Export limit exceeded: 366153 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (366153 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0101 1 Fetchmail 1 Fetchmail 2026-04-16 N/A
Vulnerability in fetchmail 5.5.0-2 and earlier in the AUTHENTICATE GSSAPI command.
CVE-2002-1364 1 Ehud Gavron 1 Tracesroute 2026-04-16 N/A
Buffer overflow in the get_origin function in traceroute-nanog allows attackers to execute arbitrary code via long WHOIS responses.
CVE-2002-1339 1 Microsoft 1 Office Web Components 2026-04-16 N/A
The "XMLURL" property in the Spreadsheet component of Office Web Components (OWC) 10 follows redirections, which allows remote attackers to determine the existence of local files based on exceptions, or to read WorkSheet XML files.
CVE-2001-0075 1 Technote Inc 1 Technote 2026-04-16 N/A
Directory traversal vulnerability in main.cgi in Technote allows remote attackers to read arbitrary files via a .. (dot dot) attack in the filename parameter.
CVE-2001-0057 1 Cisco 2 Broadband Operating System, Cisco 6xx Routers 2026-04-16 N/A
Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a large ICMP echo (ping) packet.
CVE-2005-1758 1 Novell 1 Netmail 2026-04-16 N/A
Buffer overflow in the IMAP command continuation function in Novell NetMail 3.52 before 3.52C may allow remote attackers to execute arbitrary code.
CVE-2001-0035 1 Kth 1 Kth Kerberos 2026-04-16 N/A
Buffer overflow in the kdc_reply_cipher function in KTH Kerberos IV allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long authentication request.
CVE-2003-0955 1 Openbsd 1 Openbsd 2026-04-16 N/A
OpenBSD kernel 3.3 and 3.4 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code in 3.4 via a program with an invalid header that is not properly handled by (1) ibcs2_exec.c in the iBCS2 emulation (compat_ibcs2) or (2) exec_elf.c, which leads to a stack-based buffer overflow.
CVE-2003-0940 1 Sap 1 Sap Db 2026-04-16 N/A
Directory traversal vulnerability in sqlfopenc for web-tools in SAP DB before 7.4.03.30 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a URL.
CVE-2003-0329 1 Aclogic 1 Cesarftp 2026-04-16 N/A
CesarFTP 0.99g stores user names and passwords in plaintext in the settings.ini file, which could allow local users to gain privileges.
CVE-2002-0846 2 Macromedia, Redhat 3 Shockwave Flash, Enterprise Linux, Linux 2026-04-16 N/A
The decoder for Macromedia Shockwave Flash allows remote attackers to execute arbitrary code via a malformed SWF header that contains more data than the specified length.
CVE-2002-0219 1 Sas 2 Sas Base, Sas Integration Technologies 2026-04-16 N/A
Buffer overflow in (1) sastcpd in SAS/Base 8.0 and 8.1 or (2) objspawn in SAS/Integration Technologies 8.0 and 8.1 allows local users to execute arbitrary code via large command line argument.
CVE-2002-0186 1 Microsoft 1 Sql Server 2026-04-16 N/A
Buffer overflow in the SQLXML ISAPI extension of Microsoft SQL Server 2000 allows remote attackers to execute arbitrary code via data queries with a long content-type parameter, aka "Unchecked Buffer in SQLXML ISAPI Extension."
CVE-2001-0002 1 Microsoft 2 Internet Explorer, Windows Script Host 2026-04-16 N/A
Internet Explorer 5.5 and earlier allows remote attackers to obtain the physical location of cached content and open the content in the Local Computer Zone, then use compiled HTML help (.chm) files to execute arbitrary programs.
CVE-2000-0402 1 Microsoft 1 Sql Server 2026-04-16 N/A
The Mixed Mode authentication capability in Microsoft SQL Server 7.0 stores the System Administrator (sa) account in plaintext in a log file which is readable by any user, aka the "SQL Server 7.0 Service Pack Password" vulnerability.
CVE-2004-1330 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in paginit in AIX 5.1 through 5.3 allows local users to execute arbitrary code via a long username.
CVE-2006-1346 1 Greg Neustaetter 1 Gcards 2026-04-16 N/A
Directory traversal vulnerability in inc/setLang.php in Greg Neustaetter gCards 1.45 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in a lang[*][file] parameter, as demonstrated by injecting PHP sequences into an Apache access_log file, which is then included by index.php.
CVE-1999-0789 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in AIX ftpd in the libc library.
CVE-1999-0448 1 Microsoft 1 Internet Information Server 2026-04-16 N/A
IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request.
CVE-2000-1221 3 Debian, Redhat, Sgi 3 Debian Linux, Linux, Irix 2026-04-16 N/A
The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP.