Export limit exceeded: 365650 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (365650 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-2610 1 Stefan Bambach 1 Mntd 2026-04-16 N/A
mntd_mount.c in mntd before 0.4.2 might allow local users to gain privileges via shell metacharacters in a remount option in the configuration file. NOTE: It is not clear whether this is a vulnerability because there is not necessarily any common usage in which privilege boundaries are crossed. Typical usage would restrict write access to the configuration file.
CVE-2004-0205 2 Avaya, Microsoft 5 Definity One Media Server, Ip600 Media Servers, Modular Messaging Message Storage Server and 2 more 2026-04-16 N/A
Buffer overflow in Microsoft Internet Information Server (IIS) 4.0 allows local users to execute arbitrary code via the redirect function.
CVE-2006-4438 1 Doctor Web Ltd 1 Dr.web 2026-04-16 N/A
Heap-based buffer overflow in SpIDer for Dr.Web Scanner for Linux 4.33, and possibly earlier versions, allows remote attackers to execute arbitrary code via an LHA archive with an extended header that contains a long directory name.
CVE-2006-0472 1 My Little Homepage 1 My Little Guestbook 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in guestbook.php in my little homepage my little guestbook, as last modified in March 2004, allows remote attackers to inject arbitrary Javascript via a javascript URI in BBcode link tags.
CVE-2006-4388 1 Apple 1 Quicktime 2026-04-16 N/A
Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted FlashPix file.
CVE-2006-4386 1 Apple 1 Quicktime 2026-04-16 N/A
Integer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted H.264 movie, a different issue than CVE-2006-4381.
CVE-2004-2598 1 Id Software 1 Quake Ii Server 2026-04-16 N/A
Quake II server before R1Q2, as used in multiple products, allows remote attackers to corrupt the server's client state data structure by exiting a session without a valid disconnect command, then reconnecting, which prevents a mod from being notified of changes in the client state. NOTE: the impact of this issue will vary depending on which mod is being used.
CVE-2005-3296 1 Hp 1 Hp-ux 2026-04-16 N/A
The FTP server in HP-UX 10.20, B.11.00, and B.11.11, allows remote attackers to list arbitrary directories as root by running the LIST command before logging in.
CVE-2002-1614 1 Hp 2 Hp-ux, Tru64 2026-04-16 N/A
Buffer overflow in HP Tru64 UNIX allows local users to execute arbitrary code via a long argument to /usr/bin/at.
CVE-2004-2304 1 Cerulean Studios 2 Trillian, Trillian Pro 2026-04-16 N/A
Integer overflow in Trillian 0.74 and earlier, and Trillian Pro 2.01 and earlier, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow.
CVE-2006-4236 1 Powergap 2 Powergap Business, Powergap Lite 2026-04-16 N/A
Multiple PHP remote file inclusion vulnerabilities in POWERGAP allow remote attackers to execute arbitrary PHP code via a URL in the (1) shopid parameter to (a) s01.php, (b) s02.php, (c) s03.php, and (d) s04.php; and possibly a URL located after "shopid=" or "sid=" in the PATH_INFO.
CVE-1999-0057 5 Eric Allman, Freebsd, Hp and 2 more 7 Vacation, Freebsd, Hp-ux and 4 more 2026-04-16 N/A
Vacation program allows command execution by remote users through a sendmail command.
CVE-1999-0344 1 Microsoft 1 Windows Nt 2026-04-16 N/A
NT users can gain debug-level access on a system process using the Sechole exploit.
CVE-1999-0348 1 Microsoft 1 Internet Information Server 2026-04-16 N/A
IIS ASP caching problem releases sensitive information when two virtual servers share the same physical directory.
CVE-1999-0781 3 Freebsd, Kde, Linux 3 Freebsd, Kde, Linux Kernel 2026-04-16 N/A
KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables.
CVE-2000-0342 1 Qualcomm 1 Eudora 2026-04-16 7.5 High
Eudora 4.x allows remote attackers to bypass the user warning for executable attachments such as .exe, .com, and .bat by using a .lnk file that refers to the attachment, aka "Stealth Attachment."
CVE-2005-1711 3 Clam Anti-virus, Gibraltar, Squid 3 Clamav, Gibraltar Firewall, Squid 2026-04-16 N/A
Gibraltar Firewall 2.2 and earlier, when using the ClamAV update to 0.81 for Squid, uses a defunct ClamAV method to scan memory for viruses, which does not return an error code and prevents viruses from being detected.
CVE-2005-3827 1 Agileco 1 Agilebill 2026-04-16 N/A
SQL injection vulnerability in product_cat in AgileBill 1.4.92 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2006-1937 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2026-04-16 N/A
Multiple unspecified vulnerabilities in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service (crash from null dereference) via (1) multiple vectors in H.248, and the (2) X.509if, (3) SRVLOC, (4) H.245, (5) AIM, and (6) general packet dissectors; and (7) the statistics counter.
CVE-2006-3515 1 Myiosoft.com 1 Ajaxportal 2026-04-16 N/A
SQL injection vulnerability in the loginADP function in ajaxp.php in AjaxPortal 3.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password parameters.