Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1538 1 Phpkit 1 Phpkit 2026-04-16 N/A
SQL injection vulnerability in include.php in PHPKIT 1.6.03 through 1.6.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2004-1568 1 Parachat 1 Parachat Server 2026-04-16 N/A
Directory traversal vulnerability in ParaChat Server 5.5 allows remote attackers to read arbitrary files via a ..%5C (hex-encoded dot dot) in the URL.
CVE-2004-2522 1 Geeos Team 1 Gattaca Server 2003 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in web.tmpl in Gattaca Server 2003 1.1.10.0 allows remote attackers to inject arbitrary web script or HTML via the (1) template or (2) language parameter.
CVE-2004-2523 1 Openftpd 1 Openftpd Ftp Server 2026-04-16 N/A
Format string vulnerability in the msg command (cat_message function in msg.c) in OpenFTPD 0.30.2 and earlier allows remote authenticated users to execute arbitrary code via format string specifiers in the message argument.
CVE-2004-0559 3 Mandrakesoft, Usermin, Webmin 4 Mandrake Linux, Mandrake Linux Corporate Server, Usermin and 1 more 2026-04-16 N/A
The maketemp.pl script in Usermin 1.070 and 1.080 allows local users to overwrite arbitrary files at install time via a symlink attack on the /tmp/.usermin directory.
CVE-2004-0688 5 Openbsd, Redhat, Suse and 2 more 6 Openbsd, Enterprise Linux, Network Satellite and 3 more 2026-04-16 N/A
Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file.
CVE-2004-0881 3 Gentoo, Getmail, Slackware 3 Linux, Getmail, Slackware Linux 2026-04-16 N/A
getmail 4.x before 4.2.0, and other versions before 3.2.5, when run as root, allows local users to write files in arbitrary directories via a symlink attack on subdirectories in the maildir.
CVE-2004-0904 4 Conectiva, Mozilla, Netscape and 1 more 10 Linux, Firefox, Mozilla and 7 more 2026-04-16 N/A
Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows.
CVE-2004-0908 2 Mozilla, Redhat 3 Mozilla, Thunderbird, Enterprise Linux 2026-04-16 N/A
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows untrusted Javascript code to read and write to the clipboard, and possibly obtain sensitive information, via script-generated events such as Ctrl-Ins.
CVE-2004-1585 1 Jera Technology 1 Flash Messaging 2026-04-16 N/A
Flash Messaging 5.2.0g (rev 1.1.2) and earlier allows remote attackers to cause a denial of service (application crash) via certain wide characters.
CVE-1999-0211 1 Sun 1 Sunos 2026-04-16 N/A
Extra long export lists over 256 characters in some mount daemons allows NFS directories to be mounted by anyone.
CVE-2002-0177 2 Icecast, Redhat 2 Icecast, Powertools 2026-04-16 N/A
Buffer overflows in icecast 1.3.11 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request from an MP3 client.
CVE-2002-0276 1 Ettercap 1 Ettercap 2026-04-16 N/A
Buffer overflow in various decoders in Ettercap 0.6.3.1 and earlier, when running on networks with an MTU greater than 2000, allows remote attackers to execute arbitrary code via large packets.
CVE-2005-1192 1 Hp 1 Hp-ux 2026-04-16 N/A
Unknown vulnerability in HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and B.11.23, when running TCP/IP on IPv4, allows remote attackers to cause a denial of service via certain packets, related to the PMTU, a different vulnerability than CVE-2004-1060.
CVE-2004-1648 1 Web Animations 1 Password Protect 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in (1) index.asp, (2) ChangePassword.asp, (3) users_list.asp, (4) and users_add.asp in Password Protect allows remote attackers to inject arbitrary web script or HTML via the ShowMsg parameter.
CVE-2004-2539 1 Network Appliance 2 Data Ontap, Netcache 2026-04-16 N/A
Unknown vulnerability in Network Appliance NetCache 5.2 and Data ONTAP 6.0 allows remote attackers to cause a denial of service (panic and reboot) and possibly other impacts via unknown attack vectors, possibly related to unspecified worms, as identified by bug ID
CVE-2005-1349 1 Perl 1 Convert Uulib 2026-04-16 N/A
Buffer overflow in Convert-UUlib (Convert::UUlib) before 1.051 allows remote attackers to execute arbitrary code via a malformed parameter to a read operation.
CVE-2005-4653 1 Al-caricatier 1 Al-caricatier 2026-04-16 N/A
Unspecified vulnerability in ss.php in AL-Caricatier 2.5 and earlier allows remote attackers to bypass login authentication by requesting view_caricatier.php, and then requesting any file in the admin directory with a cookie_username=admin argument.
CVE-2005-4654 1 Hp 1 Oracle For Openview 2026-04-16 N/A
Multiple unspecified vulnerabilities in Oracle for OpenView (OfO) 8.1.7, 9.1.01, and 9.2, and OfO for Linux, allow remote attackers to have an unknown impact via unknown attack vectors. NOTE: because of the lack of details in the vendor advisory, it is unclear which set of existing CVEs this advisory might refer to.
CVE-2005-4655 1 Php Fusion 1 Php Fusion 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in submit.php in PHP-Fusion 6.0.204 allows remote attackers to inject arbitrary web script or HTML via nested tags in the news_body parameter, as demonstrated by elements such as "<me<meta>ta" and "<sc<script>ript>".