Export limit exceeded: 359880 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359880 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0924 | 2 Netpbm, Redhat | 3 Netpbm, Enterprise Linux, Linux | 2026-04-16 | N/A |
| netpbm 9.25 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files. | ||||
| CVE-2003-1022 | 1 Debian | 1 Fsp | 2026-04-16 | N/A |
| Directory traversal vulnerability in fsp before 2.81.b18 allows remote users to access files outside the FSP root directory. | ||||
| CVE-2004-0045 | 1 Isc | 1 Inn | 2026-04-16 | N/A |
| Buffer overflow in the ARTpost function in art.c in the control message handling code for INN 2.4.0 may allow remote attackers to execute arbitrary code. | ||||
| CVE-2004-0115 | 1 Microsoft | 1 Virtual Pc | 2026-04-16 | N/A |
| VirtualPC_Services in Microsoft Virtual PC for Mac 6.0 through 6.1 allows local attackers to truncate and overwrite arbitrary files, and execute arbitrary code, via a symlink attack on the VPCServices_Log temporary file. | ||||
| CVE-2004-0121 | 1 Microsoft | 2 Office, Outlook | 2026-04-16 | N/A |
| Argument injection vulnerability in Microsoft Outlook 2002 does not sufficiently filter parameters of mailto: URLs when using them as arguments when calling OUTLOOK.EXE, which allows remote attackers to use script code in the Local Machine zone and execute arbitrary programs. | ||||
| CVE-2004-0122 | 1 Microsoft | 1 Msn Messenger | 2026-04-16 | N/A |
| Microsoft MSN Messenger 6.0 and 6.1 does not properly handle certain requests, which allows remote attackers to read arbitrary files. | ||||
| CVE-2004-0131 | 1 Gnu | 1 Radius | 2026-04-16 | N/A |
| The rad_print_request function in logger.c for GNU Radius daemon (radiusd) before 1.2 allows remote attackers to cause a denial of service (crash) via a UDP packet with an Acct-Status-Type attribute without a value and no Acct-Session-Id attribute, which causes a null dereference. | ||||
| CVE-2004-0167 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| DiskArbitration in Mac OS X 10.2.8 and 10.3.2 does not properly initialize writeable removable media. | ||||
| CVE-2004-0169 | 1 Apple | 1 Darwin Streaming Server | 2026-04-16 | N/A |
| QuickTime Streaming Server in MacOS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service (crash) via DESCRIBE requests with long User-Agent fields, which causes an Assert error to be triggered in the BufferIsFull function. | ||||
| CVE-2004-0256 | 1 Gnu | 1 Libtool | 2026-04-16 | N/A |
| GNU libtool before 1.5.2, during compile time, allows local users to overwrite arbitrary files via a symlink attack on libtool directories in /tmp. | ||||
| CVE-2004-0263 | 2 Apache, Ibm | 2 Http Server, Http Server | 2026-04-16 | N/A |
| PHP 4.3.4 and earlier in Apache 1.x and 2.x (mod_php) can leak global variables between virtual hosts that are handled by the same Apache child process but have different settings, which could allow remote attackers to obtain sensitive information. | ||||
| CVE-2004-0336 | 1 Software602 | 1 602pro Lan Suite | 2026-04-16 | N/A |
| LAN SUITE Web Mail 602Pro allows remote attackers to gain sensitive information via the mail login form, which contains the path to the mail directory. | ||||
| CVE-2002-1112 | 1 Mantis | 1 Mantis | 2026-04-16 | N/A |
| Mantis before 0.17.4 allows remote attackers to list project bugs without authentication by modifying the cookie that is used by the "View Bugs" page. | ||||
| CVE-2002-1108 | 1 Cisco | 1 Vpn Client | 2026-04-16 | N/A |
| Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.6(Rel), when configured with all tunnel mode, can be forced into acknowledging a TCP packet from outside the tunnel. | ||||
| CVE-1999-1068 | 1 Oracle | 1 Http Server | 2026-04-16 | N/A |
| Oracle Webserver 2.1, when serving PL/SQL stored procedures, allows remote attackers to cause a denial of service via a long HTTP GET request. | ||||
| CVE-2004-0743 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Safari in Mac OS X before 10.3.5, after sending form data using the POST method, may re-send the data to a GET method URL if that URL is redirected after the POST data and the user uses the forward or backward buttons, which may cause an information leak. | ||||
| CVE-2003-0399 | 1 Vignette | 3 Content Suite, Storyserver, Vignette | 2026-04-16 | N/A |
| Vignette StoryServer 4 and 5, Vignette V/5, and possibly other versions allows remote attackers to perform unauthorized SELECT queries by setting the vgn_creds cookie to an arbitrary value and directly accessing the save template. | ||||
| CVE-2003-0401 | 1 Vignette | 3 Content Suite, Storyserver, Vignette | 2026-04-16 | N/A |
| Vignette StoryServer and Vignette V/5 allows remote attackers to obtain sensitive information via a request for the /vgn/style template. | ||||
| CVE-2003-0411 | 2 Microsoft, Oracle | 3 Windows 2000, Windows Xp, Sun One Application Server | 2026-04-16 | 7.5 High |
| Sun ONE Application Server 7.0 for Windows 2000/XP allows remote attackers to obtain JSP source code via a request that uses the uppercase ".JSP" extension instead of the lowercase .jsp extension. | ||||
| CVE-2004-0792 | 2 Andrew Tridgell, Redhat | 2 Rsync, Enterprise Linux | 2026-04-16 | N/A |
| Directory traversal vulnerability in the sanitize_path function in util.c for rsync 2.6.2 and earlier, when chroot is disabled, allows attackers to read or write certain files. | ||||