Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0134 2 Compaq, Digital 15 Armada Insight Manager, Enterprise Volume Manager-command Scripter, Foundation Agents and 12 more 2026-04-16 N/A
Buffer overflow in cpqlogin.htm in web-enabled agents for various Compaq management software products such as Insight Manager and Management Agents allows remote attackers to execute arbitrary commands via a long user name.
CVE-2004-0752 2 Openoffice, Redhat 2 Openoffice, Enterprise Linux 2026-04-16 N/A
OpenOffice (OOo) 1.1.2 creates predictable directory names with insecure permissions during startup, which may allow local users to read or list files of other users.
CVE-2004-1605 2 Best Software, Saleslogix Corporation 2 Saleslogix, Saleslogix 2026-04-16 N/A
SalesLogix 6.1 allows remote attackers to bypass authentication by modifying the slxweb cookie to set user=Admin, teams=ADMIN!, and usertype=Administrator.
CVE-2001-0135 1 Ultrascripts 1 Ultraboard 2026-04-16 N/A
The default installation of Ultraboard 2000 2.11 creates the Skins, Database, and Backups directories with world-writeable permissions, which could allow local users to modify sensitive information or possibly insert and execute CGI programs.
CVE-2004-2195 1 Zanfi Solutions 1 Zanfi Cms Lite 2026-04-16 N/A
PHP remote file inclusion vulnerability in index.php in Zanfi CMS lite 1.1 allows remote attackers to execute arbitrary PHP code via the inc parameter.
CVE-2003-0100 1 Cisco 1 Ios 2026-04-16 N/A
Buffer overflow in Cisco IOS 11.2.x to 12.0.x allows remote attackers to cause a denial of service and possibly execute commands via a large number of OSPF neighbor announcements.
CVE-2001-0137 1 Microsoft 1 Windows Media Player 2026-04-16 N/A
Windows Media Player 7 allows remote attackers to execute malicious Java applets in Internet Explorer clients by enclosing the applet in a skin file named skin.wmz, then referencing that skin in the codebase parameter to an applet tag, aka the Windows Media Player Skins File Download" vulnerability.
CVE-2003-0101 3 Engardelinux, Usermin, Webmin 3 Guardian Digital Webtool, Usermin, Webmin 2026-04-16 N/A
miniserv.pl in (1) Webmin before 1.070 and (2) Usermin before 1.000 does not properly handle metacharacters such as line feeds and carriage returns (CRLF) in Base-64 encoded strings during Basic authentication, which allows remote attackers to spoof a session ID and gain root privileges.
CVE-2001-0139 5 Caldera, Debian, Immunix and 2 more 7 Openlinux Desktop, Openlinux Edesktop, Openlinux Eserver and 4 more 2026-04-16 N/A
inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations.
CVE-2003-0102 3 File, Netbsd, Redhat 4 File, Netbsd, Enterprise Linux and 1 more 2026-04-16 N/A
Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize).
CVE-2004-0754 2 Redhat, Rob Flynn 2 Enterprise Linux, Gaim 2026-04-16 N/A
Integer overflow in Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the size variable in Groupware server messages.
CVE-2001-0145 1 Microsoft 2 Outlook, Outlook Express 2026-04-16 N/A
Buffer overflow in VCard handler in Outlook 2000 and 98, and Outlook Express 5.x, allows an attacker to execute arbitrary commands via a malformed vCard birthday field.
CVE-2001-0154 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
HTML e-mail feature in Internet Explorer 5.5 and earlier allows attackers to execute attachments by setting an unusual MIME type for the attachment, which Internet Explorer does not process correctly.
CVE-2003-0103 1 Nokia 1 6210 Handset 2026-04-16 N/A
Format string vulnerability in Nokia 6210 handset allows remote attackers to cause a denial of service (crash, lockup, or restart) via a Multi-Part vCard with fields containing a large number of format string specifiers.
CVE-2004-0755 2 Redhat, Yukihiro Matsumoto 2 Enterprise Linux, Ruby 2026-04-16 N/A
The FileStore capability in CGI::Session for Ruby before 1.8.1, and possibly PStore, creates files with insecure permissions, which can allow local users to steal session information and hijack sessions.
CVE-2001-0167 1 Att 1 Winvnc 2026-04-16 N/A
Buffer overflow in AT&T WinVNC (Virtual Network Computing) client 3.3.3r7 and earlier allows remote attackers to execute arbitrary commands via a long rfbConnFailed packet with a long reason string.
CVE-2003-0104 1 Peoplesoft 1 Peopletools 2026-04-16 N/A
Directory traversal vulnerability in PeopleTools 8.10 through 8.18, 8.40, and 8.41 allows remote attackers to overwrite arbitrary files via the SchedulerTransfer servlet.
CVE-2004-0757 2 Mozilla, Redhat 4 Firefox, Mozilla, Thunderbird and 1 more 2026-04-16 N/A
Heap-based buffer overflow in the SendUidl in the POP3 capability for Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, may allow remote POP3 mail servers to execute arbitrary code.
CVE-2004-1606 2 Best Software, Saleslogix Corporation 2 Saleslogix, Saleslogix 2026-04-16 N/A
slxweb.dll in SalesLogix 6.1 allows remote attackers to cause a denial service (application crash) via an invalid HTTP request, which might also leak sensitive information in the ErrorLogMsg cookie.
CVE-2004-2196 1 Zanfi Solutions 1 Zanfi Cms Lite 2026-04-16 N/A
Zanfi CMS lite 1.1 allows remote attackers to obtain the full path of the web server via direct requests without required arguments to (1) adm_pages.php, (2) corr_pages.php, (3) del_block.php, (4) del_page.php, (5) footer.php, (6) home.php, and others.