Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1618 1 Vypress 1 Tonecast 2026-04-16 N/A
Vypress Tonecast 1.3 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed mp2 stream.
CVE-2001-0460 1 Baltimore Technologies 1 Websweeper 2026-04-16 N/A
Websweeper 4.0 does not limit the length of certain HTTP headers, which allows remote attackers to cause a denial of service (memory exhaustion) via an extremely large HTTP Referrer: header.
CVE-2003-0196 6 Compaq, Hp, Redhat and 3 more 9 Tru64, Cifs-9000 Server, Hp-ux and 6 more 2026-04-16 N/A
Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201.
CVE-2004-0784 2 Redhat, Rob Flynn 2 Enterprise Linux, Gaim 2026-04-16 N/A
The smiley theme functionality in Gaim before 0.82 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of the tar file that is dragged to the smiley selector.
CVE-2001-0462 1 Spencer Christensen 1 Perl Web Server 2026-04-16 N/A
Directory traversal vulnerability in Perl web server 0.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.
CVE-2003-0197 2 Borland Software, Firebirdsql 2 Interbase, Firebird 2026-04-16 N/A
Buffer overflow gds_lock_mgr of Interbase Database 6.x allows local users to gain privileges via a long ISC_LOCK_ENV environment variable (INTERBASE_LOCK).
CVE-2004-0785 2 Redhat, Rob Flynn 2 Enterprise Linux, Gaim 2026-04-16 N/A
Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) Rich Text Format (RTF) messages, (2) a long hostname for the local system as obtained from DNS, or (3) a long URL that is not properly handled by the URL decoder.
CVE-2004-1619 1 Akella 1 Privateers Bounty Age Of Sail Ii 2026-04-16 N/A
Buffer overflow in Privateer's Bounty: Age of Sail II allows remote attackers to execute arbitrary code via a long nickname.
CVE-2001-0463 1 Acme Labs 1 Perlcal 2026-04-16 N/A
Directory traversal vulnerability in cal_make.pl in PerlCal allows remote attackers to read arbitrary files via a .. (dot dot) in the p0 parameter.
CVE-2003-0198 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Mac OS X before 10.2.5 allows guest users to modify the permissions of the DropBox folder and read unauthorized files.
CVE-2004-1620 1 S9y 1 Serendipity 2026-04-16 N/A
CRLF injection vulnerability in Serendipity before 0.7rc1 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the url parameter in (1) index.php and (2) exit.php, or (3) the HTTP Referer field in comment.php.
CVE-2001-0464 1 Crosswind 1 Cyberscheduler 2026-04-16 N/A
Buffer overflow in websync.exe in Cyberscheduler allows remote attackers to execute arbitrary commands via a long tzs (timezone) parameter.
CVE-2001-0465 1 Intuit 1 Turbo Tax 2026-04-16 N/A
TurboTax saves passwords in a temporary file when a user imports investment tax information from a financial institution, which could allow local users to obtain sensitive information.
CVE-2003-0202 1 Brian Renaud 1 Metrics 2026-04-16 N/A
The (1) halstead and (2) gather_stats scripts in metrics 1.0 allow local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-2004-1621 1 Ibm 1 Lotus Domino 2026-04-16 N/A
NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in IBM Lotus Notes R6 and Domino R6, and possibly earlier versions, allows remote attackers to execute arbitrary web script or HTML via square brackets at the beginning and end of (1) computed for display, (2) computed when composed, or (3) computed text element fields. NOTE: the vendor has disputed this issue, saying that it is not a problem with Notes/Domino itself, but with the applications that do not properly handle this feature
CVE-2001-0466 1 Microburst 1 Ustorekeeper Online Shopping System 2026-04-16 N/A
Directory traversal vulnerability in ustorekeeper 1.61 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
CVE-2003-0203 2 Moxftp, Xftp 2 Moxftp, Xftp 2026-04-16 N/A
Buffer overflow in moxftp 2.2 and earlier allows remote malicious FTP servers to execute arbitrary code via a long FTP banner.
CVE-2004-0789 9 Axis, Delegate, Dnrd and 6 more 15 2100 Network Camera, 2110 Network Camera, 2120 Network Camera and 12 more 2026-04-16 N/A
Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men & Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU and network bandwidth consumption) by triggering a communications loop via (a) DNS query packets with localhost as a spoofed source address, or (b) a response packet that triggers a response packet.
CVE-2004-1622 1 Ubbcentral 1 Ubb.threads 2026-04-16 N/A
SQL injection vulnerability in dosearch.php in UBB.threads 3.4.x allows remote attackers to execute arbitrary SQL statements via the Name parameter.
CVE-2004-2211 1 Alivesites 1 Alivesites Forum 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in AliveSites Forums 2.0 allows remote attackers to inject arbitrary web script or HTML via the (1) forum_id, (2) method, or (3) forum_title parameters to post.asp, (4) the forum_title parameter to forum.asp, or (5) the id parameter to post.asp.