Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1619 1 Akella 1 Privateers Bounty Age Of Sail Ii 2026-04-16 N/A
Buffer overflow in Privateer's Bounty: Age of Sail II allows remote attackers to execute arbitrary code via a long nickname.
CVE-2001-0463 1 Acme Labs 1 Perlcal 2026-04-16 N/A
Directory traversal vulnerability in cal_make.pl in PerlCal allows remote attackers to read arbitrary files via a .. (dot dot) in the p0 parameter.
CVE-2003-0198 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Mac OS X before 10.2.5 allows guest users to modify the permissions of the DropBox folder and read unauthorized files.
CVE-2004-1620 1 S9y 1 Serendipity 2026-04-16 N/A
CRLF injection vulnerability in Serendipity before 0.7rc1 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the url parameter in (1) index.php and (2) exit.php, or (3) the HTTP Referer field in comment.php.
CVE-2001-0464 1 Crosswind 1 Cyberscheduler 2026-04-16 N/A
Buffer overflow in websync.exe in Cyberscheduler allows remote attackers to execute arbitrary commands via a long tzs (timezone) parameter.
CVE-2001-0465 1 Intuit 1 Turbo Tax 2026-04-16 N/A
TurboTax saves passwords in a temporary file when a user imports investment tax information from a financial institution, which could allow local users to obtain sensitive information.
CVE-2003-0202 1 Brian Renaud 1 Metrics 2026-04-16 N/A
The (1) halstead and (2) gather_stats scripts in metrics 1.0 allow local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-2004-1621 1 Ibm 1 Lotus Domino 2026-04-16 N/A
NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in IBM Lotus Notes R6 and Domino R6, and possibly earlier versions, allows remote attackers to execute arbitrary web script or HTML via square brackets at the beginning and end of (1) computed for display, (2) computed when composed, or (3) computed text element fields. NOTE: the vendor has disputed this issue, saying that it is not a problem with Notes/Domino itself, but with the applications that do not properly handle this feature
CVE-2001-0466 1 Microburst 1 Ustorekeeper Online Shopping System 2026-04-16 N/A
Directory traversal vulnerability in ustorekeeper 1.61 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
CVE-2003-0203 2 Moxftp, Xftp 2 Moxftp, Xftp 2026-04-16 N/A
Buffer overflow in moxftp 2.2 and earlier allows remote malicious FTP servers to execute arbitrary code via a long FTP banner.
CVE-2004-0789 9 Axis, Delegate, Dnrd and 6 more 15 2100 Network Camera, 2110 Network Camera, 2120 Network Camera and 12 more 2026-04-16 N/A
Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men & Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU and network bandwidth consumption) by triggering a communications loop via (a) DNS query packets with localhost as a spoofed source address, or (b) a response packet that triggers a response packet.
CVE-2004-1622 1 Ubbcentral 1 Ubb.threads 2026-04-16 N/A
SQL injection vulnerability in dosearch.php in UBB.threads 3.4.x allows remote attackers to execute arbitrary SQL statements via the Name parameter.
CVE-2004-2211 1 Alivesites 1 Alivesites Forum 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in AliveSites Forums 2.0 allows remote attackers to inject arbitrary web script or HTML via the (1) forum_id, (2) method, or (3) forum_title parameters to post.asp, (4) the forum_title parameter to forum.asp, or (5) the id parameter to post.asp.
CVE-2001-0467 1 Robtex 1 Viking Server 2026-04-16 N/A
Directory traversal vulnerability in RobTex Viking Web server before 1.07-381 allows remote attackers to read arbitrary files via a \... (modified dot dot) in an HTTP URL request.
CVE-2001-0468 1 Ftpfs 1 Ftpfs 2026-04-16 N/A
Buffer overflow in FTPFS allows local users to gain root privileges via a long user name.
CVE-2003-0204 2 Kde, Redhat 3 Kde, Enterprise Linux, Linux 2026-04-16 N/A
KDE 2 and KDE 3.1.1 and earlier 3.x versions allows attackers to execute arbitrary commands via (1) PostScript (PS) or (2) PDF files, related to missing -dPARANOIDSAFER and -dSAFER arguments when using the kghostview Ghostscript viewer.
CVE-2001-0469 1 Freebsd 1 Freebsd 2026-04-16 N/A
rwho daemon rwhod in FreeBSD 4.2 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service via malformed packets with a short length.
CVE-2003-0205 1 Gkrellm Newsticker 1 Gkrellm Newsticker 2026-04-16 N/A
gkrellm-newsticker gkrellm plugin before 0.3-3.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the ticker title of a URI.
CVE-2004-0790 2 Microsoft, Sun 8 Windows 2000, Windows 2003 Server, Windows 98 and 5 more 2026-04-16 N/A
Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
CVE-2001-0530 1 Spearhead 2 Netgap 200, Netgap 300 2026-04-16 N/A
Spearhead NetGAP 200 and 300 before build 78 allow a remote attacker to bypass file blocking and content inspection via specially encoded URLs which include '%' characters.