Export limit exceeded: 29908 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29908 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0476 | 1 3com | 1 3cp4144 | 2026-04-16 | N/A |
| Buffer overflow in 3Com OfficeConnect Remote 812 ADSL Router 1.1.9.4 allows remote attackers to cause a denial of service (reboot or packet loss) via a long string containing Telnet escape characters to the Telnet port. | ||||
| CVE-2004-1563 | 1 W-agora | 1 W-agora | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in w-Agora 4.1.6a allow remote attackers to execute arbitrary web script or HTML via the (1) thread parameter to download_thread.php, (2) loginuser parameter to login.php, or (3) userid parameter to forgot_password.php. | ||||
| CVE-1999-0743 | 1 Debian | 1 Debian Linux | 2026-04-16 | N/A |
| Trn allows local users to overwrite other users' files via symlinks. | ||||
| CVE-2004-0485 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| The default protocol helper for the disk: URI on Mac OS X 10.3.3 and 10.2.8 allows remote attackers to write arbitrary files by causing a disk image file (.dmg) to be mounted as a disk volume. | ||||
| CVE-2004-1054 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Untrusted execution path vulnerability in invscout in IBM AIX 5.1.0, 5.2.0, and 5.3.0 allows local users to gain privileges by modifying the PATH environment variable to point to a malicious "uname" program, which is executed from lsvpd after lsvpd has been invoked by invscout. | ||||
| CVE-1999-0773 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Buffer overflow in Solaris lpset program allows local users to gain root access. | ||||
| CVE-2004-1576 | 1 Megalo | 1 Judge Dredd Dredd Vs. Death | 2026-04-16 | N/A |
| Format string vulnerability in Judge Dredd: Dredd vs. Death 1.01 and earlier allows remote attackers to cause a denial of service (application crash) via format string specifiers in a chat message. | ||||
| CVE-2004-1578 | 1 Invision Power Services | 1 Invision Power Board | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Invision Power Board 2.0.0 allows remote attackers to execute arbitrary web script or HTML via the Referer field in the HTTP header. | ||||
| CVE-2004-1579 | 1 Devellion | 1 Cubecart | 2026-04-16 | N/A |
| index.php in CubeCart 2.0.1 allows remote attackers to gain sensitive information via an HTTP request with an invalid cat_id parameter, which reveals the full path in a PHP error message. | ||||
| CVE-2004-1580 | 1 Devellion | 1 Cubecart | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in CubeCart 2.0.1 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | ||||
| CVE-1999-0782 | 3 Freebsd, Kde, Linux | 3 Freebsd, Kde, Linux Kernel | 2026-04-16 | N/A |
| KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable. | ||||
| CVE-2004-1581 | 1 Blackboard | 1 Blackboard | 2026-04-16 | N/A |
| BlackBoard 1.5.1 allows remote attackers to gain sensitive information via a direct request to (1) checkdb.inc.php, (2) admin.inc.php or (3) cp.inc.php, which reveals the path in a PHP error message. | ||||
| CVE-2004-2329 | 1 Kerio | 1 Personal Firewall | 2026-04-16 | N/A |
| Kerio Personal Firewall (KPF) 2.1.5 allows local users to execute arbitrary code with SYSTEM privileges via the Load button in the Firewall Configuration Files option, which does not drop privileges before opening the file loading dialog box. | ||||
| CVE-2002-1386 | 1 Ehud Gavron | 1 Tracesroute | 2026-04-16 | N/A |
| Buffer overflow in traceroute-nanog (aka traceroute-ng) may allow local users to execute arbitrary code via a long hostname argument. | ||||
| CVE-2002-1420 | 1 Openbsd | 1 Openbsd | 2026-04-16 | N/A |
| Integer signedness error in select() on OpenBSD 3.1 and earlier allows local users to overwrite arbitrary kernel memory via a negative value for the size parameter, which satisfies the boundary check as a signed integer, but is later used as an unsigned integer during a data copying operation. | ||||
| CVE-2004-0106 | 3 Openbsd, Redhat, Xfree86 Project | 4 Openbsd, Enterprise Linux, Linux and 1 more | 2026-04-16 | N/A |
| Multiple unknown vulnerabilities in XFree86 4.1.0 to 4.3.0, related to improper handling of font files, a different set of vulnerabilities than CVE-2004-0083 and CVE-2004-0084. | ||||
| CVE-2004-1596 | 1 3com | 1 3cradsl72 | 2026-04-16 | N/A |
| The 3COM Wireless router 3CRADSL72 running Boot Code 1.3d allows remote attackers to gain sensitive information such as passwords and router settings via a direct HTTP request to app_sta.stm. | ||||
| CVE-2004-0125 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| The jail system call in FreeBSD 4.x before 4.10-RELEASE does not verify that an attempt to manipulate routing tables originated from a non-jailed process, which could allow local users to modify the routing table. | ||||
| CVE-1999-0925 | 1 Messagemedia | 1 Unitymail | 2026-04-16 | N/A |
| UnityMail allows remote attackers to conduct a denial of service via a large number of MIME headers. | ||||
| CVE-1999-0939 | 1 Debian | 1 Debian Linux | 2026-04-16 | N/A |
| Denial of service in Debian IRC Epic/epic4 client via a long string. | ||||