Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-2301 1 Powerdns 1 Powerdns 2026-04-16 N/A
PowerDNS before 2.9.18, when running with an LDAP backend, does not properly escape LDAP queries, which allows remote attackers to cause a denial of service (failure to answer ldap questions) and possibly conduct an LDAP injection attack.
CVE-2005-3960 1 Kadu 1 Kadu 2026-04-16 N/A
Kadu 0.4.2 and 0.5.0pre allows remote attackers to cause a denial of service (crash or generated traffic) via a malformed message, possibly with incomplete information.
CVE-2004-1001 1 Debian 1 Shadow 2026-04-16 N/A
Unknown vulnerability in the passwd_check function in Shadow 4.0.4.1, and possibly other versions before 4.0.5, allows local users to conduct unauthorized activities when an error from a pam_chauthtok function call is not properly handled.
CVE-2005-2306 1 Macromedia 2 Coldfusion, Jrun 2026-04-16 N/A
Race condition in Macromedia JRun 4.0, ColdFusion MX 6.1 and 7.0, when under heavy load, causes JRun to assign a duplicate authentication token to multiple sessions, which could allow authenticated users to gain privileges as other users.
CVE-2001-0423 1 Sun 1 Solaris 2026-04-16 N/A
Buffer overflow in ipcs in Solaris 7 x86 allows local users to execute arbitrary code via a long TZ (timezone) environmental variable, a different vulnerability than CAN-2002-0093.
CVE-2001-0424 2 Freebsd, Timecop 2 Freebsd, Bubblemon 2026-04-16 N/A
BubbleMon 1.31 does not properly drop group privileges before executing programs, which allows local users to execute arbitrary commands with the kmem group id.
CVE-2001-0428 1 Cisco 1 Vpn 3000 Concentrator Series Software 2026-04-16 N/A
Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via an IP packet with an invalid IP option.
CVE-2005-0672 1 Ca3de 1 Ca3de 2026-04-16 N/A
Carsten's 3D Engine (Ca3DE), March 2004 version and earlier, allows remote attackers to execute arbitrary code via text strings that are not null terminated, which triggers a null dereference.
CVE-2005-2311 1 Sms 1 Sms 2026-04-16 N/A
SMS 1.9.2m and earlier allows local users to overwrite arbitrary files via a symlink attack on the (1) request1 or (2) request2 temporary files.
CVE-2005-0241 2 Redhat, Squid 2 Enterprise Linux, Squid 2026-04-16 N/A
The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 and earlier does not properly set the debug context when it is handling "oversized" HTTP reply headers, which might allow remote attackers to poison the cache or bypass access controls based on header size.
CVE-2005-2313 1 Checkpoint 1 Secureclient Ng 2026-04-16 N/A
Check Point SecuRemote NG with Application Intelligence R54 allows attackers to obtain credentials and gain privileges via unknown attack vectors.
CVE-2001-0432 1 Trend Micro 1 Interscan Viruswall 2026-04-16 N/A
Buffer overflows in various CGI programs in the remote administration service for Trend Micro Interscan VirusWall 3.01 allow remote attackers to execute arbitrary commands.
CVE-2001-0435 1 Pgp 1 Pgp 2026-04-16 N/A
The split key mechanism used by PGP 7.0 allows a key share holder to obtain access to the entire key by setting the "Cache passphrase while logged on" option and capturing the passphrases of other share holders as they authenticate.
CVE-2001-0436 1 Dcscripts 2 Dcforum, Dcforum 2000 2026-04-16 N/A
dcboard.cgi in DCForum 2000 1.0 allows remote attackers to execute arbitrary commands by uploading a Perl program to the server and using a .. (dot dot) in the AZ parameter to reference the program.
CVE-2001-0439 5 Conectiva, Freebsd, Licq and 2 more 7 Linux, Freebsd, Licq and 4 more 2026-04-16 N/A
licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.
CVE-2001-0446 1 Ibm 1 Websphere Commerce Suite 2026-04-16 N/A
IBM WCS (WebSphere Commerce Suite) 4.0.1 with Application Server 3.0.2 allows remote attackers to read source code for .jsp files by appending a / to the requested URL.
CVE-2001-0451 1 Sentraweb 1 Indexu 2026-04-16 N/A
INDEXU 2.0 beta and earlier allows remote attackers to bypass authentication and gain privileges by setting the cookie_admin_authenticated cookie value to 1.
CVE-2001-0454 1 Whitsoft 1 Slimserve 2026-04-16 N/A
Directory traversal vulnerability in SlimServe HTTPd 1.1a allows remote attackers to read arbitrary files via a ... (modified dot dot) in the HTTP request.
CVE-2001-0456 1 Debian 1 Debian Linux 2026-04-16 N/A
postinst installation script for Proftpd in Debian 2.2 does not properly change the "run as uid/gid root" configuration when the user enables anonymous access, which causes the server to run at a higher privilege than intended.
CVE-2001-0457 1 Debian 1 Debian Linux 2026-04-16 N/A
man2html before 1.5-22 allows remote attackers to cause a denial of service (memory exhaustion).