Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0178 4 Caldera, Conectiva, Mandrakesoft and 1 more 5 Openlinux Edesktop, Linux, Mandrake Linux and 2 more 2026-04-16 N/A
kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges.
CVE-2001-0179 1 Macromedia 1 Jrun 2026-04-16 N/A
Allaire JRun 3.0 allows remote attackers to list contents of the WEB-INF directory, and the web.xml file in the WEB-INF directory, via a malformed URL that contains a "."
CVE-2004-1608 2 Best Software, Saleslogix Corporation 2 Saleslogix, Saleslogix 2026-04-16 N/A
SQL injection vulnerability in SalesLogix 6.1 allows remote attackers to execute arbitrary SQL statements via the id parameter in a view operation.
CVE-2001-0238 1 Microsoft 6 Windows 2000, Windows 95, Windows 98 and 3 more 2026-04-16 N/A
Microsoft Data Access Component Internet Publishing Provider 8.103.2519.0 and earlier allows remote attackers to bypass Security Zone restrictions via WebDAV requests.
CVE-2003-0116 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check the Cascading Style Sheet input parameter for Modal dialogs, which allows remote attackers to read files on the local system via a web page containing script that creates a dialog and then accesses the target files, aka "Modal Dialog script execution."
CVE-2004-1609 2 Best Software, Saleslogix Corporation 2 Saleslogix, Saleslogix 2026-04-16 N/A
SalesLogix 6.1 includes usernames, passwords, and other sensitive information in the headers of an HTTP response, which could allow remote attackers to gain access.
CVE-2001-0239 1 Microsoft 1 Isa Server 2026-04-16 N/A
Microsoft Internet Security and Acceleration (ISA) Server 2000 Web Proxy allows remote attackers to cause a denial of service via a long web request with a specific type.
CVE-2003-0121 1 Clearswift 1 Mailsweeper 2026-04-16 N/A
Clearswift MAILsweeper 4.x allows remote attackers to bypass attachment detection via an attachment that does not specify a MIME-Version header field, which is processed by some mail clients.
CVE-2004-0764 2 Mozilla, Redhat 4 Firefox, Mozilla, Thunderbird and 1 more 2026-04-16 N/A
Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the "chrome" flag and XML User Interface Language (XUL) files.
CVE-2004-1610 2 Best Software, Saleslogix Corporation 2 Saleslogix, Saleslogix 2026-04-16 N/A
SalesLogix 6.1 uses client-specified pathnames for writing certain files, which might allow remote authenticated users to create arbitrary files and execute code via the (1) vMME.AttachmentPath or (2) vMME.LibraryPath variables.
CVE-2001-0240 1 Microsoft 1 Word 2026-04-16 N/A
Microsoft Word before Word 2002 allows attackers to automatically execute macros without warning the user via a Rich Text Format (RTF) document that links to a template with the embedded macro.
CVE-2003-0122 1 Ibm 2 Lotus Domino, Lotus Notes Client 2026-04-16 N/A
Buffer overflow in Notes server before Lotus Notes R4, R5 before 5.0.11, and early R6 allows remote attackers to execute arbitrary code via a long distinguished name (DN) during NotesRPC authentication and an outer field length that is less than that of the DN field.
CVE-2004-2201 1 Duware 1 Duforum 2026-04-16 N/A
SQL injection vulnerability in DUware DUforum 3.0 through 3.1 allows remote attackers to execute arbitrary SQL commands via the FOR_ID parameter in messages.asp, (2) MSG_ID parameter in messageDetail.asp, or (3) password parameter in the login form.
CVE-2004-2396 1 Mandrakesoft 3 Mandrake Linux, Mandrake Linux Corporate Server, Mandrake Multi Network Firewall 2026-04-16 N/A
passwd 0.68 does not check the return code for the pam_start function, which has unknown impact and attack vectors that may prevent "safe and proper operation" of PAM.
CVE-2001-0241 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Buffer overflow in Internet Printing ISAPI extension in Windows 2000 allows remote attackers to gain root privileges via a long print request that is passed to the extension through IIS 5.0.
CVE-2004-2203 1 Ansel 1 Ansel 2026-04-16 N/A
Ansel 1.2 through 2.0 uses insecure default permissions, which allows remote attackers to gain access to web readable directories.
CVE-2001-0242 1 Microsoft 1 Windows Media Player 2026-04-16 N/A
Buffer overflows in Microsoft Windows Media Player 7 and earlier allow remote attackers to execute arbitrary commands via (1) a long version tag in an .ASX file, or (2) a long banner tag, a variant of the ".ASX Buffer Overrun" vulnerability as discussed in MS:MS00-090.
CVE-2003-0124 2 Andries Brouwer, Redhat 3 Man, Enterprise Linux, Linux 2026-04-16 N/A
man before 1.5l allows attackers to execute arbitrary code via a malformed man file with improper quotes, which causes the my_xsprintf function to return a string with the value "unsafe," which is then executed as a program via a system call if it is in the search path of the user who runs man.
CVE-2004-0765 2 Mozilla, Redhat 4 Firefox, Mozilla, Thunderbird and 1 more 2026-04-16 N/A
The cert_TestHostName function in Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, only checks the hostname portion of a certificate when the hostname portion of the URI is not a fully qualified domain name (FQDN), which allows remote attackers to spoof trusted certificates.
CVE-2001-0243 1 Microsoft 1 Windows Media Player 2026-04-16 N/A
Windows Media Player 7 and earlier stores Internet shortcuts in a user's Temporary Files folder with a fixed filename instead of in the Internet Explorer cache, which causes the HTML in those shortcuts to run in the Local Computer Zone instead of the Internet Zone, which allows remote attackers to read certain files.