Export limit exceeded: 363222 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363222 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0628 1 Peoplesoft 1 Peopletools 2026-04-16 N/A
PeopleSoft Gateway Administration servlet (gateway.administration) in PeopleTools 8.43 and earlier allows remote attackers to obtain the full pathnames for server-side include (SSI) files via an HTTP request with an invalid value.
CVE-2004-0547 1 Postgresql 1 Postgresql 2026-04-16 N/A
Buffer overflow in the ODBC driver for PostgreSQL before 7.2.1 allows remote attackers to cause a denial of service (crash).
CVE-2005-2308 1 Microsoft 1 Ie 2026-04-16 N/A
The JPEG decoder in Microsoft Internet Explorer allows remote attackers to cause a denial of service (CPU consumption or crash) and possibly execute arbitrary code via certain crafted JPEG images, as demonstrated using (1) mov_fencepost.jpg, (2) cmp_fencepost.jpg, (3) oom_dos.jpg, or (4) random.jpg.
CVE-2003-0634 1 Oracle 2 Oracle8i, Oracle9i 2026-04-16 N/A
Stack-based buffer overflow in the PL/SQL EXTPROC functionality for Oracle9i Database Release 2 and 1, and Oracle 8i, allows authenticated database users, and arbitrary database users in some cases, to execute arbitrary code via a long library name.
CVE-2004-2108 1 Quadcomm 1 Q-shop 2026-04-16 N/A
Multiple SQL injection vulnerabilities in QuadComm Q-Shop allow remote attackers to execute arbitrary SQL commands via certain parameters to (1) search.asp, (2) browse.asp, (3) details.asp, (4) showcat.asp, (5) users.asp, (6) addtomylist.asp, (7) modline.asp, (8) cart.asp, or (9) newuser.asp.
CVE-2005-2309 1 Opera 1 Opera Browser 2026-04-16 N/A
Opera 8.01 allows remote attackers to cause a denial of service (CPU consumption) via a crafted JPEG image, as demonstrated using random.jpg.
CVE-2005-2310 1 Nullsoft 1 Winamp 2026-04-16 N/A
Buffer overflow in Winamp 5.03a, 5.09 and 5.091, and other versions before 5.094, allows remote attackers to execute arbitrary code via an MP3 file with a long ID3v2 tag such as (1) ARTIST or (2) TITLE.
CVE-2005-1548 1 Advanced Guestbook 1 Advanced Guestbook 2026-04-16 N/A
SQL injection vulnerability in index.php in Advanced Guestbook 2.3.1 allows remote attackers to execute arbitrary SQL commands via the entry parameter.
CVE-2005-2311 1 Sms 1 Sms 2026-04-16 N/A
SMS 1.9.2m and earlier allows local users to overwrite arbitrary files via a symlink attack on the (1) request1 or (2) request2 temporary files.
CVE-2004-1337 3 Conectiva, Gnu, Ubuntu 3 Linux, Realtime Linux Security Module, Ubuntu Linux 2026-04-16 N/A
The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 does not properly handle the credentials of a process that is launched before the module is loaded, which allows local users to gain privileges.
CVE-2006-0731 1 Sap 1 Business Connector 2026-04-16 N/A
WmRoot/adapter-index.dsp in SAP Business Connector Core Fix 7 and earlier allows remote attackers to conduct spoofing (phishing) attacks via an absolute URL in the url parameter, which loads the URL inside a frame.
CVE-2003-0654 1 Autorespond 1 Autorespond 2026-04-16 N/A
Buffer overflow in autorespond may allow remote attackers to execute arbitrary code as the autorespond user via qmail.
CVE-2004-0549 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
The WebBrowser ActiveX control, or the Internet Explorer HTML rendering engine (MSHTML), as used in Internet Explorer 6, allows remote attackers to execute arbitrary code in the Local Security context by using the showModalDialog method and modifying the location to execute code such as Javascript, as demonstrated using (1) delayed HTTP redirect operations, and an HTTP response with a Location: header containing a "URL:" prepended to a "ms-its" protocol URI, or (2) modifying the location attribute of the window, as exploited by the Download.ject (aka Scob aka Toofer) using the ADODB.Stream object.
CVE-2003-0664 1 Microsoft 2 Word, Works 2026-04-16 N/A
Microsoft Word 2002, 2000, 97, and 98(J) does not properly check certain properties of a document, which allows attackers to bypass the macro security model and automatically execute arbitrary macros via a malicious document.
CVE-2004-1340 1 Debian 1 Debian Linux 2026-04-16 N/A
Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pam_radius_auth.conf set to be world-readable, which allows local users to obtain sensitive information.
CVE-2005-1063 1 Kerio 3 Kerio Mailserver, Personal Firewall, Winroute Firewall 2026-04-16 N/A
The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to cause a denial of service (CPU consumption) via certain attacks that force the product to "compute unexpected conditions" and "perform cryptographic operations."
CVE-2003-0680 1 Sgi 1 Irix 2026-04-16 N/A
Unknown vulnerability in NFS for SGI IRIX 6.5.21 and earlier may allow an NFS client to bypass read-only restrictions.
CVE-2005-1071 1 Jportal 1 Jportal Web Portal 2026-04-16 N/A
SQL injection vulnerability in banner.inc.php in JPortal Web Portal 2.3.1 allows remote attackers to execute arbitrary SQL commands via the haslo parameter.
CVE-2005-2312 1 Realnode 1 Emilda 2026-04-16 N/A
management.php in Realnode Emilda 1.2.2 and earlier allows remote attackers to perform actions as other users by modifying the user_id parameter.
CVE-2003-0688 6 Compaq, Freebsd, Openbsd and 3 more 7 Tru64, Freebsd, Openbsd and 4 more 2026-04-16 N/A
The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdnsbl" feature, does not properly initialize certain data structures, which allows remote attackers to cause a denial of service (process crash) via an invalid DNS response that causes Sendmail to free incorrect data.