Search Results (363296 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1557 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in ftpd in IBM AIX 4.3 and 5.1 allows attackers to gain privileges.
CVE-2001-1559 1 Openbsd 1 Openbsd 2026-04-16 5.5 Medium
The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide user mode return instead of versus rval kernel mode values to the fdrelease function, which allows local users to cause a denial of service and trigger a null dereference.
CVE-2001-1566 2 Vanessa, Verge 2 Vanessa Logger, Perdition 2026-04-16 N/A
Format string vulnerability in libvanessa_logger 0.0.1 in Perdition 0.1.8 allows remote attackers to execute arbitrary code via format string specifiers in the __vanessa_logger_log function.
CVE-2004-0106 3 Openbsd, Redhat, Xfree86 Project 4 Openbsd, Enterprise Linux, Linux and 1 more 2026-04-16 N/A
Multiple unknown vulnerabilities in XFree86 4.1.0 to 4.3.0, related to improper handling of font files, a different set of vulnerabilities than CVE-2004-0083 and CVE-2004-0084.
CVE-2004-0111 3 Gnome, Redhat, Sgi 6 Gdkpixbuf, Enterprise Linux, Gdk Pixbuf and 3 more 2026-04-16 N/A
gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file.
CVE-2005-4146 1 Lyris Technologies Inc 1 Listmanager 2026-04-16 N/A
Lyris ListManager before 8.9b allows remote attackers to obtain sensitive information via a request to the TCLHTTPd status module, which provides sensitive server configuration information.
CVE-2006-4667 1 Runcms 1 Runcms 2026-04-16 N/A
Multiple SQL injection vulnerabilities in RunCMS 1.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) uid parameter in (a) class/sessions.class.php, and the (2) timezone_offset and (3) umode parameters in (b) class/xoopsuser.php.
CVE-2002-0002 4 Engardelinux, Mandrakesoft, Redhat and 1 more 4 Secure Linux, Mandrake Linux, Linux and 1 more 2026-04-16 N/A
Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code.
CVE-2002-0004 8 Caldera, Debian, Freebsd and 5 more 9 Openlinux Server, Openlinux Workstation, Debian Linux and 6 more 2026-04-16 N/A
Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.
CVE-2002-0007 2 Mozilla, Redhat 2 Bugzilla, Powertools 2026-04-16 N/A
CGI.pl in Bugzilla before 2.14.1, when using LDAP, allows remote attackers to obtain an anonymous bind to the LDAP server via a request that does not include a password, which causes a null password to be sent to the LDAP server.
CVE-2002-0008 2 Mozilla, Redhat 2 Bugzilla, Powertools 2026-04-16 N/A
Bugzilla before 2.14.1 allows remote attackers to (1) spoof a user comment via an HTTP request to process_bug.cgi using the "who" parameter, instead of the Bugzilla_login cookie, or (2) post a bug as another user by modifying the reporter parameter to enter_bug.cgi, which is passed to post_bug.cgi.
CVE-2002-0009 2 Mozilla, Redhat 2 Bugzilla, Powertools 2026-04-16 N/A
show_bug.cgi in Bugzilla before 2.14.1 allows a user with "Bugs Access" privileges to see other products that are not accessible to the user, by submitting a bug and reading the resulting Product pulldown menu.
CVE-2002-0012 2 Redhat, Snmp 3 Linux, Powertools, Snmp 2026-04-16 N/A
Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available.
CVE-2002-0013 2 Redhat, Snmp 3 Linux, Powertools, Snmp 2026-04-16 N/A
Vulnerabilities in the SNMPv1 request handling of a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via (1) GetRequest, (2) GetNextRequest, and (3) SetRequest messages, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available.
CVE-2002-0018 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
In Microsoft Windows NT and Windows 2000, a trusting domain that receives authorization information from a trusted domain does not verify that the trusted domain is authoritative for all listed SIDs, which allows remote attackers to gain Domain Administrator privileges on the trusting domain by injecting SIDs from untrusted domains into the authorization data that comes from from the trusted domain.
CVE-2002-0025 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 5.01, 5.5 and 6.0 does not properly handle the Content-Type HTML header field, which allows remote attackers to modify which application is used to process a document.
CVE-2002-0032 1 Yahoo 1 Messenger 2026-04-16 N/A
Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to execute arbitrary script as other users via the addview parameter of a ymsgr URI.
CVE-2006-4678 1 Comscripts 1 News Evolution 2026-04-16 N/A
PHP remote file inclusion vulnerability in News Evolution 3.0.3 allows remote attackers to execute arbitrary PHP code via the _NE[AbsPath] parameter in (1) install.php and (2) migrateNE2toNE3.php.
CVE-2002-0037 1 Ibm 1 Lotus Domino Server 2026-04-16 N/A
Lotus Domino Servers 5.x, 4.6x, and 4.5x allows attackers to bypass the intended Reader and Author access list for a document's object via a Notes API call (NSFDbReadObject) that directly accesses the object.
CVE-2001-1538 1 Speedxess 1 Ha-120 Dsl Router 2026-04-16 N/A
SpeedXess HA-120 DSL router has a default administrative password of "speedxess", which allows remote attackers to gain access.