Search Results (367170 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1074 1 Webmin 1 Webmin 2026-04-16 N/A
Webmin 0.84 and earlier does not properly clear the HTTP_AUTHORIZATION environment variable when the web server is restarted, which makes authentication information available to all CGI programs and allows local users to gain privileges.
CVE-2002-1352 1 Per Magne Knutsen 1 Cartman 2026-04-16 N/A
Per Magne Knutsen's CartMan shopping cart (cartman.php) 1.04 and earlier allows remote attackers to modify product prices by changing the price parameter.
CVE-2001-0658 1 Microsoft 1 Isa Server 2026-04-16 N/A
Cross-site scripting (CSS) vulnerability in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause other clients to execute certain script or read cookies via malicious script in an invalid URL that is not properly quoted in an error message.
CVE-2001-0677 1 Qualcomm 1 Eudora 2026-04-16 N/A
Eudora 5.0.2 allows a remote attacker to read arbitrary files via an email with the path of the target file in the "Attachment Converted" MIME header, which sends the file when the email is forwarded to the attacker by the user.
CVE-2001-1083 2 Icecast, Redhat 2 Icecast, Powertools 2026-04-16 N/A
Icecast 1.3.7, and other versions before 1.3.11 with HTTP server file streaming support enabled allows remote attackers to cause a denial of service (crash) via a URL that ends in . (dot), / (forward slash), or \ (backward slash).
CVE-2004-0347 1 Netscreen 1 Netscreen-sa 5000 Series 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in delhomepage.cgi in NetScreen-SA 5000 Series running firmware 3.3 Patch 1 (build 4797) allows remote authenticated users to execute arbitrary script as other users via the row parameter.
CVE-2004-0336 1 Software602 1 602pro Lan Suite 2026-04-16 N/A
LAN SUITE Web Mail 602Pro allows remote attackers to gain sensitive information via the mail login form, which contains the path to the mail directory.
CVE-2004-0263 2 Apache, Ibm 2 Http Server, Http Server 2026-04-16 N/A
PHP 4.3.4 and earlier in Apache 1.x and 2.x (mod_php) can leak global variables between virtual hosts that are handled by the same Apache child process but have different settings, which could allow remote attackers to obtain sensitive information.
CVE-2004-0256 1 Gnu 1 Libtool 2026-04-16 N/A
GNU libtool before 1.5.2, during compile time, allows local users to overwrite arbitrary files via a symlink attack on libtool directories in /tmp.
CVE-2004-0169 1 Apple 1 Darwin Streaming Server 2026-04-16 N/A
QuickTime Streaming Server in MacOS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service (crash) via DESCRIBE requests with long User-Agent fields, which causes an Assert error to be triggered in the BufferIsFull function.
CVE-2004-0167 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
DiskArbitration in Mac OS X 10.2.8 and 10.3.2 does not properly initialize writeable removable media.
CVE-2004-0131 1 Gnu 1 Radius 2026-04-16 N/A
The rad_print_request function in logger.c for GNU Radius daemon (radiusd) before 1.2 allows remote attackers to cause a denial of service (crash) via a UDP packet with an Acct-Status-Type attribute without a value and no Acct-Session-Id attribute, which causes a null dereference.
CVE-2004-0122 1 Microsoft 1 Msn Messenger 2026-04-16 N/A
Microsoft MSN Messenger 6.0 and 6.1 does not properly handle certain requests, which allows remote attackers to read arbitrary files.
CVE-2004-0121 1 Microsoft 2 Office, Outlook 2026-04-16 N/A
Argument injection vulnerability in Microsoft Outlook 2002 does not sufficiently filter parameters of mailto: URLs when using them as arguments when calling OUTLOOK.EXE, which allows remote attackers to use script code in the Local Machine zone and execute arbitrary programs.
CVE-2004-0115 1 Microsoft 1 Virtual Pc 2026-04-16 N/A
VirtualPC_Services in Microsoft Virtual PC for Mac 6.0 through 6.1 allows local attackers to truncate and overwrite arbitrary files, and execute arbitrary code, via a symlink attack on the VPCServices_Log temporary file.
CVE-2004-0045 1 Isc 1 Inn 2026-04-16 N/A
Buffer overflow in the ARTpost function in art.c in the control message handling code for INN 2.4.0 may allow remote attackers to execute arbitrary code.
CVE-2003-1022 1 Debian 1 Fsp 2026-04-16 N/A
Directory traversal vulnerability in fsp before 2.81.b18 allows remote users to access files outside the FSP root directory.
CVE-2003-0924 2 Netpbm, Redhat 3 Netpbm, Enterprise Linux, Linux 2026-04-16 N/A
netpbm 9.25 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files.
CVE-2003-0905 1 Microsoft 1 Windows Media Services 2026-04-16 N/A
Unknown vulnerability in Windows Media Station Service and Windows Media Monitor Service components of Windows Media Services 4.1 allows remote attackers to cause a denial of service (disallowing new connections) via a certain sequence of TCP/IP packets.
CVE-2003-0903 1 Microsoft 1 Data Access Components 2026-04-16 N/A
Buffer overflow in a component of Microsoft Data Access Components (MDAC) 2.5 through 2.8 allows remote attackers to execute arbitrary code via a malformed UDP response to a broadcast request.