Export limit exceeded: 362505 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 362505 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (362505 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0525 1 Microsoft 1 Windows Nt 2026-04-16 N/A
The getCanonicalPath function in Windows NT 4.0 may free memory that it does not own and cause heap corruption, which allows attackers to cause a denial of service (crash) via requests that cause a long file name to be passed to getCanonicalPath, as demonstrated on the IBM JVM using a long string to the java.io.getCanonicalPath Java method.
CVE-2005-0512 1 Mambo 1 Mambo 2026-04-16 N/A
PHP remote file inclusion vulnerability in Tar.php in Mambo 4.5.2 allows remote attackers to execute arbitrary PHP code by modifying the mosConfig_absolute_path parameter to reference a URL on a remote web server that contains the code, a different vulnerability than CVE-2004-1693.
CVE-2003-0530 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Buffer overflow in the BR549.DLL ActiveX control for Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to execute arbitrary code.
CVE-2005-0513 1 Pmachine 1 Pmachine Pro 2026-04-16 N/A
PHP remote file inclusion vulnerability in mail_autocheck.php in the Email This Entry add-on for pMachine Pro 2.4, and possibly other versions including pMachine Free, allows remote attackers to execute arbitrary PHP code by directly requesting mail_autocheck.php and modifying the pm_path parameter to reference a URL on a remote web server that contains the code, a different vulnerability than CVE-2003-1086.
CVE-2003-0532 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Internet Explorer 5.01 SP3 through 6.0 SP1 does not properly determine object types that are returned by web servers, which could allow remote attackers to execute arbitrary code via an object tag with a data parameter to a malicious file hosted on a server that returns an unsafe Content-Type, aka the "Object Type" vulnerability.
CVE-2005-0517 1 Peerftp 5 1 Peerftp 5 2026-04-16 N/A
PeerFTP_5 stores sensitive information such as passwords in plaintext in the PeerFTP.ini files, which allows local users to gain privileges.
CVE-2002-1306 2 Kde, Redhat 3 Kde, Enterprise Linux, Linux 2026-04-16 N/A
Multiple buffer overflows in LISa on KDE 2.x for 2.1 and later, and KDE 3.x before 3.0.4, allow (1) local and possibly remote attackers to execute arbitrary code via the "lisa" daemon, and (2) remote attackers to execute arbitrary code via a certain "lan://" URL.
CVE-2003-0540 3 Conectiva, Redhat, Wietse Venema 3 Linux, Linux, Postfix 2026-04-16 N/A
The address parser code in Postfix 1.1.12 and earlier allows remote attackers to cause a denial of service (lock) via (1) a malformed envelope address to a local host that would generate a bounce and contains the ".!" string in the MAIL FROM or Errors-To headers, which causes nqmgr to lock up, or (2) via a valid MAIL FROM with a RCPT TO containing a ".!" string, which causes an instance of the SMTP listener to lock up.
CVE-2003-0542 2 Apache, Redhat 5 Http Server, Enterprise Linux, Linux and 2 more 2026-04-16 N/A
Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9 captures.
CVE-2002-1336 2 Redhat, Tightvnc 3 Enterprise Linux, Linux, Tightvnc 2026-04-16 N/A
TightVNC before 1.2.6 generates the same challenge string for multiple connections, which allows remote attackers to bypass VNC authentication by sniffing the challenge and response of other users.
CVE-2005-0518 1 Exeem 1 Exeem 2026-04-16 N/A
eXeem 0.21 stores sensitive information such as passwords in plaintext in the Exeem registry key, which allows local users to gain privileges via the proxy_user and proxy_password values.
CVE-2003-0544 2 Openssl, Redhat 4 Openssl, Enterprise Linux, Linux and 1 more 2026-04-16 N/A
OpenSSL 0.9.6 and 0.9.7 does not properly track the number of characters in certain ASN.1 inputs, which allows remote attackers to cause a denial of service (crash) via an SSL client certificate that causes OpenSSL to read past the end of a buffer when the long form is used.
CVE-2003-0547 2 Gnome, Redhat 3 Gdm, Kdebase, Linux 2026-04-16 N/A
GDM before 2.4.1.6, when using the "examine session errors" feature, allows local users to read arbitrary files via a symlink attack on the ~/.xsession-errors file.
CVE-2003-0553 1 Netscape 1 Navigator 2026-04-16 N/A
Buffer overflow in the Client Detection Tool (CDT) plugin (npcdt.dll) for Netscape 7.02 allows remote attackers to execute arbitrary code via an attachment with a long filename.
CVE-2005-0519 1 Argosoft 1 Ftp Server 2026-04-16 N/A
ArGoSoft FTP Server before 1.4.2.7 allows remote attackers to read arbitrary files by uploading a ZIP file containing a shortcut (.LNK) file, using SITE UNZIP to extract the .LNK file onto the server, then accessing the file, a different vulnerability than CVE-2005-0520.
CVE-2003-0555 1 Imagemagick 1 Imagemagick 2026-04-16 N/A
ImageMagick 5.4.3.x and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a "%x" filename, possibly triggering a format string vulnerability.
CVE-2005-0522 1 Lionmax Software 1 Chat Anywhere 2026-04-16 N/A
Chat Anywhere 2.72a stores sensitive information such as passwords in plaintext in the .INI file for a chatroom, which allows local users to gain privileges.
CVE-2003-0559 1 Phpforum 1 Phpforum 2026-04-16 N/A
mainfile.php in phpforum 2 RC-1, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code by modifying the MAIN_PATH parameter to reference a URL on a remote web server that contains the code.
CVE-2003-0561 1 Iglooftp 1 Iglooftp Pro 2026-04-16 N/A
Multiple buffer overflows in IglooFTP PRO 3.8 allow remote FTP servers to execute arbitrary code via (1) a long FTP banner, or long responses to the client commands (2) USER, (3) PASS, (4) ACCT, and possibly other commands.
CVE-2003-0564 2 Hitachi, Redhat 4 Groupmax Mail - Security Option, Pki Runtime Library, Enterprise Linux and 1 more 2026-04-16 N/A
Multiple vulnerabilities in multiple vendor implementations of the Secure/Multipurpose Internet Mail Extensions (S/MIME) protocol allow remote attackers to cause a denial of service and possibly execute arbitrary code via an S/MIME email message containing certain unexpected ASN.1 constructs, as demonstrated using the NISSC test suite.