackers to insert arbitrary HTML and web script via the "member" parameter. | ||||
| CVE-2003-0385 | 1 Debian | 1 Debian Linux | 2026-04-16 | N/A |
| Buffer overflow in xaos 3.0-23 and earlier, when running setuid, allows local users to gain root privileges via a long -language option. | ||||
| CVE-2003-0399 | 1 Vignette | 3 Content Suite, Storyserver, Vignette | 2026-04-16 | N/A |
| Vignette StoryServer 4 and 5, Vignette V/5, and possibly other versions allows remote attackers to perform unauthorized SELECT queries by setting the vgn_creds cookie to an arbitrary value and directly accessing the save template. | ||||