Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1521 1 Qualcomm 1 Eudora 2026-04-16 N/A
Eudora 6.2.0.14 does not issue a warning when a user forwards an e-mail message that contains base64 or quoted-printable encoded attachments, which makes it easier for remote attackers to read arbitrary files via spoofed "Converted" headers.
CVE-2000-0377 1 Microsoft 1 Windows Nt 2026-04-16 N/A
The Remote Registry server in Windows NT 4.0 allows local authenticated users to cause a denial of service via a malformed request, which causes the winlogon process to fail, aka the "Remote Registry Access Authentication" vulnerability.
CVE-2002-2018 1 Sas 2 Base, Integration Technologies 2026-04-16 N/A
sastcpd in SAS/Base 8.0 might allow local users to gain privileges by setting the netencralg environment variable, which causes a segmentation fault.
CVE-2000-0379 1 Netopia 1 R-series Routers 2026-04-16 N/A
The Netopia R9100 router does not prevent authenticated users from modifying SNMP tables, even if the administrator has configured it to do so.
CVE-2002-2037 1 Cisco 5 Bams, Pgw 2200, Sc2200 and 2 more 2026-04-16 N/A
The Cisco Media Gateway Controller (MGC) in (1) SC2200 7.4 and earlier, (2) VSC3000 9.1 and earlier, (3) PGW 2200 9.1 and earlier, (4) Billing and Management Server (BAMS) and (5) Voice Services Provisioning Tool (VSPT) runs on default installations of Solaris 2.6 with unnecessary services and without the latest security patches, which allows attackers to exploit known vulnerabilities.
CVE-2004-0621 1 Zaireweb Solutions 1 Newsletter Zws 2026-04-16 N/A
admin.php in Newsletter ZWS allows remote attackers to gain administrative privileges via a list_user operation with the ulevel parameter set to 1 (administrator level), which lists all users and their passwords.
CVE-2004-1522 1 3do 1 Army Men Real Time Strategy Game 2026-04-16 N/A
Format string vulnerability in Army Men RTS 1.0 allows remote attackers to cause a denial of service (application crash) via a nickname that contains format strings.
CVE-2002-2050 1 Modlogan 1 Modlogan 2026-04-16 N/A
Directory traversal vulnerability in processor_web plugin for ModLogAn 0.5.0 through 0.7.11, when used with the splitby option, allows local users to overwrite arbitrary files via a .. (dot dot) in the hostname of a log entry.
CVE-2004-0622 1 Apple 1 Mac Os X 2026-04-16 N/A
Apple Mac OS X 10.3.4, 10.4, 10.5, and possibly other versions does not properly clear memory for login (aka Loginwindow.app), Keychain, or FileVault passwords, which could allow the root user or an attacker with physical access to obtain sensitive information by reading memory.
CVE-2004-1523 1 New Media Generation 1 Hired Team Trial 2026-04-16 N/A
Format string vulnerability in the game console in Hired Team: Trial 2.0 and earlier and 2.200 allows remote attackers to cause a denial of service (application crash) via format string specifiers in a message.
CVE-2000-0381 1 Gossamer Threads 1 Dbman 2026-04-16 N/A
The Gossamer Threads DBMan db.cgi CGI script allows remote attackers to view environmental variables and setup information by referencing a non-existing database in the db parameter.
CVE-2002-2051 1 Modlogan 1 Modlogan 2026-04-16 N/A
The processor_web plugin for ModLogAn 0.5.0 through 0.7.11, when used with the splitby option, allows local users to overwrite arbitrary files via a symlink attack on files specified as hostnames in a log file.
CVE-2004-0623 1 Gnu 1 Gnats 2026-04-16 N/A
Format string vulnerability in misc.c in GNU GNATS 4.00 may allow remote attackers to execute arbitrary code via format string specifiers in a string that gets logged by syslog.
CVE-2004-1524 1 New Media Generation 1 Hired Team Trial 2026-04-16 N/A
Hired Team: Trial 2.0 and earlier and 2.200 allows remote attackers to cause a denial of service (game interruption) via a malformed UDP packet sent to a game port, such as port 29200.
CVE-2004-2151 1 Virtual Projects 1 Chatman 2026-04-16 N/A
Chatman 1.1.1 RC1 and earlier allows remote attackers to cause a denial of service (memory consumption or application crash) via a very large data size.
CVE-2000-0382 1 Allaire 1 Clustercats 2026-04-16 N/A
ColdFusion ClusterCATS appends stale query string arguments to a URL during HTML redirection, which may provide sensitive information to the redirected site.
CVE-2002-2061 2 Mozilla, Netscape 2 Mozilla, Navigator 2026-04-16 N/A
Heap-based buffer overflow in Netscape 6.2.3 and Mozilla 1.0 and earlier allows remote attackers to crash client browsers and execute arbitrary code via a PNG image with large width and height values and an 8-bit or 16-bit alpha channel.
CVE-2004-0624 1 Artmedic Webdesign 1 Artmedic Links 2026-04-16 N/A
PHP remote file inclusion vulnerability in index.php for Artmedic links 5.0 (artmedic_links5) allows remote attackers to execute arbitrary PHP code by modifying the id parameter to reference a URL on a remote web server that contains the code.
CVE-2005-2271 1 Alexander Clauss 1 Icab 2026-04-16 N/A
iCab 2.9.8 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing Vulnerability."
CVE-2000-0383 1 Aol 1 Instant Messenger 2026-04-16 N/A
The file transfer component of AOL Instant Messenger (AIM) reveals the physical path of the transferred file to the remote recipient.