Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0121 1 Clearswift 1 Mailsweeper 2026-04-16 N/A
Clearswift MAILsweeper 4.x allows remote attackers to bypass attachment detection via an attachment that does not specify a MIME-Version header field, which is processed by some mail clients.
CVE-2004-0764 2 Mozilla, Redhat 4 Firefox, Mozilla, Thunderbird and 1 more 2026-04-16 N/A
Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the "chrome" flag and XML User Interface Language (XUL) files.
CVE-2004-1610 2 Best Software, Saleslogix Corporation 2 Saleslogix, Saleslogix 2026-04-16 N/A
SalesLogix 6.1 uses client-specified pathnames for writing certain files, which might allow remote authenticated users to create arbitrary files and execute code via the (1) vMME.AttachmentPath or (2) vMME.LibraryPath variables.
CVE-2001-0240 1 Microsoft 1 Word 2026-04-16 N/A
Microsoft Word before Word 2002 allows attackers to automatically execute macros without warning the user via a Rich Text Format (RTF) document that links to a template with the embedded macro.
CVE-2003-0122 1 Ibm 2 Lotus Domino, Lotus Notes Client 2026-04-16 N/A
Buffer overflow in Notes server before Lotus Notes R4, R5 before 5.0.11, and early R6 allows remote attackers to execute arbitrary code via a long distinguished name (DN) during NotesRPC authentication and an outer field length that is less than that of the DN field.
CVE-2004-2201 1 Duware 1 Duforum 2026-04-16 N/A
SQL injection vulnerability in DUware DUforum 3.0 through 3.1 allows remote attackers to execute arbitrary SQL commands via the FOR_ID parameter in messages.asp, (2) MSG_ID parameter in messageDetail.asp, or (3) password parameter in the login form.
CVE-2004-2396 1 Mandrakesoft 3 Mandrake Linux, Mandrake Linux Corporate Server, Mandrake Multi Network Firewall 2026-04-16 N/A
passwd 0.68 does not check the return code for the pam_start function, which has unknown impact and attack vectors that may prevent "safe and proper operation" of PAM.
CVE-2001-0241 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Buffer overflow in Internet Printing ISAPI extension in Windows 2000 allows remote attackers to gain root privileges via a long print request that is passed to the extension through IIS 5.0.
CVE-2004-2203 1 Ansel 1 Ansel 2026-04-16 N/A
Ansel 1.2 through 2.0 uses insecure default permissions, which allows remote attackers to gain access to web readable directories.
CVE-2001-0242 1 Microsoft 1 Windows Media Player 2026-04-16 N/A
Buffer overflows in Microsoft Windows Media Player 7 and earlier allow remote attackers to execute arbitrary commands via (1) a long version tag in an .ASX file, or (2) a long banner tag, a variant of the ".ASX Buffer Overrun" vulnerability as discussed in MS:MS00-090.
CVE-2003-0124 2 Andries Brouwer, Redhat 3 Man, Enterprise Linux, Linux 2026-04-16 N/A
man before 1.5l allows attackers to execute arbitrary code via a malformed man file with improper quotes, which causes the my_xsprintf function to return a string with the value "unsafe," which is then executed as a program via a system call if it is in the search path of the user who runs man.
CVE-2004-0765 2 Mozilla, Redhat 4 Firefox, Mozilla, Thunderbird and 1 more 2026-04-16 N/A
The cert_TestHostName function in Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, only checks the hostname portion of a certificate when the hostname portion of the URI is not a fully qualified domain name (FQDN), which allows remote attackers to spoof trusted certificates.
CVE-2001-0243 1 Microsoft 1 Windows Media Player 2026-04-16 N/A
Windows Media Player 7 and earlier stores Internet shortcuts in a user's Temporary Files folder with a fixed filename instead of in the Internet Explorer cache, which causes the HTML in those shortcuts to run in the Local Computer Zone instead of the Internet Zone, which allows remote attackers to read certain files.
CVE-2003-0129 2 Redhat, Ximian 2 Linux, Evolution 2026-04-16 N/A
Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (memory consumption) via a mail message that is uuencoded multiple times.
CVE-2001-0246 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 5.5 and earlier does not properly verify the domain of a frame within a browser window, which allows remote web site operators to read certain files on the client by sending information from a local frame to a frame in a different domain, aka a variant of the "Frame Domain Verification" vulnerability.
CVE-2004-0766 1 Ngsec 1 Stackdefender 2026-04-16 N/A
NGSEC StackDefender 2.0 allows attackers to cause a denial of service (system crash) via an invalid address for the BaseAddress parameter to the hooks for the (1) ZwAllocateVirtualMemory or (2) ZwProtectVirtualMemory functions.
CVE-2001-0290 1 Gnu 1 Mailman 2026-04-16 N/A
Vulnerability in Mailman 2.0.1 and earlier allows list administrators to obtain user passwords.
CVE-2001-0292 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
PHP-Nuke 4.4.1a allows remote attackers to modify a user's email address and obtain the password by guessing the user id (UID) and calling user.php with the saveuser operator.
CVE-2001-0301 2 Redhat, Stephen Turner 2 Secure Web Server, Analog 2026-04-16 N/A
Buffer overflow in Analog before 4.16 allows remote attackers to execute arbitrary commands by using the ALIAS command to construct large strings.
CVE-2001-0310 1 Freebsd 1 Freebsd 2026-04-16 N/A
sort in FreeBSD 4.1.1 and earlier, and possibly other operating systems, uses predictable temporary file names and does not properly handle when the temporary file already exists, which causes sort to crash and possibly impacts security-sensitive scripts.