Export limit exceeded: 29943 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29943 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0523 | 5 Mit, Redhat, Sgi and 2 more | 8 Kerberos, Kerberos 5, Enterprise Linux and 5 more | 2026-04-16 | N/A |
| Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root. | ||||
| CVE-2005-0124 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| The coda_pioctl function in the coda functionality (pioctl.c) for Linux kernel 2.6.9 and 2.4.x before 2.4.29 may allow local users to cause a denial of service (crash) or execute arbitrary code via negative vi.in_size or vi.out_size values, which may trigger a buffer overflow. | ||||
| CVE-2005-0400 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| The ext2_make_empty function call in the Linux kernel before 2.6.11.6 does not properly initialize memory when creating a block for a new directory entry, which allows local users to obtain potentially sensitive information by reading the block. | ||||
| CVE-2005-1402 | 1 Mtp-target | 1 Mtp-target | 2026-04-16 | N/A |
| Integer signedness error in certain older versions of the NeL library, as used in Mtp-Target 1.2.2 and earlier, and possibly other products, allows remote attackers to cause a denial of service (memory consumption or server crash) via a negative value in a STLport call, which is not caught by a signed comparison. | ||||
| CVE-2005-2458 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 allows remote attackers to cause a denial of service (kernel crash) via a compressed file with "improper tables". | ||||
| CVE-2006-0793 | 1 V-webmail | 1 V-webmail | 2026-04-16 | N/A |
| frameset.php in V-webmail 1.6.2 allows remote attackers to conduct phishing attacks by referencing arbitrary websites in the rframe parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-1070 | 1 Dvguestbook | 1 Dvguestbook | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in dv_gbook.php in DVguestbook 1.0 allows remote attackers to inject arbitrary web script or HTML via the f parameter. | ||||
| CVE-2000-0082 | 1 Microsoft | 1 Webtv | 2026-04-16 | N/A |
| WebTV email client allows remote attackers to force the client to send email without the user's knowledge via HTML. | ||||
| CVE-2006-1075 | 1 Jason Boettcher | 1 Liero Xtreme | 2026-04-16 | N/A |
| Format string vulnerability in the visualization function in Jason Boettcher Liero Xtreme 0.62b and earlier allows remote attackers to execute arbitrary code via format string specifiers in (1) a nickname, (2) a dedicated server name, or (3) a mapname in a level (aka .lxl) file. | ||||
| CVE-2000-0088 | 1 Microsoft | 4 Office, Office Converter Pack, Powerpoint and 1 more | 2026-04-16 | N/A |
| Buffer overflow in the conversion utilities for Japanese, Korean and Chinese Word 5 documents allows an attacker to execute commands, aka the "Malformed Conversion Data" vulnerability. | ||||
| CVE-2000-0098 | 1 Microsoft | 1 Index Server | 2026-04-16 | N/A |
| Microsoft Index Server allows remote attackers to determine the real path for a web directory via a request to an Internet Data Query file that does not exist. | ||||
| CVE-1999-0148 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| The handler CGI program in IRIX allows arbitrary command execution. | ||||
| CVE-1999-0149 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| The wrap CGI program in IRIX allows remote attackers to view arbitrary directory listings via a .. (dot dot) attack. | ||||
| CVE-1999-0151 | 1 Satan | 1 Satan | 2026-04-16 | N/A |
| The SATAN session key may be disclosed if the user points the web browser to other sites, possibly allowing root access. | ||||
| CVE-2000-0769 | 1 Oreilly | 1 Website Pro | 2026-04-16 | N/A |
| O'Reilly WebSite Pro 2.3.7 installs the uploader.exe program with execute permissions for all users, which allows remote attackers to create and execute arbitrary files by directly calling uploader.exe. | ||||
| CVE-2006-1363 | 1 Justin White | 1 Freewps | 2026-04-16 | N/A |
| images.php in Justin White (aka YTZ) Free Web Publishing System (FreeWPS) 2.11 allows remote attackers to execute arbitrary PHP code by uploading a .php file into the /upload directory as specified in the dirPath parameter, then performing a direct request to that file. | ||||
| CVE-2005-4818 | 1 Copernicus | 1 Europa | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Copernicus Europa allow remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-1393 | 1 University Of Washington | 1 Pubcookie | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the mod_pubcookie Apache application server module in University of Washington Pubcookie 1.x, 3.0.0, 3.1.0, 3.1.1, 3.2 before 3.2.1b, and 3.3 before 3.3.0a allow remote attackers to inject arbitrary web script or HTML via unspecified attack vectors. | ||||
| CVE-1999-0164 | 1 Sun | 1 Sunos | 2026-04-16 | N/A |
| A race condition in the Solaris ps command allows an attacker to overwrite critical files. | ||||
| CVE-1999-0168 | 1 Sun | 1 Sunos | 2026-04-16 | N/A |
| The portmapper may act as a proxy and redirect service requests from an attacker, making the request appear to come from the local host, possibly bypassing authentication that would otherwise have taken place. For example, NFS file systems could be mounted through the portmapper despite export restrictions. | ||||