Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-2166 1 Canon 2 Imagerunner 5000i, Imagerunner C3200 2026-04-16 N/A
The print-from-email feature in the Canon ImageRUNNER (iR) 5000i and C3200 digital printer, when not using IP address range filtering, allows remote attackers to print arbitrary text without authentication via a text/plain email to TCP port 25.
CVE-2000-0424 1 George Burgyan 1 Cgi Counter 2026-04-16 N/A
The CGI counter 4.0.7 by George Burgyan allows remote attackers to execute arbitrary commands via shell metacharacters.
CVE-2002-2149 1 Lucent 3 Access Point Service Router 1500, Access Point Service Router 300, Access Point Service Router 600 2026-04-16 N/A
Buffer overflow in Lucent Access Point 300, 600, and 1500 Service Routers allows remote attackers to cause a denial of service (reboot) via a long HTTP request to the administrative interface.
CVE-2000-0425 1 Lsoft 1 Listserv 2026-04-16 N/A
Buffer overflow in the Web Archives component of L-Soft LISTSERV 1.8 allows remote attackers to execute arbitrary commands.
CVE-2002-2150 1 Juniper 1 Netscreen Screenos 2026-04-16 N/A
Firewalls from multiple vendors empty state tables more slowly than they are filled, which allows remote attackers to flood state tables with packet flooding attacks such as (1) TCP SYN flood, (2) UDP flood, or (3) Crikey CRC Flood, which causes the firewall to refuse any new connections.
CVE-2000-0426 1 Ultrascripts 1 Ultraboard 2026-04-16 N/A
UltraBoard 1.6 and other versions allow remote attackers to cause a denial of service by referencing UltraBoard in the Session parameter, which causes UltraBoard to fork copies of itself.
CVE-2000-0431 1 Sun 2 Cobalt Raq 2, Cobalt Raq 3i 2026-04-16 N/A
Cobalt RaQ2 and RaQ3 does not properly set the access permissions and ownership for files that are uploaded via FrontPage, which allows attackers to bypass cgiwrap and modify files.
CVE-2002-2152 1 Software602 1 602pro Lan Suite 2026-04-16 N/A
The Czech edition of Software602's Web Server before 2002.0.02.0916 allows remote attackers to gain administrator privileges via direct HTTP requests to the /admin/ directory, which is not password protected.
CVE-2004-0658 1 Linux 1 Linux Kernel 2026-04-16 N/A
Integer overflow in the hpsb_alloc_packet function (incorrectly reported as alloc_hpsb_packet) in IEEE 1394 (Firewire) driver 2.4 and 2.6 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via the functions (1) raw1394_write, (2) state_connected, (3) handle_remote_request, or (4) hpsb_make_writebpacket.
CVE-2004-1564 1 W-agora 1 W-agora 2026-04-16 N/A
CRLF injection vulnerability in subscribe_thread.php in w-Agora 4.1.6a allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the thread parameter.
CVE-2000-0432 1 Matt Kruse 1 Calendar Script 2026-04-16 N/A
The calender.pl and the calendar_admin.pl calendar scripts by Matt Kruse allow remote attackers to execute arbitrary commands via shell metacharacters.
CVE-2002-2159 1 Linksys 3 Befsr11, Befsr41, Befsru31 2026-04-16 N/A
Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the firmware 1.42.7 upgrade installed opens TCP port 5678 for remote administration even when the "Block WAN" and "Remote Admin" options are disabled, which allows remote attackers to gain access.
CVE-2004-0659 1 Mplayer 1 Mplayer 2026-04-16 N/A
Buffer overflow in TranslateFilename for common.c in MPlayer 1.0pre4 allows remote attackers to execute arbitrary code via a long file name.
CVE-2004-1565 1 W-agora 1 W-agora 2026-04-16 N/A
list.php in w-Agora 4.1.6a allows remote attackers to reveal the full path via a crafted HTTP request, possibly involving a malformed id parameter.
CVE-2004-2167 1 Latex2rtf 1 Latex2rtf 2026-04-16 N/A
Multiple buffer overflows in LaTeX2rtf 1.9.15, and possibly other versions, allow remote attackers to execute arbitrary code via (1) the expandmacro function, and possibly (2) Environments and (3) TranslateCommand.
CVE-2000-0433 1 Suse 1 Suse Linux 2026-04-16 N/A
The SuSE aaa_base package installs some system accounts with home directories set to /tmp, which allows local users to gain privileges to those accounts by creating standard user startup scripts such as profiles.
CVE-2002-2168 1 Thorsten Korner 1 123tkshop 2026-04-16 N/A
SQL injection vulnerability in Thorsten Korner 123tkShop before 0.3.1 allows remote attackers to execute arbitrary SQL queries via various programs including function_describe_item1.inc.php.
CVE-2004-0660 1 Cutephp 1 Cutenews 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in (1) show_archives.php, (2) show_news.php, and possibly other php files in CuteNews 1.3.1 allows remote attackers to inject arbitrary script or HTML via the id parameter.
CVE-2004-2168 1 Baardsen Software 1 Basomail Server 2026-04-16 N/A
BaSoMail 1.24 allows remote attackers to cause a denial of service (CPU consumption) via multiple connections to TCP port (1) 25 (SMTP) or (2) 110 (POP3).
CVE-2000-0434 1 Matthew Redman 1 Allmanage 2026-04-16 N/A
The administrative password for the Allmanage web site administration software is stored in plaintext in a file which could be accessed by remote attackers.