Search Results (365329 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-1918 2 Gnu, Redhat 4 Tar, Enterprise Linux, Enterprise Linux Desktop and 1 more 2026-04-16 N/A
The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect optimization" that allows user-assisted attackers to overwrite arbitrary files via a crafted tar file, probably involving "/../" sequences with a leading "/".
CVE-2004-1053 1 Freebsd 1 Fetch 2026-04-16 N/A
Integer overflow in fetch on FreeBSD 4.1 through 5.3 allows remote malicious servers to execute arbitrary code via certain HTTP headers in an HTTP response, which lead to a buffer overflow.
CVE-2005-2373 1 Whitsoft Development 1 Slimftpd 2026-04-16 N/A
Buffer overflow in SlimFTPd 3.15 and 3.16 allows remote authenticated users to execute arbitrary code via a long directory name to (1) LIST, (2) DELE or (3) RNFR commands.
CVE-2005-4329 1 Php Arena 1 Pafiledb 2026-04-16 N/A
SQL injection vulnerability in pafiledb.php in PHP Arena paFileDB Extreme Edition RC 5 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) newsid and (2) id parameter.
CVE-2001-0634 1 Sun 1 Chilisoft 2026-04-16 N/A
Sun Chili!Soft ASP has weak permissions on various configuration files, which allows a local attacker to gain additional privileges and create a denial of service.
CVE-2001-0645 1 Axent 1 Netprowler 2026-04-16 N/A
Symantec/AXENT NetProwler 3.5.x contains several default passwords, which could allow remote attackers to (1) access to the management tier via the "admin" password, or (2) connect to a MySQL ODBC from the management tier using a blank password.
CVE-2001-0646 1 Maxum Development Corporation 1 Rumpus Ftp Server 2026-04-16 N/A
Maxum Rumpus FTP Server 1.3.3 and 2.0.3 dev 3 allows a remote attacker to perform a denial of service (hang) by creating a directory name of a specific length.
CVE-2001-0674 1 Robtex 1 Viking Server 2026-04-16 N/A
Directory traversal vulnerability in RobTex Viking Web server before 1.07-381 allows remote attackers to read arbitrary files via a hexadecimal encoded dot-dot attack (eg. http://www.server.com/%2e%2e/%2e%2e) in an HTTP URL request.
CVE-2004-1056 3 Linux, Redhat, Ubuntu 3 Linux Kernel, Enterprise Linux, Ubuntu Linux 2026-04-16 N/A
Direct Rendering Manager (DRM) driver in Linux kernel 2.6 does not properly check the DMA lock, which could allow remote attackers or local users to cause a denial of service (X Server crash) and possibly modify the video output.
CVE-2001-0439 5 Conectiva, Freebsd, Licq and 2 more 7 Linux, Freebsd, Licq and 4 more 2026-04-16 N/A
licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.
CVE-2001-0436 1 Dcscripts 2 Dcforum, Dcforum 2000 2026-04-16 N/A
dcboard.cgi in DCForum 2000 1.0 allows remote attackers to execute arbitrary commands by uploading a Perl program to the server and using a .. (dot dot) in the AZ parameter to reference the program.
CVE-2001-0435 1 Pgp 1 Pgp 2026-04-16 N/A
The split key mechanism used by PGP 7.0 allows a key share holder to obtain access to the entire key by setting the "Cache passphrase while logged on" option and capturing the passphrases of other share holders as they authenticate.
CVE-2001-0432 1 Trend Micro 1 Interscan Viruswall 2026-04-16 N/A
Buffer overflows in various CGI programs in the remote administration service for Trend Micro Interscan VirusWall 3.01 allow remote attackers to execute arbitrary commands.
CVE-2005-0241 2 Redhat, Squid 2 Enterprise Linux, Squid 2026-04-16 N/A
The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 and earlier does not properly set the debug context when it is handling "oversized" HTTP reply headers, which might allow remote attackers to poison the cache or bypass access controls based on header size.
CVE-2005-2313 1 Checkpoint 1 Secureclient Ng 2026-04-16 N/A
Check Point SecuRemote NG with Application Intelligence R54 allows attackers to obtain credentials and gain privileges via unknown attack vectors.
CVE-2005-3355 1 Gnu 1 Gnump3d 2026-04-16 N/A
Directory traversal vulnerability in GNU Gnump3d before 2.9.8 has unknown impact via "CGI parameters, and cookie values".
CVE-2005-2311 1 Sms 1 Sms 2026-04-16 N/A
SMS 1.9.2m and earlier allows local users to overwrite arbitrary files via a symlink attack on the (1) request1 or (2) request2 temporary files.
CVE-2005-0672 1 Ca3de 1 Ca3de 2026-04-16 N/A
Carsten's 3D Engine (Ca3DE), March 2004 version and earlier, allows remote attackers to execute arbitrary code via text strings that are not null terminated, which triggers a null dereference.
CVE-2001-0428 1 Cisco 1 Vpn 3000 Concentrator Series Software 2026-04-16 N/A
Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via an IP packet with an invalid IP option.
CVE-2005-2310 1 Nullsoft 1 Winamp 2026-04-16 N/A
Buffer overflow in Winamp 5.03a, 5.09 and 5.091, and other versions before 5.094, allows remote attackers to execute arbitrary code via an MP3 file with a long ID3v2 tag such as (1) ARTIST or (2) TITLE.