Search Results (364922 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0745 2 Redhat, Tsugio Okamoto 2 Enterprise Linux, Lha 2026-04-16 N/A
LHA 1.14 and earlier allows attackers to execute arbitrary commands via a directory with shell metacharacters in its name.
CVE-2003-0393 1 Privacyware 1 Privatefirewall 2026-04-16 N/A
Privacyware Privatefirewall 3.0 does not block certain incoming packets when in "Filter Internet Traffic" or Deny Internet Traffic" modes, which allows remote attackers to identify running services via FIN scans or Xmas scans.
CVE-2000-0845 1 Digital 1 Unix 2026-04-16 N/A
kdebug daemon (kdebugd) in Digital Unix 4.0F allows remote attackers to read arbitrary files by specifying the full file name in the initialization packet.
CVE-2000-0081 1 Microsoft 1 Hotmail 2026-04-16 N/A
Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute the code by using hexadecimal codes to specify the javascript: protocol, e.g. jAvascript.
CVE-2000-0846 1 Ashley Montanaro 1 Darxite 2026-04-16 N/A
Buffer overflow in Darxite 0.4 and earlier allows a remote attacker to execute arbitrary commands via a long username or password.
CVE-2005-2314 1 Phpsftpd 1 Phpsftpd 2026-04-16 N/A
inc.login.php in PHPsFTPd 0.2 through 0.4 allows remote attackers to obtain the administrator's username and password by setting the do_login parameter and performing an edit action using user.php, which causes the login check to be bypassed and leaks the password in the response.
CVE-2000-0848 1 Ibm 1 Websphere Application Server 2026-04-16 N/A
Buffer overflow in IBM WebSphere web application server (WAS) allows remote attackers to execute arbitrary commands via a long Host: request header.
CVE-2000-0849 1 Microsoft 1 Windows Media Services 2026-04-16 N/A
Race condition in Microsoft Windows Media server allows remote attackers to cause a denial of service in the Windows Media Unicast Service via a malformed request, aka the "Unicast Service Race Condition" vulnerability.
CVE-2005-2330 1 Oscommerce 1 Oscommerce 2026-04-16 N/A
Directory traversal vulnerability in extras/update.php in osCommerce 2.2 allows remote attackers to read arbitrary files via (1) .. sequences or (2) a full pathname in the readme_file parameter.
CVE-2001-1224 1 Les Vanbrunt 1 Adrotate Pro 2026-04-16 N/A
get_input in adrotate.pm for Les VanBrunt AdRotate Pro 2.0 allows remote attackers to modify the database and possibly execute arbitrary commands via a SQL code injection attack.
CVE-2005-2365 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2026-04-16 N/A
Unknown vulnerability in the SMB dissector in Ethereal 0.9.0 through 0.10.11 allows remote attackers to cause a buffer overflow or a denial of service (memory consumption) via unknown attack vectors.
CVE-2006-1377 2 Comoblog Project, Easymoblog 2 Comoblog, Easymoblog 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in img.php in (1) EasyMoblog 0.5.1 and (2) CoMoblog 1.1 allows remote attackers to inject arbitrary web script or HTML via the i parameter.
CVE-2000-0851 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Buffer overflow in the Still Image Service in Windows 2000 allows local users to gain additional privileges via a long WM_USER message, aka the "Still Image Service Privilege Escalation" vulnerability.
CVE-2001-0403 1 Sun 1 Sunos 2026-04-16 N/A
/opt/JSparm/bin/perfmon program in Solaris allows local users to create arbitrary files as root via the Logging File option in the GUI.
CVE-2001-1230 2 Icecast, Redhat 2 Icecast, Powertools 2026-04-16 N/A
Buffer overflows in Icecast before 1.3.10 allow remote attackers to cause a denial of service (crash) and execute arbitrary code.
CVE-2002-0028 1 Mirabilis 1 Icq 2026-04-16 N/A
Buffer overflow in ICQ before 2001B Beta v5.18 Build #3659 allows remote attackers to execute arbitrary code via a Voice Video & Games request.
CVE-2006-1518 2 Mysql, Oracle 2 Mysql, Mysql 2026-04-16 N/A
Buffer overflow in the open_table function in sql_base.cc in MySQL 5.0.x up to 5.0.20 might allow remote attackers to execute arbitrary code via crafted COM_TABLE_DUMP packets with invalid length values.
CVE-2004-0770 2 Debian, Dgen 2 Debian Linux, Emulator 2026-04-16 N/A
romload.c in DGen Emulator 1.23 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files during decompression of (1) gzip or (2) bzip ROM files.
CVE-2004-2040 1 E107 1 E107 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in e107 0.615 allow remote attackers to inject arbitrary web script or HTML via the (1) LAN_407 parameter to clock_menu.php, (2) "email article to a friend" field, (3) "submit news" field, or (4) avmsg parameter to usersettings.php.
CVE-2006-2378 1 Microsoft 4 Ie, Internet Explorer, Windows 2003 Server and 1 more 2026-04-16 N/A
Buffer overflow in the ART Image Rendering component (jgdw400.dll) in Microsoft Windows XP SP1 and Sp2, Server 2003 SP1 and earlier, and Windows 98 and Me allows remote attackers to execute arbitrary code via a crafted ART image that causes heap corruption.