Search Results (359876 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0121 1 Microsoft 2 Office, Outlook 2026-04-16 N/A
Argument injection vulnerability in Microsoft Outlook 2002 does not sufficiently filter parameters of mailto: URLs when using them as arguments when calling OUTLOOK.EXE, which allows remote attackers to use script code in the Local Machine zone and execute arbitrary programs.
CVE-2004-0122 1 Microsoft 1 Msn Messenger 2026-04-16 N/A
Microsoft MSN Messenger 6.0 and 6.1 does not properly handle certain requests, which allows remote attackers to read arbitrary files.
CVE-2004-0131 1 Gnu 1 Radius 2026-04-16 N/A
The rad_print_request function in logger.c for GNU Radius daemon (radiusd) before 1.2 allows remote attackers to cause a denial of service (crash) via a UDP packet with an Acct-Status-Type attribute without a value and no Acct-Session-Id attribute, which causes a null dereference.
CVE-2004-0167 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
DiskArbitration in Mac OS X 10.2.8 and 10.3.2 does not properly initialize writeable removable media.
CVE-2004-0169 1 Apple 1 Darwin Streaming Server 2026-04-16 N/A
QuickTime Streaming Server in MacOS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service (crash) via DESCRIBE requests with long User-Agent fields, which causes an Assert error to be triggered in the BufferIsFull function.
CVE-2004-0256 1 Gnu 1 Libtool 2026-04-16 N/A
GNU libtool before 1.5.2, during compile time, allows local users to overwrite arbitrary files via a symlink attack on libtool directories in /tmp.
CVE-2004-0263 2 Apache, Ibm 2 Http Server, Http Server 2026-04-16 N/A
PHP 4.3.4 and earlier in Apache 1.x and 2.x (mod_php) can leak global variables between virtual hosts that are handled by the same Apache child process but have different settings, which could allow remote attackers to obtain sensitive information.
CVE-2004-0336 1 Software602 1 602pro Lan Suite 2026-04-16 N/A
LAN SUITE Web Mail 602Pro allows remote attackers to gain sensitive information via the mail login form, which contains the path to the mail directory.
CVE-2002-1112 1 Mantis 1 Mantis 2026-04-16 N/A
Mantis before 0.17.4 allows remote attackers to list project bugs without authentication by modifying the cookie that is used by the "View Bugs" page.
CVE-2002-1108 1 Cisco 1 Vpn Client 2026-04-16 N/A
Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.6(Rel), when configured with all tunnel mode, can be forced into acknowledging a TCP packet from outside the tunnel.
CVE-1999-1068 1 Oracle 1 Http Server 2026-04-16 N/A
Oracle Webserver 2.1, when serving PL/SQL stored procedures, allows remote attackers to cause a denial of service via a long HTTP GET request.
CVE-2004-0743 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Safari in Mac OS X before 10.3.5, after sending form data using the POST method, may re-send the data to a GET method URL if that URL is redirected after the POST data and the user uses the forward or backward buttons, which may cause an information leak.
CVE-2003-0399 1 Vignette 3 Content Suite, Storyserver, Vignette 2026-04-16 N/A
Vignette StoryServer 4 and 5, Vignette V/5, and possibly other versions allows remote attackers to perform unauthorized SELECT queries by setting the vgn_creds cookie to an arbitrary value and directly accessing the save template.
CVE-2003-0401 1 Vignette 3 Content Suite, Storyserver, Vignette 2026-04-16 N/A
Vignette StoryServer and Vignette V/5 allows remote attackers to obtain sensitive information via a request for the /vgn/style template.
CVE-2003-0411 2 Microsoft, Oracle 3 Windows 2000, Windows Xp, Sun One Application Server 2026-04-16 7.5 High
Sun ONE Application Server 7.0 for Windows 2000/XP allows remote attackers to obtain JSP source code via a request that uses the uppercase ".JSP" extension instead of the lowercase .jsp extension.
CVE-2004-0792 2 Andrew Tridgell, Redhat 2 Rsync, Enterprise Linux 2026-04-16 N/A
Directory traversal vulnerability in the sanitize_path function in util.c for rsync 2.6.2 and earlier, when chroot is disabled, allows attackers to read or write certain files.
CVE-2005-3797 1 Alstrasoft 1 Template Seller 2026-04-16 N/A
PHP remote file inclusion vulnerability in payment_paypal.php in AlstraSoft Template Seller Pro 3.25 allows remote attackers to execute arbitrary PHP code via the config[basepath] parameter.
CVE-2006-4126 1 Dconnect 1 Dconnect Daemon 2026-04-16 N/A
The dc_chat function in cmd.dc.c in DConnect Daemon 0.7.0 and earlier allows remote attackers to cause a denial of service (application crash) by sending a client message before providing the nickname, which triggers a null pointer dereference.
CVE-2002-0639 1 Openbsd 1 Openssh 2026-04-16 9.8 Critical
Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using SKEY or BSD_AUTH authentication.
CVE-2002-2174 1 Software602 1 602pro Lan Suite 2026-04-16 N/A
The Telnet proxy of 602Pro LAN SUITE 2002 does not restrict the number of outstanding connections to the local host, which allows remote attackers to create a denial of service (memory consumption) via a large number of connections.