Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0767 1 Ngsec 1 Stackdefender 2026-04-16 N/A
NGSEC StackDefender 1.10 allows attackers to cause a denial of service (system crash) via an invalid address for the ObjectAttribues parameter to the hooks for the (1) ZwCreateFile or (2) ZwOpenFile functions.
CVE-2001-0247 5 Freebsd, Mit, Netbsd and 2 more 5 Freebsd, Kerberos 5, Netbsd and 2 more 2026-04-16 N/A
Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.
CVE-2004-0768 1 Greg Roelofs 1 Libpng3 2026-04-16 N/A
libpng 1.2.5 and earlier does not properly calculate certain buffer offsets, which could allow remote attackers to execute arbitrary code via a buffer overflow attack.
CVE-2001-0255 1 Fastream 2 Fastream Ftp\+\+ Server, Fastream Ftp Server 2026-04-16 N/A
FaSTream FTP++ Server 2.0 allows remote attackers to list arbitrary directories by using the "ls" command and including the drive letter name (e.g. C:) in the requested pathname.
CVE-2001-0286 1 A1webserver 1 Http Server 2026-04-16 N/A
Directory traversal vulnerability in A1 HTTP server 1.0a allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET request.
CVE-2001-0287 1 Symantec Veritas 1 Cluster Server 2026-04-16 N/A
VERITAS Cluster Server (VCS) 1.3.0 on Solaris allows local users to cause a denial of service (system panic) via the -L option to the lltstat command.
CVE-2001-0288 1 Cisco 1 Ios 2026-04-16 N/A
Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections.
CVE-2001-0289 2 Joseph Allen, Redhat 2 Joe, Linux 2026-04-16 N/A
Joe text editor 2.8 searches the current working directory (CWD) for the .joerc configuration file, which could allow local users to gain privileges of other users by placing a Trojan Horse .joerc file into a directory, then waiting for users to execute joe from that directory.
CVE-2001-0290 1 Gnu 1 Mailman 2026-04-16 N/A
Vulnerability in Mailman 2.0.1 and earlier allows list administrators to obtain user passwords.
CVE-2001-0292 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
PHP-Nuke 4.4.1a allows remote attackers to modify a user's email address and obtain the password by guessing the user id (UID) and calling user.php with the saveuser operator.
CVE-2001-0301 2 Redhat, Stephen Turner 2 Secure Web Server, Analog 2026-04-16 N/A
Buffer overflow in Analog before 4.16 allows remote attackers to execute arbitrary commands by using the ALIAS command to construct large strings.
CVE-2001-0310 1 Freebsd 1 Freebsd 2026-04-16 N/A
sort in FreeBSD 4.1.1 and earlier, and possibly other operating systems, uses predictable temporary file names and does not properly handle when the temporary file already exists, which causes sort to crash and possibly impacts security-sensitive scripts.
CVE-2001-0319 1 Ibm 3 Net.commerce, Net.commerce Hosting Server, Websphere Commerce Suite 2026-04-16 N/A
orderdspc.d2w macro in IBM Net.Commerce 3.x allows remote attackers to execute arbitrary SQL queries by inserting them into the order_rn option of the report capability.
CVE-2004-2204 1 Macromedia 1 Coldfusion 2026-04-16 N/A
Macromedia ColdFusion MX 6.0 and 6.1 application server, when running with the CreateObject function or CFOBJECT tag enabled, allows local users to conduct unauthorized activities and obtain administrative passwords by creating CFML scripts that use CreateObject or CFOBJECT.
CVE-2003-0146 2 Netpbm, Redhat 3 Netpbm, Enterprise Linux, Linux 2026-04-16 N/A
Multiple vulnerabilities in NetPBM 9.20 and earlier, and possibly other versions, may allow remote attackers to cause a denial of service or execute arbitrary code via "maths overflow errors" such as (1) integer signedness errors or (2) integer overflows, which lead to buffer overflows.
CVE-2001-0322 1 Microsoft 3 Internet Explorer, Outlook, Outlook Express 2026-04-16 N/A
MSHTML.DLL HTML parser in Internet Explorer 4.0, and other versions, allows remote attackers to cause a denial of service (application crash) via a script that creates and deletes an object that is associated with the browser window object.
CVE-2004-2205 1 Symantec Veritas 1 Cluster Server 2026-04-16 N/A
Unknown vulnerability in Veritas Cluster Server 1.0.1 through 4.0 allows local users to gain root access via unspecified vectors.
CVE-2001-0323 2026-04-16 N/A
The ICMP path MTU (PMTU) discovery feature in various UNIX systems allows remote attackers to cause a denial of service by spoofing "ICMP Fragmentation needed but Don't Fragment (DF) set" packets between two target hosts, which could cause one host to lower its MTU when transmitting to the other host.
CVE-2003-0147 4 Openpkg, Openssl, Redhat and 1 more 6 Openpkg, Openssl, Enterprise Linux and 3 more 2026-04-16 N/A
OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms ("Karatsuba" and normal).
CVE-2004-2206 1 Natterchat 1 Natterchat 2026-04-16 N/A
SQL injection vulnerability in NatterChat 1.12 allows remote attackers to execute arbitrary SQL commands via unknown vectors.