Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0365 1 Qualcomm 1 Eudora 2026-04-16 N/A
Eudora before 5.1 allows a remote attacker to execute arbitrary code, when the 'Use Microsoft Viewer' and 'allow executables in HTML content' options are enabled, via an HTML email message containing Javascript, with ActiveX controls and malicious code within IMG tags.
CVE-2001-0369 1 Digital 1 Unix 2026-04-16 N/A
Buffer overflow in lpsched on DGUX version R4.20MU06 and MU02 allows a local attacker to obtain root access via a long command line argument (non-existent printer name).
CVE-2005-0195 1 Cisco 1 Ios 2026-04-16 N/A
Cisco IOS 12.0S through 12.3YH allows remote attackers to cause a denial of service (device restart) via a crafted IPv6 packet.
CVE-2001-0374 1 Compaq 1 Web-enabled Management 2026-04-16 N/A
The HTTP server in Compaq web-enabled management software for (1) Foundation Agents, (2) Survey, (3) Power Manager, (4) Availability Agents, (5) Intelligent Cluster Administrator, and (6) Insight Manager can be used as a generic proxy server, which allows remote attackers to bypass access restrictions via the management port, 2301.
CVE-2004-0971 2 Mit, Redhat 2 Kerberos 5, Enterprise Linux 2026-04-16 N/A
The krb5-send-pr script in the kerberos5 (krb5) package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.
CVE-2005-1896 1 Flatnuke 1 Flatnuke 2026-04-16 N/A
Directory traversal vulnerability in thumb.php in FlatNuke 2.5.3 allows remote attackers to read arbitrary images or obtain the installation path via the image parameter.
CVE-2004-0972 3 Gentoo, Lvm, Redhat 3 Linux, Logical Volume Management Utilities, Enterprise Linux 2026-04-16 N/A
The lvmcreate_initrd script in the lvm package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.
CVE-2005-0664 2 Libexif, Redhat 2 Libexif, Enterprise Linux 2026-04-16 N/A
Buffer overflow in the EXIF library (libexif) 0.6.9 does not properly validate the structure of the EXIF tags, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a JPEG image with a crafted EXIF tag.
CVE-2005-3326 1 Mybulletinboard 1 Mybulletinboard 2026-04-16 N/A
SQL injection vulnerability in usercp.php in MyBulletinBoard (MyBB) allows remote attackers to execute arbitrary SQL commands via the awayday parameter.
CVE-2005-3948 1 Phpalbum.net 1 Phpalbum 2026-04-16 N/A
Directory traversal vulnerability in main.php in PHPAlbum 0.2.3 and earlier allows remote attackers to read arbitrary files via the (1) cmd and (2) var1 parameters.
CVE-2004-0974 3 Mandrakesoft, Netatalk, Redhat 4 Mandrake Linux, Mandrake Linux Corporate Server, Open Source Apple File Share Protocol Suite and 1 more 2026-04-16 N/A
The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.
CVE-2005-0665 1 John Bradley 1 Xv 2026-04-16 N/A
Format string vulnerability in xv before 3.10a allows remote attackers to execute arbitrary code via format string specifiers in a filename.
CVE-2005-3949 1 Webcalendar 1 Webcalendar 2026-04-16 N/A
Multiple SQL injection vulnerabilities in WebCalendar 1.0.1 allow remote attackers to execute arbitrary SQL commands via the (1) startid parameter to activity_log.php, (2) startid parameter to admin_handler.php, (3) template parameter to edit_template.php, and (4) multiple parameters to export_handler.php.
CVE-2001-0379 1 Hp 1 Hp-ux 2026-04-16 N/A
Vulnerability in the newgrp program included with HP9000 servers running HP-UX 11.11 allows a local attacker to obtain higher access rights.
CVE-2005-3950 1 Nufw 1 Nufw 2026-04-16 N/A
nuauth in NuFW 1.0.x before 1.0.16 and 1.1 allows authenticated users to cause a denial of service via malformed packets.
CVE-2001-0381 2 Pgp, Redhat 2 Openpgp, Linux 2026-04-16 N/A
The OpenPGP PGP standard allows an attacker to determine the private signature key via a cryptanalytic attack in which the attacker alters the encrypted private key file and captures a single message signed with the signature key.
CVE-2004-0980 3 Angus Mackay, Debian, Gentoo 3 Ez-ipupdate, Debian Linux, Linux 2026-04-16 N/A
Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code.
CVE-2005-2271 1 Alexander Clauss 1 Icab 2026-04-16 N/A
iCab 2.9.8 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing Vulnerability."
CVE-2001-0383 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
banners.php in PHP-Nuke 4.4 and earlier allows remote attackers to modify banner ad URLs by directly calling the Change operation, which does not require authentication.
CVE-2005-2272 1 Apple 1 Safari 2026-04-16 N/A
Safari version 2.0 (412) does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing Vulnerability."