Search Results (365329 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1002 2 Canonical, Samba 2 Ubuntu Linux, Ppp 2026-04-16 7.5 High
Integer underflow in pppd in cbcp.c for ppp 2.4.1 allows remote attackers to cause a denial of service (daemon crash) via a CBCP packet with an invalid length value that causes pppd to access an incorrect memory location.
CVE-2001-0424 2 Freebsd, Timecop 2 Freebsd, Bubblemon 2026-04-16 N/A
BubbleMon 1.31 does not properly drop group privileges before executing programs, which allows local users to execute arbitrary commands with the kmem group id.
CVE-2001-0423 1 Sun 1 Solaris 2026-04-16 N/A
Buffer overflow in ipcs in Solaris 7 x86 allows local users to execute arbitrary code via a long TZ (timezone) environmental variable, a different vulnerability than CAN-2002-0093.
CVE-2005-2306 1 Macromedia 2 Coldfusion, Jrun 2026-04-16 N/A
Race condition in Macromedia JRun 4.0, ColdFusion MX 6.1 and 7.0, when under heavy load, causes JRun to assign a duplicate authentication token to multiple sessions, which could allow authenticated users to gain privileges as other users.
CVE-2004-1001 1 Debian 1 Shadow 2026-04-16 N/A
Unknown vulnerability in the passwd_check function in Shadow 4.0.4.1, and possibly other versions before 4.0.5, allows local users to conduct unauthorized activities when an error from a pam_chauthtok function call is not properly handled.
CVE-2005-3960 1 Kadu 1 Kadu 2026-04-16 N/A
Kadu 0.4.2 and 0.5.0pre allows remote attackers to cause a denial of service (crash or generated traffic) via a malformed message, possibly with incomplete information.
CVE-2005-2301 1 Powerdns 1 Powerdns 2026-04-16 N/A
PowerDNS before 2.9.18, when running with an LDAP backend, does not properly escape LDAP queries, which allows remote attackers to cause a denial of service (failure to answer ldap questions) and possibly conduct an LDAP injection attack.
CVE-2005-2300 1 Skype Technologies 1 Skype 2026-04-16 N/A
Skype 1.1.0.20 and earlier allows local users to overwrite arbitrary files via a symlink attack on the skype_profile.jpg temporary file.
CVE-2004-0993 1 Hp 1 Sockd 2026-04-16 N/A
Buffer overflow in hpsockd before 0.6 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code.
CVE-2005-3349 1 Gnu 1 Gnump3d 2026-04-16 N/A
GNU Gnump3d before 2.9.8 allows local users to modify or delete arbitrary files via a symlink attack on the index.lok temporary file.
CVE-2004-0991 2 Mpg123, Suse 2 Mpg123, Suse Linux 2026-04-16 N/A
Buffer overflow in mpg123 before 0.59s-r9 allows remote attackers to execute arbitrary code via frame headers in MP2 or MP3 files.
CVE-2001-0404 1 Sun 1 Javaserver Web Dev Kit 2026-04-16 N/A
Directory traversal vulnerability in JavaServer Web Dev Kit (JSWDK) 1.0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP request to the WEB-INF directory.
CVE-2004-0989 5 Redhat, Trustix, Ubuntu and 2 more 7 Enterprise Linux, Fedora Core, Secure Linux and 4 more 2026-04-16 N/A
Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy function, and other overflows related to manipulation of DNS length values, including (3) xmlNanoFTPConnect, (4) xmlNanoHTTPConnectHost, and (5) xmlNanoHTTPConnectHost.
CVE-2005-3958 1 Entergal Mx 1 Entergal Mx 2026-04-16 N/A
SQL injection vulnerability in index.php in Entergal MX 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) idcat parameter in a showcat action and (2) the action parameter.
CVE-2005-2286 1 Esi Products 1 Webeoc 2026-04-16 N/A
WebEOC before 6.0.2 does not properly check user authorization, which allows remote attackers to gain privileges via a direct request to a resource.
CVE-2005-0667 5 Altlinux, Gentoo, Redhat and 2 more 7 Alt Linux, Linux, Enterprise Linux and 4 more 2026-04-16 N/A
Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters that are not properly handled when the user replies to the message.
CVE-2004-0985 1 Microsoft 1 Ie 2026-04-16 N/A
Internet Explorer 6.x on Windows XP SP2 allows remote attackers to execute arbitrary code, as demonstrated using a document with a draggable file type such as .xml, .doc, .py, .cdf, .css, .pdf, or .ppt, and using ADODB.Connection and ADODB.recordset to write to a .hta file that is interpreted in the Local Zone by HTML Help.
CVE-2004-0983 5 Gentoo, Mandrakesoft, Redhat and 2 more 6 Linux, Mandrake Linux, Mandrake Linux Corporate Server and 3 more 2026-04-16 N/A
The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request.
CVE-2005-2283 1 Esi Products 1 Webeoc 2026-04-16 N/A
WebEOC before 6.0.2 does not properly restrict the size of an uploaded file, which allows remote authenticated users to cause a denial of service (system and database resource consumption) via a large file.
CVE-2001-0393 1 Navision 1 Financials Server 2026-04-16 N/A
Navision Financials Server 2.0 allows remote attackers to cause a denial of service via a series of connections to the server without providing a username/password combination, which consumes the license limits.