Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1141 2 Openssl, Ssleay 2 Openssl, Ssleay 2026-04-16 N/A
The Pseudo-Random Number Generator (PRNG) in SSLeay and OpenSSL before 0.9.6b allows attackers to use the output of small PRNG requests to determine the internal state information, which could be used by attackers to predict future pseudo-random numbers.
CVE-2001-1229 3 Icecast, Libshout, Redhat 3 Icecast, Libshout, Powertools 2026-04-16 N/A
Buffer overflows in (1) Icecast before 1.3.9 and (2) libshout before 1.0.4 allow remote attackers to cause a denial of service (crash) and execute arbitrary code.
CVE-2005-2514 1 Apple 1 Mac Os X 2026-04-16 N/A
Buffer overflow in ping in Mac OS X 10.3.9 allows local users to execute arbitrary code.
CVE-2001-1146 1 Lee Herron 1 Allcommerce 2026-04-16 N/A
AllCommerce with debugging enabled in EnGarde Secure Linux 1.0.1 creates temporary files with predictable names, which allows local users to modify files via a symlink attack.
CVE-2001-1232 1 Novell 1 Groupwise 2026-04-16 N/A
GroupWise WebAccess 5.5 with directory indexing enabled allows a remote attacker to view arbitrary directory contents via an HTTP request with a lowercase "get".
CVE-2005-0623 1 Raidenhttpd 1 Raidenhttpd 2026-04-16 N/A
Buffer overflow in RaidenHTTPD 1.1.32, and possibly other versions before 1.1.34, allows remote attackers to execute arbitrary code via a long URL.
CVE-2001-1149 1 Panda 1 Panda Antivirus Platinum 2026-04-16 N/A
Panda Antivirus Platinum before 6.23.00 allows a remore attacker to cause a denial of service (crash) when a user selects an action for a malformed UPX packed executable file.
CVE-2001-1233 1 Novell 2 Groupwise Webaccess, Netware 2026-04-16 N/A
Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with Novell Directory Services (NDS) enabled allows remote attackers to enumerate user names, group names and other system information by accessing ndsobj.nlm.
CVE-2001-1234 1 Gallery Project 1 Gallery 2026-04-16 N/A
Bharat Mediratta Gallery PHP script before 1.2.1 allows remote attackers to execute arbitrary code by including files from remote web sites via an HTTP request that modifies the includedir variable.
CVE-2005-4334 1 John Andersson 1 Zixforum 2026-04-16 N/A
SQL injection vulnerability in ZixForum 1.12 allows remote attackers to execute arbitrary SQL commands via the H_ID parameter to (1) zixforum/forum.asp, as used in (2) Headforums.asp and (3) Subject.asp.
CVE-2005-2517 1 Apple 2 Mac Os X, Safari 2026-04-16 N/A
Safari in Mac OS X 10.3.9 and 10.4.2 submits forms from an XSL formatted page to the next page that is browsed by the user, which causes form data to be sent to the wrong site.
CVE-2005-3989 1 Avaya 1 Tn2602ap Ip Media Resource 320 Circuit Pack 2026-04-16 N/A
Memory leak in Avaya TN2602AP IP Media Resource 320 circuit pack before vintage 9 firmware allows remote attackers to cause a denial of service (memory consumption) via crafted VoIP packets.
CVE-2005-4336 1 Courseforum 1 Projectforum 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in ProjectForum 4.7.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) fwd parameter in admin/adminsignin.html and (2) originalpageid parameter in admin/newpage.html associated with a group.
CVE-2001-1240 1 Engardelinux 1 Secure Linux 2026-04-16 N/A
The default configuration of sudo in Engarde Secure Linux 1.0.1 allows any user in the admin group to run certain commands that could be leveraged to gain full root access.
CVE-2005-0627 1 Trolltech 1 Qt 2026-04-16 N/A
Qt before 3.3.4 searches the BUILD_PREFIX directory, which could be world-writable, to load shared libraries regardless of the LD_LIBRARY_PATH environment variable, which allows local users to execute arbitrary programs.
CVE-2005-2522 1 Apple 2 Mac Os X, Safari 2026-04-16 N/A
Safari in WebKit in Mac OS X 10.4 to 10.4.2 directly accesses URLs within PDF files without the normal security checks, which allows remote attackers to execute arbitrary code via links in a PDF file.
CVE-2005-2523 1 Apple 2 Mac Os X, Weblog Server 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Weblog Server in Mac OS X 10.4 to 10.4.2 allow remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2005-3450 1 Oracle 1 Application Server 2026-04-16 N/A
Unspecified vulnerability in the HTTP Server in Oracle Application Server 1.0 up to 9.0.2.3 has unknown impact and attack vectors, as identified by Oracle Vuln# AS04.
CVE-2005-2525 2 Apple, Easy Software Products 2 Mac Os X, Cups 2026-04-16 N/A
CUPS in Mac OS X 10.3.9 and 10.4.2 does not properly close file descriptors when handling multiple simultaneous print jobs, which allows remote attackers to cause a denial of service (printing halt).
CVE-2001-1175 2 Andries Brouwer, Redhat 2 Util-linux, Linux 2026-04-16 N/A
vipw in the util-linux package before 2.10 causes /etc/shadow to be world-readable in some cases, which would make it easier for local users to perform brute force password guessing.