Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1144 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
Unknown vulnerability in the 32bit emulation code in Linux 2.4 on AMD64 systems allows local users to gain privileges.
CVE-2005-2542 1 Invision Power Services 1 Invision Board 2026-04-16 N/A
Invision Power Board (IPB) 1.0.3 allows remote attackers to inject arbitrary web script or HTML via an attachment, which is automatically downloaded and processed as HTML.
CVE-2004-1150 1 Nullsoft 1 Winamp 2026-04-16 N/A
Stack-based buffer overflow in the in_cdda.dll plugin for Winamp 5.0 through 5.08c allows attackers to execute arbitrary code via a cda:// URL with a long (1) device name or (2) sound track number, as demonstrated with a .m3u or .pls playlist file.
CVE-2004-1151 2 Linux, Ubuntu 2 Linux Kernel, Ubuntu Linux 2026-04-16 N/A
Multiple buffer overflows in the (1) sys32_ni_syscall and (2) sys32_vm86_warning functions in sys_ia32.c for Linux 2.6.x may allow local attackers to modify kernel memory and gain privileges.
CVE-2005-0705 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2026-04-16 N/A
The GPRS-LLC dissector in Ethereal 0.10.7 through 0.10.9, with the "ignore cipher bit" option enabled. allows remote attackers to cause a denial of service (application crash).
CVE-2004-1163 1 Cisco 1 Cns Network Registrar 2026-04-16 N/A
Cisco CNS Network Registrar Central Configuration Management (CCM) server 6.0 through 6.1.1.3 allows remote attackers to cause a denial of service (CPU consumption) by ending a connection after sending a certain sequence of packets.
CVE-2004-1165 2 Kde, Redhat 3 Kdelibs, Konqueror, Enterprise Linux 2026-04-16 N/A
Konqueror 3.3.1 allows remote attackers to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded newline ("%0a") before the FTP command, which causes the commands to be inserted into the resulting FTP session, as demonstrated using a PORT command.
CVE-2001-1382 1 Openbsd 1 Openssh 2026-04-16 N/A
The "echo simulation" traffic analysis countermeasure in OpenSSH before 2.9.9p2 sends an additional echo packet after the password and carriage return is entered, which could allow remote attackers to determine that the countermeasure is being used.
CVE-2004-1167 1 Gentoo 1 Mirrorselect 2026-04-16 N/A
mirrorselect before 0.89 creates temporary files in a world-writable location with predictable file names, which allows remote attackers to overwrite arbitrary files via a symlink attack.
CVE-2005-0708 2 Dragonflybsd, Freebsd 2 Dragonflybsd, Freebsd 2026-04-16 N/A
The sendfile system call in FreeBSD 4.8 through 4.11 and 5 through 5.4 can transfer portions of kernel memory if a file is truncated while it is being sent, which could allow remote attackers to obtain sensitive information.
CVE-2001-1385 3 Mandrakesoft, Php, Redhat 3 Mandrake Linux, Php, Linux 2026-04-16 N/A
The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the 'engine = off' option for a virtual host, may disable PHP for other virtual hosts, which could cause Apache to serve the source code of PHP scripts.
CVE-2005-0722 1 Experience2 1 Experience2 2026-04-16 N/A
eXPerience2 allows remote attackers to obtain the full path for the web root via a direct request to modules.php without any parameters, which leaks the path in a PHP error message.
CVE-2001-1470 1 Ssh 1 Ssh 2026-04-16 N/A
The IDEA cipher as implemented by SSH1 does not protect the final block of a message against modification, which allows remote attackers to modify the block without detection by changing its cyclic redundancy check (CRC) to match the modifications to the message.
CVE-2001-1521 1 Postnuke Software Foundation 1 Postnuke 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in user.php in PostNuke 0.64 allows remote attackers to inject arbitrary web script or HTML via the uname parameter.
CVE-2005-3468 1 F-secure 2 F-secure Anti-virus, Internet Gatekeeper 2026-04-16 N/A
Directory traversal vulnerability in F-Secure Anti-Virus for Microsoft Exchange 6.40 and Internet Gatekeeper 6.40 to 6.42 allows limited remote attackers to bypass Web Console authentication and read files.
CVE-2004-1184 4 Gnu, Redhat, Sgi and 1 more 5 Enscript, Enterprise Linux, Fedora Core and 2 more 2026-04-16 N/A
The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters.
CVE-2005-3469 1 News2net 1 News2net 2026-04-16 N/A
SQL injection vulnerability in index.php in News2Net 3.0.0.0 allows remote attackers to execute arbitrary SQL commands via the category parameter.
CVE-2001-1477 1 Bea 1 Tuxedo 2026-04-16 N/A
The Domain gateway in BEA Tuxedo 7.1 does not perform authorization checks for imported services and qspaces on remote domains, even when an ACL exists, which allows users to access services in a remote domain.
CVE-2001-1479 1 Sun 1 Management\+center 2026-04-16 N/A
smcboot in Sun SMC (Sun Management Center) 2.0 in Solaris 8 allows local users to delete arbitrary files via a symlink attack on /tmp/smc$SMC_PORT.
CVE-2001-1563 2 Apache, Hp 2 Tomcat, Secure Os 2026-04-16 N/A
Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers.