Export limit exceeded: 363801 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0681 | 9 Apple, Gentoo, Hp and 6 more | 15 Mac Os X, Mac Os X Server, Linux and 12 more | 2026-04-16 | N/A |
| A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences. | ||||
| CVE-2004-0939 | 1 Neoteris | 1 Instant Virtual Extranet | 2026-04-16 | N/A |
| changepassword.cgi in Neoteris Instant Virtual Extranet (IVE) 3.x and 4.x, with LDAP authentication or NT domain authentication enabled, does not limit the number of times a bad password can be entered, which allows remote attackers to guess passwords via a brute force attack. | ||||
| CVE-2004-1801 | 1 Pwebserver | 1 Pwebserver Web Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in PWebServer 0.3.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. | ||||
| CVE-2004-2298 | 1 Novell | 2 Internet Messaging System, Netmail | 2026-04-16 | N/A |
| Novell Internet Messaging System (NIMS) 2.6 and 3.0, and NetMail 3.1 and 3.5, is installed with a default NMAP authentication credential, which allows remote attackers to read and write mail store data if the administrator does not change the credential by using the NMAP Credential Generator. | ||||
| CVE-2001-1260 | 1 Avaya | 1 Argent Office | 2026-04-16 | N/A |
| Avaya Argent Office uses weak encryption (trivial encoding) for passwords, which allows remote attackers to gain administrator privileges by sniffing and decrypting the sniffing the passwords during a system reboot. | ||||
| CVE-2001-1261 | 1 Avaya | 1 Argent Office | 2026-04-16 | N/A |
| Avaya Argent Office 2.1 may allow remote attackers to change hold music by spoofing a legitimate server's response to a TFTP broadcast and providing an alternate HoldMusic file. | ||||
| CVE-2003-0683 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| NFS in SGI 6.5.21m and 6.5.21f does not perform access checks in certain configurations when an /etc/exports entry uses wildcards without any hostnames or groups, which could allow attackers to bypass intended restrictions. | ||||
| CVE-2004-1802 | 1 Lionmax Software | 1 Chat Anywhere | 2026-04-16 | N/A |
| Chat Anywhere 2.72 and earlier allows remote attackers to hide their IP address by using %00 before the nickname, which causes the IP address to be displayed as $IP$ on the administration web page. | ||||
| CVE-2004-2299 | 1 Omnicron | 1 Omnihttpd | 2026-04-16 | N/A |
| Buffer overflow in Omnicron OmniHTTPd 3.0a and earlier allows remote attackers to execute arbitrary code via an HTTP GET request with a long Range header. | ||||
| CVE-2001-1262 | 1 Avaya | 1 Argent Office | 2026-04-16 | N/A |
| Avaya Argent Office 2.1 compares a user-provided SNMP community string with the correct string only up to the length of the user-provided string, which allows remote attackers to bypass authentication with a 0 length community string. | ||||
| CVE-2001-1263 | 1 Pragma Systems | 1 Interaccess | 2026-04-16 | N/A |
| telnet95.exe in Pragma InterAccess 4.0 build 5 allows remote attackers to cause a denial of service (crash) via a large number of characters to port 23, possibly due to a buffer overflow. | ||||
| CVE-2003-0688 | 6 Compaq, Freebsd, Openbsd and 3 more | 7 Tru64, Freebsd, Openbsd and 4 more | 2026-04-16 | N/A |
| The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdnsbl" feature, does not properly initialize certain data structures, which allows remote attackers to cause a denial of service (process crash) via an invalid DNS response that causes Sendmail to free incorrect data. | ||||
| CVE-2001-1264 | 1 Hp | 2 Hp-ux, Vvos | 2026-04-16 | N/A |
| Vulnerability in mkacct in HP-UX 11.04 running Virtualvault Operating System (VVOS) 4.0 and 4.5 allows attackers to elevate privileges. | ||||
| CVE-2003-0692 | 2 Kde, Redhat | 3 Kde, Enterprise Linux, Linux | 2026-04-16 | N/A |
| KDM in KDE 3.1.3 and earlier uses a weak session cookie generation algorithm that does not provide 128 bits of entropy, which allows attackers to guess session cookies via brute force methods and gain access to the user session. | ||||
| CVE-2001-1265 | 1 Ibm | 1 Alphaworks Tftp Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in IBM alphaWorks Java TFTP server 1.21 allows remote attackers to conduct unauthorized operations on arbitrary files via a .. (dot dot) attack. | ||||
| CVE-2001-1266 | 1 Doug Neal | 1 Dnhttpd | 2026-04-16 | N/A |
| Directory traversal vulnerability in Doug Neal's HTTPD Daemon (DNHTTPD) before 0.4.1 allows remote attackers to view arbitrary files via a .. (dot dot) attack using the dot hex code '%2E'. | ||||
| CVE-2001-1267 | 2 Gnu, Redhat | 3 Tar, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Directory traversal vulnerability in GNU tar 1.13.19 and earlier allows local users to overwrite arbitrary files during archive extraction via a tar file whose filenames contain a .. (dot dot). | ||||
| CVE-2004-0941 | 3 Gd Graphics Library, Redhat, Trustix | 3 Gdlib, Enterprise Linux, Secure Linux | 2026-04-16 | N/A |
| Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function, a different set of vulnerabilities than CVE-2004-0990. | ||||
| CVE-2001-1268 | 2 Info-zip, Redhat | 3 Unzip, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via a .. (dot dot) in an extracted filename. | ||||
| CVE-2001-1269 | 2 Info-zip, Redhat | 3 Unzip, Enterprise Linux, Linux | 2026-04-16 | N/A |
| Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via filenames in the archive that begin with the '/' (slash) character. | ||||