Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0221 1 Nortel 1 Nautica Marlin 2026-04-16 N/A
The Nautica Marlin bridge allows remote attackers to cause a denial of service via a zero length UDP packet to the SNMP port.
CVE-2002-1778 1 Symantec 1 Norton Personal Firewall 2026-04-16 N/A
Symantec Norton Personal Firewall 2002 allows remote attackers to bypass the portscan protection by using a (1) SYN/FIN, (2) SYN/FIN/URG, (3) SYN/FIN/PUSH, or (4) SYN/FIN/URG/PUSH scan.
CVE-2004-0536 2 Redhat, Tripwire 2 Enterprise Linux, Tripwire 2026-04-16 N/A
Format string vulnerability in Tripwire commercial 4.0.1 and earlier, including 2.4, and open source 2.3.1 and earlier, allows local users to gain privileges via format string specifiers in a file name, which is used in the generation of an email report.
CVE-2004-2123 1 Nextplace 1 E-commerce Asp Engine 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Nextplace.com E-Commerce ASP Engine allow remote attackers to inject arbitrary web script or HTML via the (1) level parameter of productdetail.asp, (2) searchKey parameter of searchresults.asp, and possibly (3) level parameter of ListCategories.asp.
CVE-2000-0222 1 Microsoft 1 Windows 2000 2026-04-16 N/A
The installation for Windows 2000 does not activate the Administrator password until the system has rebooted, which allows remote attackers to connect to the ADMIN$ share without a password until the reboot occurs.
CVE-2002-1779 1 Symantec 1 Norton Personal Firewall 2026-04-16 N/A
The "block fragmented IP Packets" option in Symantec Norton Personal Firewall 2002 (NPW) does not properly protect against certain attacks on Windows vulnerabilities such as jolt2 (CVE-2000-0305).
CVE-2000-0223 1 Sam Hawker 1 Wmcdplay 2026-04-16 N/A
Buffer overflow in the wmcdplay CD player program for the WindowMaker desktop allows local users to gain root privileges via a long parameter.
CVE-2002-1780 1 Alcatech Gmbh 1 Bpm Studio Pro 2026-04-16 N/A
BPM Studio Pro 4.2 by ALCATech GmbH includes a webserver that allows a remote attacker to cause a denial of service (crash) by sending a URL request for a MS-DOS device such as con. NOTE: it has been disputed that this and possibly other application-level DOS device issues stem from a bug in Windows, and as such, such applications should not be considered vulnerable themselves.
CVE-2000-0224 1 Sco 1 Unixware 2026-04-16 N/A
ARCserve agent in SCO UnixWare 7.x allows local attackers to gain root privileges via a symlink attack.
CVE-2002-1781 1 Delegate 1 Delegate 2026-04-16 N/A
Multiple buffer overflows in DeleGate 7.7.0 through 7.8.1 allow remote attackers to execute arbitrary code, as demonstrated using a long USER command to the POP proxy.
CVE-2000-0225 1 Deti Fliegl 1 Poc32 2026-04-16 N/A
The Pocsag POC32 program does not properly prevent remote users from accessing its server port, even if the option has been disabled.
CVE-2002-1782 1 University Of Washington 1 Uw-imap 2026-04-16 N/A
The default configuration of University of Washington IMAP daemon (wu-imapd), when running on a system that does not allow shell access, allows a local user with a valid IMAP account to read arbitrary files as that user.
CVE-2004-0538 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
LaunchServices in Mac OS X 10.3.4 and 10.2.8 automatically registers and executes new applications, which could allow attackers to execute arbitrary code without warning the user.
CVE-2004-1474 1 Symantec 12 Firewall Vpn Appliance 100, Firewall Vpn Appliance 200, Firewall Vpn Appliance 200r and 9 more 2026-04-16 N/A
Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 uses a default read/write SNMP community string, which allows remote attackers to alter the firewall's configuration file.
CVE-2000-0226 1 Microsoft 1 Internet Information Server 2026-04-16 N/A
IIS 4.0 allows attackers to cause a denial of service by requesting a large buffer in a POST or PUT command which consumes memory, aka the "Chunked Transfer Encoding Buffer Overflow Vulnerability."
CVE-2002-1783 1 Php 1 Php 2026-04-16 N/A
CRLF injection vulnerability in PHP 4.2.1 through 4.2.3, when allow_url_fopen is enabled, allows remote attackers to modify HTTP headers for outgoing requests by causing CRLF sequences to be injected into arguments that are passed to the (1) fopen or (2) file functions.
CVE-2004-0539 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
The "Show in Finder" button in the Safari web browser in Mac OS X 10.3.4 and 10.2.8 may execute downloaded applications, which could allow remote attackers to execute arbitrary code.
CVE-2004-1475 1 Xine 2 Xine, Xine-lib 2026-04-16 N/A
Multiple stack-based buffer overflows in xine-lib 1-rc2 through 1-rc5 allow attackers to execute arbitrary code via (1) long VideoCD vcd:// MRLs or (2) long subtitle lines.
CVE-2004-2124 1 Gallery Project 1 Gallery 2026-04-16 N/A
The register_globals simulation capability in Gallery 1.3.1 through 1.4.1 allows remote attackers to modify the HTTP_POST_VARS variable and conduct a PHP remote file inclusion attack via the GALLERY_BASEDIR parameter, a different vulnerability than CVE-2002-1412.
CVE-2004-2371 1 Redstorm 3 Desert Siege, Ghost Recon, The Sum Of All Fears 2026-04-16 N/A
Multiple Red Storm web-based games, including Ghost Recon 1.4 and earlier, Desert Siege, and The Sum of all Fears 1.1.1.0 and earlier, do not properly check return values from certain functions, which allows remote attackers to cause a denial of service (hang) via packets that contain text strings with incorrect size values.