Export limit exceeded: 359922 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359922 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0942 | 1 Oracle | 1 Database Server | 2026-04-16 | N/A |
| dbsnmp in Oracle 8.1.6 and 8.1.7 uses the ORACLE_HOME environment variable to find and execute the dbsnmp program, which allows local users to execute arbitrary programs by pointing the ORACLE_HOME to an alternate directory that contains a malicious version of dbsnmp. | ||||
| CVE-2003-1155 | 1 X-cd-roast | 1 X-cd-roast | 2026-04-16 | N/A |
| X-CD-Roast 0.98 alpha10 through alpha14 allows local users to overwrite arbitrary files via a symlink attack on an unknown file. | ||||
| CVE-2003-1172 | 1 Apache | 1 Cocoon | 2026-04-16 | N/A |
| Directory traversal vulnerability in the view-source sample file in Apache Software Foundation Cocoon 2.1 and 2.2 allows remote attackers to access arbitrary files via a .. (dot dot) in the filename parameter. | ||||
| CVE-2004-0462 | 2026-04-16 | N/A | ||
| The built-in web servers for multiple networking devices do not set the Secure attribute for sensitive cookies in HTTPS sessions, which could cause the user agent to send those cookies in plaintext over an HTTP session with the same server. | ||||
| CVE-2004-1780 | 1 Info Touch | 1 Surfnet | 2026-04-16 | N/A |
| Info Touch Surfnet kiosk allows local users to deposit extra time into Internet kiosk accounts via repeated authentication attempts. | ||||
| CVE-2004-1795 | 1 Info Touch | 1 Surfnet | 2026-04-16 | N/A |
| Info Touch Surfnet kiosk allows local users to access the underlying filesystem via a 'file://' URI. | ||||
| CVE-2004-1808 | 1 Metamail Corporation | 1 Metamail | 2026-04-16 | N/A |
| Extcompose in metamail does not verify the output file before writing to it, which allows local users to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2004-1847 | 1 Expinion.net | 1 News Manager Lite | 2026-04-16 | N/A |
| News Manager Lite 2.5 allows remote attackers to bypass authentication and gain administrator privileges by setting the ADMIN parameter in the NEWS_LOGIN cookie. | ||||
| CVE-2004-1848 | 2 Ipswitch, Progress | 2 Ws Ftp Server, Ws Ftp Server | 2026-04-16 | N/A |
| Ipswitch WS_FTP Server 4.0.2 allows remote attackers to cause a denial of service (disk consumption) and bypass file size restrictions via a REST command with a large size argument, followed by a STOR of a smaller file. | ||||
| CVE-2004-1883 | 1 Progress | 1 Ws Ftp Server | 2026-04-16 | N/A |
| Multiple buffer overflows in Ipswitch WS_FTP Server 4.0.2 (1) allow remote authenticated users to execute arbitrary code by causing a large error string to be generated by the ALLO handler, or (2) may allow remote FTP administrators to execute arbitrary code by causing a long hostname or username to be inserted into a reply to a STAT command while a file is being transferred. | ||||
| CVE-2004-1894 | 1 Pragma Ade | 1 Context | 2026-04-16 | N/A |
| TEXutil in ConTEXt, when executed with the --silent option, allows local users to overwrite arbitrary files via a symlink attack on texutil.log. | ||||
| CVE-2004-2013 | 1 Linux | 1 Linux Kernel | 2026-04-16 | 7.8 High |
| Integer overflow in the SCTP_SOCKOPT_DEBUG_NAME SCTP socket option in socket.c in the Linux kernel 2.4.25 and earlier allows local users to execute arbitrary code via an optlen value of -1, which causes kmalloc to allocate 0 bytes of memory. | ||||
| CVE-2004-2066 | 1 Linpha | 1 Linpha | 2026-04-16 | N/A |
| SQL injection vulnerability in session.php in LinPHA 0.9.4 allows remote attackers to execute arbitrary SQL code and bypass authentication via the (1) linpha_userid or (2) linpha_password cookies. | ||||
| CVE-2005-1098 | 1 Runtime Software | 1 Getdataback For Ntfs | 2026-04-16 | N/A |
| GetDataBack for NTFS 2.31 stores the username and license key in plaintext in the Name value in the License registry key, which may allow local users to obtain sensitive information. | ||||
| CVE-2005-1807 | 1 Phpmailer | 1 Phpmailer | 2026-04-16 | N/A |
| The Data function in class.smtp.php in PHPMailer 1.7.2 and earlier allows remote attackers to cause a denial of service (infinite loop leading to memory and CPU consumption) via a long header field. | ||||
| CVE-2005-4280 | 1 Kitware | 1 Cmake | 2026-04-16 | N/A |
| Untrusted search path vulnerability in CMake before 2.2.0-r1 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH. | ||||
| CVE-2001-0955 | 1 Xfree86 Project | 1 X11r6 | 2026-04-16 | N/A |
| Buffer overflow in fbglyph.c in XFree86 before 4.2.0, related to glyph clipping for large origins, allows attackers to cause a denial of service and possibly gain privileges via a large number of characters, possibly through the web page search form of KDE Konqueror or from an xterm command with a long title. | ||||
| CVE-2001-1287 | 1 Ipswitch | 1 Imail | 2026-04-16 | N/A |
| Buffer overflow in Web Calendar in Ipswitch IMail 7.04 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | ||||
| CVE-2006-1010 | 1 Crossfire | 1 Crossfire | 2026-04-16 | N/A |
| Buffer overflow in socket/request.c in CrossFire before 1.9.0, when oldsocketmode is enabled, allows remote attackers to cause a denial of service (segmentation fault) and possibly execute code by sending the server a large request. | ||||
| CVE-2006-3360 | 1 Phpsysinfo | 1 Phpsysinfo | 2026-04-16 | N/A |
| Directory traversal vulnerability in index.php in phpSysInfo 2.5.1 allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) sequence and a trailing null (%00) byte in the lng parameter, which will display a different error message if the file exists. | ||||