Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0003 2 Gnu, Redhat 2 Groff, Linux 2026-04-16 N/A
Buffer overflow in the preprocessor in groff 1.16 and earlier allows remote attackers to gain privileges via lpd in the LPRng printing system.
CVE-2003-0848 2 Redhat, Slocate 3 Enterprise Linux, Linux, Slocate 2026-04-16 N/A
Heap-based buffer overflow in main.c of slocate 2.6, and possibly other versions, may allow local users to gain privileges via a modified slocate database that causes a negative "pathlen" value to be used.
CVE-2004-2318 1 Netwin 1 Surgeftp 2026-04-16 N/A
The administrative interface (surgeftpmgr.cgi) for SurgeFTP Server 1.0b through 2.2k1 allows remote attackers to cause a temporary denial of service (crash) via requests with two percent (%) signs in the CMD parameter.
CVE-2004-1001 1 Debian 1 Shadow 2026-04-16 N/A
Unknown vulnerability in the passwd_check function in Shadow 4.0.4.1, and possibly other versions before 4.0.5, allows local users to conduct unauthorized activities when an error from a pam_chauthtok function call is not properly handled.
CVE-2003-0851 3 Cisco, Openssl, Redhat 7 Css11000 Content Services Switch, Ios, Pix Firewall and 4 more 2026-04-16 N/A
OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences.
CVE-2002-0004 8 Caldera, Debian, Freebsd and 5 more 9 Openlinux Server, Openlinux Workstation, Debian Linux and 6 more 2026-04-16 N/A
Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.
CVE-2002-0029 3 Astaro, Isc, Redhat 3 Security Linux, Bind, Enterprise Linux 2026-04-16 N/A
Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the (1) getnetbyname, or (2) getnetbyaddr functions, aka "LIBRESOLV: buffer overrun" and a different vulnerability than CVE-2002-0684.
CVE-2003-0897 1 Microsoft 1 Windows Xp 2026-04-16 N/A
"Shatter" vulnerability in CommCtl32.dll in Windows XP may allow local users to execute arbitrary code by sending (1) BCM_GETTEXTMARGIN or (2) BCM_SETTEXTMARGIN button control messages to privileged applications.
CVE-2003-0898 1 Ibm 1 Db2 Universal Database 2026-04-16 N/A
IBM DB2 7.2 before FixPak 10a, and earlier versions including 7.1, allows local users to overwrite arbitrary files and gain privileges via a symlink attack on (1) db2job and (2) db2job2.
CVE-2002-0057 1 Microsoft 4 Internet Explorer, Sql Server, Windows Xp and 1 more 2026-04-16 N/A
XMLHTTP control in Microsoft XML Core Services 2.6 and later does not properly handle IE Security Zone settings, which allows remote attackers to read arbitrary files by specifying a local file as an XML Data Source.
CVE-2002-1566 1 Netris 1 Netris 2026-04-16 N/A
netris 0.5, and possibly other versions before 0.52, when running with the -w (wait) option, allows remote attackers to cause a denial of service (crash) via a long string to port 9284.
CVE-2003-0685 1 Netris 1 Netris 2026-04-16 N/A
Buffer overflow in Netris 0.52 and earlier, and possibly other versions, allows remote malicious Netris servers to execute arbitrary code on netris clients via a long server response.
CVE-2005-3187 1 Bluecoat 1 Winproxy 2026-04-16 N/A
The listening daemon in Blue Coat Systems Inc. WinProxy before 6.1a allows remote attackers to cause a denial of service (crash) via a long HTTP request that causes an out-of-bounds read.
CVE-2006-0084 1 Rasmp 1 Rasmp 2026-04-16 N/A
Cross-site scripting vulnerability in index.php in raSMP 2.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the $_SERVER[HTTP_USER_AGENT] variable (User-Agent header).
CVE-2002-0063 2 Easy Software Products, Redhat 2 Cups, Powertools 2026-04-16 N/A
Buffer overflow in ippRead function of CUPS before 1.1.14 may allow attackers to execute arbitrary code via long attribute names or language values.
CVE-2006-0090 1 Idv Directory Viewer 1 Idv Directory Viewer 2026-04-16 N/A
Directory traversal vulnerability in index.php in IDV Directory Viewer before 2005.1 allows remote attackers to view arbitrary directory contents via a .. (dot dot) in the dir parameter.
CVE-2006-0093 1 Ecardmax.com 1 Atcard Me Php 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in @Card ME PHP allows remote attackers to inject arbitrary web script or HTML via the cat parameter.
CVE-2002-0064 2 Bindview, Funk Software 2 Netrc, Funk Software Proxy 2026-04-16 N/A
Funk Software Proxy Host 3.x is installed with insecure permissions for the registry and the file system.
CVE-2006-2082 1 Id Software 1 Quake 3 Engine 2026-04-16 N/A
Directory traversal vulnerability in Quake 3 engine, as used in products including Quake3 Arena, Return to Castle Wolfenstein, Wolfenstein: Enemy Territory, and Star Trek Voyager: Elite Force, when the sv_allowdownload cvar is enabled, allows remote attackers to read arbitrary files from the server via ".." sequences in a .pk3 file request.
CVE-2006-2933 2 Kde, Redhat 3 Kde, Enterprise Linux, Enterprise Linux Desktop 2026-04-16 N/A
kdesktop_lock in kdebase before 3.1.3-5.11 for KDE in Red Hat Enterprise Linux (RHEL) 3 does not properly terminate, which can prevent the screensaver from activating or prevent users from manually locking the desktop.