Search Results (366857 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0956 3 Oracle, Suse, Ubuntu 3 Mysql, Suse Linux, Ubuntu Linux 2026-04-16 N/A
MySQL before 4.0.20 allows remote attackers to cause a denial of service (application crash) via a MATCH AGAINST query with an opening double quote but no closing double quote.
CVE-2001-1461 1 Rsa 1 Securid 2026-04-16 N/A
Directory traversal vulnerability in WebID in RSA Security SecurID 5.0 as used by ACE/Agent for Windows, Windows NT and Windows 2000 allows attackers to access restricted resources via URL-encoded (1) /.. or (2) \.. sequences.
CVE-2001-1472 1 Phpbb Group 1 Phpbb 2026-04-16 N/A
SQL injection vulnerability in prefs.php in phpBB 1.4.0 and 1.4.1 allows remote authenticated users to execute arbitrary SQL commands and gain administrative access via the viewemail parameter.
CVE-2004-0958 2 Php, Redhat 2 Php, Enterprise Linux 2026-04-16 N/A
php_variables.c in PHP before 5.0.2 allows remote attackers to read sensitive memory contents via (1) GET, (2) POST, or (3) COOKIE GPC variables that end in an open bracket character, which causes PHP to calculate an incorrect string length.
CVE-2003-0142 1 Adobe 1 Acrobat Reader 2026-04-16 N/A
Adobe Acrobat Reader (acroread) 6, under certain circumstances when running with the "Certified plug-ins only" option disabled, loads plug-ins with signatures used for older versions of Acrobat, which can allow attackers to cause Acrobat to enter Certified mode and run untrusted plugins by modifying the CTIsCertifiedMode function.
CVE-2004-0962 1 Apple 1 Apple Remote Desktop 2026-04-16 N/A
Apple Remote Desktop Client 1.2.4 executes a GUI application as root when it is started by an Apple Remote Desktop Administrator application, which allows remote authenticated users to execute arbitrary code when loginwindow is active via Fast User Switching.
CVE-2003-0177 1 Sgi 1 Irix 2026-04-16 N/A
SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, does not follow "-" entries in the /etc/group file, which may cause subsequent group membership entries to be processed inadvertently.
CVE-2003-0187 1 Linux 1 Linux Kernel 2026-04-16 N/A
The connection tracking core of Netfilter for Linux 2.4.20, with CONFIG_IP_NF_CONNTRACK enabled or the ip_conntrack module loaded, allows remote attackers to cause a denial of service (resource consumption) due to an inconsistency with Linux 2.4.20's support of linked lists, which causes Netfilter to fail to identify connections with an UNCONFIRMED status and use large timeouts.
CVE-2004-0964 2 Debian, Zinf 2 Debian Linux, Zinf 2026-04-16 N/A
Buffer overflow in Zinf 2.2.1 on Windows, and other older versions for Linux, allows remote attackers or local users to execute arbitrary code via certain values in a .pls file.
CVE-2004-0970 1 Gnu 1 Gzip 2026-04-16 N/A
The (1) gzexe, (2) zdiff, and (3) znew scripts in the gzip package, as used by other packages such as ncompress, allows local users to overwrite files via a symlink attack on temporary files. NOTE: the znew vulnerability may overlap CVE-2003-0367.
CVE-2003-1497 1 Linksys 1 Befsx41 2026-04-16 N/A
Buffer overflow in the system log viewer of Linksys BEFSX41 1.44.3 allows remote attackers to cause a denial of service via an HTTP request with a long Log_Page_Num variable.
CVE-2003-1531 1 Lilikoi 1 Ceilidh 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in testcgi.exe in Lilikoi Software Ceilidh 2.70 and earlier allows remote attackers to inject arbitrary web script or HTML via the query string.
CVE-2005-3560 1 Zonelabs 4 Zonealarm, Zonealarm Anti-spyware, Zonealarm Antivirus and 1 more 2026-04-16 N/A
Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite 6.0, (3) ZoneAlarm Anti-Virus 6.0, (4) ZoneAlarm Anti-Spyware 6.0 through 6.1, and (5) ZoneAlarm 6.0 allow remote attackers to bypass the "Advanced Program Control and OS Firewall filters" setting via URLs in "HTML Modal Dialogs" (window.location.href) contained within JavaScript tags.
CVE-2003-0346 1 Microsoft 1 Directx 2026-04-16 N/A
Multiple integer overflows in a Microsoft Windows DirectX MIDI library (QUARTZ.DLL) allow remote attackers to execute arbitrary code via a MIDI (.mid) file with (1) large length for a Text or Copyright string, or (2) a large number of tracks, which leads to a heap-based buffer overflow.
CVE-2004-0996 4 Cscope, Debian, Gentoo and 1 more 4 Cscope, Debian Linux, Linux and 1 more 2026-04-16 N/A
main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.
CVE-2003-0435 1 Typespeed 1 Typespeed 2026-04-16 N/A
Buffer overflow in net_swapscore for typespeed 0.4.1 and earlier allows remote attackers to execute arbitrary code.
CVE-2003-0437 1 Mnogosearch 1 Mnogosearch 2026-04-16 N/A
Buffer overflow in search.cgi for mnoGoSearch 3.2.10 allows remote attackers to execute arbitrary code via a long tmplt parameter.
CVE-2003-0440 3 Debian, Redhat, Semi 4 Debian Linux, Enterprise Linux, Linux and 1 more 2026-04-16 N/A
The (1) semi MIME library 1.14.5 and earlier, and (2) wemi 1.14.0 and possibly other versions, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-2003-0449 1 Progress 1 Database 2026-04-16 N/A
Progress Database 9.1 to 9.1D06 trusts user input to find and load libraries using dlopen, which allows local users to gain privileges via (1) a PATH environment variable that points to malicious libraries, as demonstrated using libjutil.so in_proapsv, or (2) the -installdir command line parameter, as demonstrated using librocket_r.so in _dbagent.
CVE-2003-0452 1 Gunnar Ritter 1 Osh 2026-04-16 N/A
Buffer overflows in osh before 1.7-11 allow local users to execute arbitrary code and bypass shell restrictions via (1) long environment variables or (2) long "file redirections."