Export limit exceeded: 362074 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (362074 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1225 1 Kth 1 Heimdal 2026-04-16 N/A
Multiple buffer overflows in Heimdal before 0.5, possibly in both the (1) kadmind and (2) kdc servers, may allow remote attackers to gain root access.
CVE-2002-1223 2 Kde, Redhat 2 Kde, Linux 2026-04-16 N/A
Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView in KDE 1.1 and KDE 3.0.3a, may allow attackers to cause a denial of service or execute arbitrary code via a modified .ps (PostScript) input file.
CVE-2004-0841 2 Avaya, Microsoft 7 Definity One Media Server, Ip600 Media Servers, Modular Messaging Message Storage Server and 4 more 2026-04-16 N/A
Internet Explorer 6.x allows remote attackers to install arbitrary programs via mousedown events that call the Popup.show method and use drag-and-drop actions in a popup window, aka "HijackClick 3" and the "Script in Image Tag File Download Vulnerability."
CVE-2005-2643 1 Tor 1 Tor 2026-04-16 N/A
Tor 0.1.0.13 and earlier, and experimental versions 0.1.1.4-alpha and earlier, does not reject certain weak keys when using ephemeral Diffie-Hellman (DH) handshakes, which allows malicious Tor servers to obtain the keys that a client uses for other systems in the circuit.
CVE-2002-1222 1 Cisco 1 Catos 2026-04-16 N/A
Buffer overflow in the embedded HTTP server for Cisco Catalyst switches running CatOS 5.4 through 7.3 allows remote attackers to cause a denial of service (reset) via a long HTTP request.
CVE-2001-1487 1 Qualcomm 1 Qpopper 2026-04-16 N/A
popauth utility in Qualcomm Qpopper 4.0 and earlier allows local users to overwrite arbitrary files and execute commands as the pop user via a symlink attack on the -trace file option.
CVE-2005-2885 1 Maxdev 1 Md-pro 2026-04-16 N/A
The Downloads page in MAXdev MD-Pro 1.0.73, and possibly earlier versions, uses an incomplete blacklist to check for dangerous file extensions, which could allow remote attackers to bypass file extension checks and execute arbitrary commands by uploading a file with a different extension, as demonstrated using .inc files.
CVE-2005-2642 1 Mutt 1 Mutt 2026-04-16 N/A
Buffer overflow in the mutt_decode_xbit function in Handler.c for Mutt 1.5.10 allows remote attackers to execute arbitrary code, possibly due to interactions with libiconv or gettext.
CVE-2002-1221 3 Freebsd, Isc, Openbsd 3 Freebsd, Bind, Openbsd 2026-04-16 N/A
BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference.
CVE-1999-1592 2 Sendmail, Sun 2 Sendmail, Sunos 2026-04-16 N/A
Multiple unspecified vulnerabilities in sendmail 5, as installed on Sun SunOS 4.1.3_U1 and 4.1.4, have unspecified attack vectors and impact. NOTE: this might overlap CVE-1999-0129.
CVE-2002-1219 3 Freebsd, Isc, Openbsd 3 Freebsd, Bind, Openbsd 2026-04-16 N/A
Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR).
CVE-2002-1217 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Cross-Frame scripting vulnerability in the WebBrowser control as used in Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code, read arbitrary files, or conduct other unauthorized activities via script that accesses the Document property, which bypasses <frame> and <iframe> domain restrictions.
CVE-2001-0277 1 Working Resources Inc. 1 Badblue 2026-04-16 N/A
Buffer overflow in ext.dll in BadBlue 1.02.07 Personal Edition allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP GET request.
CVE-2002-1210 1 Qualcomm 1 Eudora 2026-04-16 N/A
Qualcomm Eudora 5.1.1, 5.2, and possibly other versions stores email attachments in a predictable location, which allows remote attackers to read arbitrary files via a link that loads an attachment with malicious script into a frame, which then executes the script in the local browser context.
CVE-2002-1200 1 Oneidentity 1 Syslog-ng 2026-04-16 N/A
Balabit Syslog-NG 1.4.x before 1.4.15, and 1.5.x before 1.5.20, when using template filenames or output, does not properly track the size of a buffer when constant characters are encountered during macro expansion, which allows remote attackers to cause a denial of service and possibly execute arbitrary code.
CVE-2005-2639 1 Valusoft 1 Chris Moneymakers World Poker Championship 2026-04-16 N/A
Buffer overflow in Chris Moneymaker's World Poker Championship 1.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long nickname.
CVE-2002-1197 1 Mozilla 1 Bugzilla 2026-04-16 N/A
bugzilla_email_append.pl in Bugzilla 2.14.x before 2.14.4, and 2.16.x before 2.16.1, allows remote attackers to execute arbitrary code via shell metacharacters in a system call to processmail.
CVE-2004-2651 1 Michael Christen 1 Yacy 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in YaCy before 0.32 allow remote attackers to inject arbitrary web script or HTML via the (1) urlmaskfilter parameter to index.html or the (2) page parameter to Wiki.html.
CVE-2004-2652 1 Sourcefire 1 Snort 2026-04-16 N/A
The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference.
CVE-2004-2656 1 Open Source Development Network 1 Slashcode 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Slashdot Like Automated Storytelling Homepage (Slash) (aka Slashcode) before R_2_5_0_41 allow remote attackers to inject arbitrary web script or HTML via (1) the topic parameter in search.pl and (2) the filter parameter in submit.pl.