Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0027 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Directory traversal vulnerability in Sun Kodak Color Management System (KCMS) library service daemon (kcms_server) allows remote attackers to read arbitrary files via the KCS_OPEN_PROFILE procedure.
CVE-2000-1239 1 Ibm 1 Tivoli Management Framework 2026-04-16 N/A
The HTTP interface of Tivoli Lightweight Client Framework (LCF) in IBM Tivoli Management Framework 3.7.1 sets http_disable to zero at install time, which allows remote authenticated users to bypass file permissions on Tivoli Endpoint Configuration data files via an unspecified manipulation of log files.
CVE-2004-0723 1 Microsoft 1 Java Virtual Machine 2026-04-16 N/A
Microsoft Java virtual machine (VM) 5.0.0.3810 allows remote attackers to bypass sandbox restrictions to read or write certain data between applets from different domains via the "GET/Key" and "PUT/Key/Value" commands, aka "cross-site Java."
CVE-2004-1590 1 Clientexec 1 Clientexec 2026-04-16 N/A
Clientexec allows remote attackers to gain sensitive information via an HTTP request to phpinfo.php, which calls the phpinfo function.
CVE-2004-2180 1 Wowbb 1 Wowbb Web Forum 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in WowBB Forum 1.61 allow remote attackers to inject arbitrary web script or HTML via the (1) country parameter to view_user.php, (2) show parameter to view_forum.php, (3) letter parameter to view_user.php, (4) highlight parameter to view_topic.php, (5) show parameter to index.php, (6) q parameter to search.php, (7) Referer header to admin.php, or the (8) user_email parameter to login.php.
CVE-2004-2392 2 Mandrakesoft, Redhat 3 Mandrake Linux, Mandrake Linux Corporate Server, Enterprise Linux 2026-04-16 N/A
libuser 0.51.7 allows attackers to cause a denial of service (crash or disk consumption) via unknown attack vectors, related to read failures and other bugs.
CVE-2004-0726 1 Microsoft 1 Windows 2000 2026-04-16 N/A
The Windows Media Player control in Microsoft Windows 2000 allows remote attackers to execute arbitrary script in the local computer zone via an ASX filename that contains javascript, which is executed in the local context in a preview panel.
CVE-2003-0028 11 Cray, Freebsd, Gnu and 8 more 15 Unicos, Freebsd, Glibc and 12 more 2026-04-16 N/A
Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.
CVE-2001-0002 1 Microsoft 2 Internet Explorer, Windows Script Host 2026-04-16 N/A
Internet Explorer 5.5 and earlier allows remote attackers to obtain the physical location of cached content and open the content in the Local Computer Zone, then use compiled HTML help (.chm) files to execute arbitrary programs.
CVE-2003-0030 1 Protegrity 1 Secure.data 2026-04-16 N/A
Buffer overflows in protegrity.dll of Protegrity Secure.Data Extension Feature (SEF) before 2.2.3.9 allow attackers with SQL access to execute arbitrary code via the extended stored procedures (1) xp_pty_checkusers, (2) xp_pty_insert, or (3) xp_pty_select.
CVE-2004-0727 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 6.0.2800.1106 on Microsoft Windows XP SP2, and other versions including 5.01 and 5.5, allows remote web servers to bypass zone restrictions and execute arbitrary code in the local computer zone by redirecting a function to another function with the same name, as demonstrated by SimilarMethodNameRedir, aka the "Similar Method Name Redirection Cross Domain Vulnerability."
CVE-2003-0031 1 Mcrypt 1 Libmcrypt 2026-04-16 N/A
Multiple buffer overflows in libmcrypt before 2.5.5 allow attackers to cause a denial of service (crash).
CVE-2001-0003 1 Microsoft 4 Office, Windows 2000, Windows Me and 1 more 2026-04-16 N/A
Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me does not properly process Internet Explorer security settings for NTLM authentication, which allows attackers to obtain NTLM credentials and possibly obtain the password, aka the "Web Client NTLM Authentication" vulnerability.
CVE-2003-0032 1 Mcrypt 1 Libmcrypt 2026-04-16 N/A
Memory leak in libmcrypt before 2.5.5 allows attackers to cause a denial of service (memory exhaustion) via a large number of requests to the application, which causes libmcrypt to dynamically load algorithms via libtool.
CVE-2001-0079 1 Hp 1 Support Tools Manager 2026-04-16 N/A
Support Tools Manager (STM) A.22.00 for HP-UX allows local users to overwrite arbitrary files via a symlink attack on the tool_stat.txt log file.
CVE-2003-0061 1 Hp 1 Hp-ux 2026-04-16 N/A
Buffer overflow in passwd for HP UX B.10.20 allows local users to execute arbitrary commands with root privileges via a long LANG environment variable.
CVE-2004-0738 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
Multiple SQL injection vulnerabilities in the Search module in Php-Nuke allow remote attackers to execute arbitrary SQL via the (1) min or (2) categ parameters.
CVE-2004-1597 1 Rim 1 Blackberry 2026-04-16 N/A
RIM Blackberry 7230 running RIM Blackberry OS 3.7 SP1 allows remote attackers to cause a denial of service (device reboot and possibly data corruption) via a calendar message with a long Location field, which triggers a watchdog while the message is being stored.
CVE-2004-2183 1 Wehelpbus 1 Wehelpbus 2026-04-16 N/A
Unknown vulnerability in WeHelpBUS 0.1 allows remote attackers to execute arbitrary shell commands via the query string.
CVE-2001-0080 1 Cisco 3 Catalyst 4000, Catalyst 5000, Catalyst 6000 2026-04-16 N/A
Cisco Catalyst 6000, 5000, or 4000 switches allow remote attackers to cause a denial of service by connecting to the SSH service with a non-SSH client, which generates a protocol mismatch error.