Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1191 1 Ibm 1 Tivoli Secureway Policy Director 2026-04-16 N/A
WebSeal in IBM Tivoli SecureWay Policy Director 3.8 allows remote attackers to cause a denial of service (crash) via a URL that ends in %2e.
CVE-2004-0926 2 Apple, Easy Software Products 3 Mac Os X, Mac Os X Server, Cups 2026-04-16 N/A
Heap-based buffer overflow in Apple QuickTime on Mac OS 10.2.8 through 10.3.5 may allow remote attackers to execute arbitrary code via a certain BMP image.
CVE-2004-2290 1 Microsoft 1 Windows Xp 2026-04-16 N/A
Microsoft Windows XP Explorer allows attackers to execute arbitrary code via a HTML and script in a self-executing folder that references an executable file within the folder, which is automatically executed when a user accesses the folder.
CVE-2001-1192 1 Citrix 1 Ica Client 2026-04-16 N/A
Citrix Independent Computing Architecture (ICA) Client for Windows 6.1 allows remote malicious web sites to execute arbitrary code via a .ICA file, which is downloaded and automatically executed by the client.
CVE-2003-0614 1 Gallery Project 1 Gallery 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in search.php of Gallery 1.1 through 1.3.4 allows remote attackers to insert arbitrary web script via the searchstring parameter.
CVE-2004-0927 2 Apple, Easy Software Products 3 Mac Os X, Mac Os X Server, Cups 2026-04-16 N/A
ServerAdmin in Mac OS X 10.2.8 through 10.3.5 uses the same example self-signed certificate on each system, which allows remote attackers to decrypt sessions.
CVE-2001-1193 1 Khamil Landross And Zack Jones 1 Eftp 2026-04-16 N/A
Directory traversal vulnerability in EFTP 2.0.8.346 allows local users to read directories via a ... (modified dot dot) in the CWD command.
CVE-2003-0615 4 Cgi.pm, Debian, Openpkg and 1 more 5 Cgi.pm, Debian Linux, Openpkg and 2 more 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter.
CVE-2004-0928 2 Hitachi, Macromedia 4 Cosminexus Enterprise, Cosminexus Server, Coldfusion and 1 more 2026-04-16 N/A
The Microsoft IIS Connector in JRun 4.0 and Macromedia ColdFusion MX 6.0, 6.1, and 6.1 J2EE allows remote attackers to bypass authentication and view source files, such as .asp, .pl, and .php files, via an HTTP request that ends in ";.cfm".
CVE-2001-1194 1 Zyxel 2 Prestige 1600, Prestige 681 2026-04-16 N/A
Zyxel Prestige 681 and 1600 SDSL Routers allow remote attackers to cause a denial of service via malformed packets with (1) an IP length less than actual packet size, or (2) fragmented packets whose size exceeds 64 kilobytes after reassembly.
CVE-2003-0616 1 Mcafee 1 Epolicy Orchestrator 2026-04-16 N/A
Format string vulnerability in ePO service for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request with format strings in the computerlist parameter, which are used when logging a failed name resolution.
CVE-2001-1195 1 Novell 1 Groupwise 2026-04-16 N/A
Novell Groupwise 5.5 and 6.0 Servlet Gateway is installed with a default username and password for the servlet manager, which allows remote attackers to gain privileges.
CVE-2003-0617 1 Hugo Rabson 1 Mindi 2026-04-16 N/A
mindi 0.58 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files.
CVE-2004-0929 2 Libtiff, Suse 2 Libtiff, Suse Linux 2026-04-16 N/A
Heap-based buffer overflow in the OJPEGVSetField function in tif_ojpeg.c for libtiff 3.6.1 and earlier, when compiled with the OJPEG_SUPPORT (old JPEG support) option, allows remote attackers to execute arbitrary code via a malformed TIFF image.
CVE-2001-1196 1 Webmin 1 Webmin 2026-04-16 N/A
Directory traversal vulnerability in edit_action.cgi of Webmin Directory 0.91 allows attackers to gain privileges via a '..' (dot dot) in the argument.
CVE-2004-2291 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Microsoft Windows Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code via an embedded script that uses Shell Helper objects and a shortcut (link) to execute the target script.
CVE-2004-2417 1 Smtp.proxy 1 Smtp.proxy 2026-04-16 N/A
Format string vulnerability in smtp.c for smtp.proxy 1.1.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the (1) client hostname or (2) message-id, which are injected into a syslog message.
CVE-2001-1197 1 Kde 1 Kdeutils 2026-04-16 N/A
klprfax_filter in KDE2 KDEUtils allows local users to overwrite arbitrary files via a symlink attack on the klprfax.filter temporary file.
CVE-2003-0618 3 Debian, Perl, Redhat 3 Debian Linux, Suidperl, Enterprise Linux 2026-04-16 N/A
Multiple vulnerabilities in suidperl 5.6.1 and earlier allow a local user to obtain sensitive information about files for which the user does not have appropriate permissions.
CVE-2004-0930 5 Conectiva, Gentoo, Redhat and 2 more 8 Linux, Linux, Enterprise Linux and 5 more 2026-04-16 N/A
The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters.