Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29946 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1050 | 1 Hylafax | 1 Hylafax | 2026-04-16 | N/A |
| Buffer overflow in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long line of image data. | ||||
| CVE-2002-1051 | 1 Ehud Gavron | 1 Tracesroute | 2026-04-16 | N/A |
| Format string vulnerability in TrACESroute 6.0 GOLD (aka NANOG traceroute) allows local users to execute arbitrary code via the -T (terminator) command line argument. | ||||
| CVE-2002-1052 | 1 W3c | 1 Jigsaw | 2026-04-16 | N/A |
| Jigsaw 2.2.1 on Windows systems allows remote attackers to use MS-DOS device names in HTTP requests to (1) cause a denial of service using the "con" device, or (2) obtain the physical path of the server using two requests to the "aux" device. | ||||
| CVE-2002-1070 | 1 Php-wiki | 1 Php-wiki | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in PHPWiki Postnuke wiki module allows remote attackers to execute script as other PHPWiki users via the pagename parameter. | ||||
| CVE-2003-1015 | 3 Clearswift, F-secure, Paul L Daniels | 3 Mailsweeper, Internet Gatekeeper, Ripmime | 2026-04-16 | N/A |
| Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use whitespace in an unusual fashion, which may be interpreted differently by mail clients. | ||||
| CVE-2002-1073 | 1 Atrium Software | 1 Mercur Mailserver | 2026-04-16 | N/A |
| Buffer overflow in the control service for MERCUR Mailserver 4.2 allows remote attackers to execute arbitrary code via a long password. | ||||
| CVE-2003-1018 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Format string vulnerability in enq command in AIX 4.3, 5.1, and 5.2 allows local users with rintq group privileges to gain privileges via unknown attack vectors. | ||||
| CVE-2002-1075 | 1 David Harris | 1 Pegasus Mail | 2026-04-16 | N/A |
| Buffer overflow in Pegasus mail client 4.01 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long (1) To or (2) From headers. | ||||
| CVE-2002-1096 | 1 Cisco | 2 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client | 2026-04-16 | N/A |
| Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.1, allows restricted administrators to obtain user passwords that are stored in plaintext in HTML source code. | ||||
| CVE-2003-1020 | 2 Irssi, Mandrakesoft | 2 Irssi, Mandrake Linux | 2026-04-16 | N/A |
| The format_send_to_gui function in formats.c for irssi before 0.8.9 allows remote IRC users to cause a denial of service (crash). | ||||
| CVE-2003-1023 | 2 Midnight Commander, Redhat | 3 Midnight Commander, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Stack-based buffer overflow in vfs_s_resolve_symlink of vfs/direntry.c for Midnight Commander (mc) 4.6.0 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code during symlink conversion. | ||||
| CVE-2003-1024 | 1 Sun | 1 Sunos | 2026-04-16 | N/A |
| Unknown vulnerability in the ls-F builtin function in tcsh on Solaris 8 allows local users to create or delete files as other users, and gain privileges. | ||||
| CVE-2006-4197 | 1 Musicbrainz | 2 Libmusicbrainz, Libmusicbrainz Svn | 2026-04-16 | N/A |
| Multiple buffer overflows in libmusicbrainz (aka mb_client or MusicBrainz Client Library) 2.1.2 and earlier, and SVN 8406 and earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a long Location header by the HTTP server, which triggers an overflow in the MBHttp::Download function in lib/http.cpp; and (2) a long URL in RDF data, as demonstrated by a URL in an rdf:resource field in an RDF XML document, which triggers overflows in many functions in lib/rdfparse.c. | ||||
| CVE-2006-4200 | 1 Soft3304 | 1 04webserver | 2026-04-16 | N/A |
| Unspecified vulnerability in 04WebServer 1.83 and earlier allows remote attackers to bypass user authentication via unspecified vectors related to request processing. | ||||
| CVE-2006-4202 | 1 Spidey Blog | 1 Spidey Blog Script | 2026-04-16 | N/A |
| SQL injection vulnerability in proje_goster.php in Spidey Blog Script 1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter. | ||||
| CVE-2003-1027 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 5.01 through 6 SP1 allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by using method caching (SaveRef) to access the window.moveBy method, which is otherwise inaccessible, as demonstrated by HijackClickV2, a different vulnerability than CVE-2003-0823, aka the "Function Pointer Drag and Drop Vulnerability." | ||||
| CVE-2006-4213 | 1 David Kent Norman | 1 Thatware | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in config.php in David Kent Norman Thatware 0.4.6 and possibly earlier allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter. | ||||
| CVE-2002-1139 | 1 Microsoft | 3 Windows 98 Plus Pack, Windows Me, Windows Xp | 2026-04-16 | N/A |
| The Compressed Folders feature in Microsoft Windows 98 with Plus! Pack, Windows Me, and Windows XP does not properly check the destination folder during the decompression of ZIP files, which allows attackers to place an executable file in a known location on a user's system, aka "Incorrect Target Path for Zipped File Decompression." | ||||
| CVE-2003-1033 | 1 Sap | 1 Sap Db | 2026-04-16 | N/A |
| The (1) instdbmsrv and (2) instlserver programs in SAP DB Development Tools 7.x trust the user-provided INSTROOT environment variable as a path when assigning setuid permissions to the lserver program, which allows local users to gain root privileges via a modified INSTROOT that points to a malicious dbmsrv or lserver program. | ||||
| CVE-2002-1143 | 1 Microsoft | 2 Excel, Word | 2026-04-16 | N/A |
| Microsoft Word and Excel allow remote attackers to steal sensitive information via certain field codes that insert the information when the document is returned to the attacker, as demonstrated in Word using (1) INCLUDETEXT or (2) INCLUDEPICTURE, aka "Flaw in Word Fields and Excel External Updates Could Lead to Information Disclosure." | ||||