Export limit exceeded: 359582 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359582 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0337 | 1 Platform | 1 Lsadmin | 2026-04-16 | N/A |
| The ckconfig command in lsadmin for Load Sharing Facility (LSF) 5.1 allows local users to execute arbitrary programs by modifying the LSF_ENVDIR environment variable to reference an alternate lsf.conf file, then modifying LSF_SERVERDIR to point to a malicious lim program, which lsadmin then executes. | ||||
| CVE-2003-0354 | 1 Redhat | 2 Enterprise Linux, Linux | 2026-04-16 | N/A |
| Unknown vulnerability in GNU Ghostscript before 7.07 allows attackers to execute arbitrary commands, even when -dSAFER is enabled, via a PostScript file that causes the commands to be executed from a malicious print job. | ||||
| CVE-2005-3363 | 1 Saphp | 1 Saphplesson | 2026-04-16 | N/A |
| SQL injection vulnerability in Saphp Lesson, possibly saphp Lesson1.1 and saphpLesson2.0, allows remote attackers to execute arbitrary SQL commands via the forumid parameter in (1) showcat.php and (2) add.php. | ||||
| CVE-2003-0362 | 1 Debian | 1 Debian Linux | 2026-04-16 | N/A |
| Buffer overflow in gPS before 0.10.2 may allow local users to cause a denial of service (SIGSEGV) in rgpsp via long command lines. | ||||
| CVE-2003-0364 | 1 Redhat | 2 Enterprise Linux, Linux | 2026-04-16 | N/A |
| The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions. | ||||
| CVE-2005-2618 | 2 Autonomy, Ibm | 4 Keyview Export Sdk, Keyview Filter Sdk, Keyview Viewer Sdk and 1 more | 2026-04-16 | N/A |
| Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allow remote attackers to execute arbitrary code via (1) a UUE file containing an encoded file with a long filename handled by uudrdr.dll, (2) a compressed ZIP file with a long filename handled by kvarcve.dll, (3) a TAR archive with a long filename that is extracted to a directory with a long path handled by the TAR reader (tarrdr.dll), (4) an email that contains a long HTTP, FTP, or // link handled by the HTML speed reader (htmsr.dll) or (5) an email containing a crafted long link handled by the HTML speed reader (htmsr.dll). | ||||
| CVE-2003-0391 | 1 Amax Information Technologies | 1 Magic Winmail Server | 2026-04-16 | N/A |
| Format string vulnerability in Magic WinMail Server 2.3, and possibly other 2.x versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the PASS command. | ||||
| CVE-2005-2622 | 1 Ecw-shop | 1 Ecw-shop | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in ECW-Shop 6.0.2 allows remote attackers to inject arbitrary web script or HTML via the (1) max or (2) ctg parameter. | ||||
| CVE-2003-0418 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| The Linux 2.0 kernel IP stack does not properly calculate the size of an ICMP citation, which causes it to include portions of unauthorized memory in ICMP error responses. | ||||
| CVE-2003-0513 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Microsoft Internet Explorer allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Internet Explorer to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application. | ||||
| CVE-2003-0533 | 1 Microsoft | 7 Netmeeting, Windows 2000, Windows 2003 Server and 4 more | 2026-04-16 | N/A |
| Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm. | ||||
| CVE-2005-2625 | 1 Cpaint | 1 Cpaint | 2026-04-16 | N/A |
| Incomplete blacklist vulnerability in the checkBlacklist function in CPAINT allows remote attackers to execute arbitrary commands via the (1) ExecuteGlobal function or (2) GetRef statement, which is not included in the blacklist. | ||||
| CVE-2005-3718 | 1 Utstarcom | 1 F1000 Voip Wifi Phone | 2026-04-16 | N/A |
| UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2.6 does not allow users to disable access to (1) SNMP or (2) the rlogin port TCP 513, which allows remote attackers to exploit other vulnerabilities such as CVE-2005-3716, or execute arbitrary shell commands via rlogin, which does not require authentication. | ||||
| CVE-2003-0601 | 1 Apple | 1 Mac Os X Server | 2026-04-16 | N/A |
| Workgroup Manager in Apple Mac OS X Server 10.2 through 10.2.6 does not disable a password for a new account before it is saved for the first time, which allows remote attackers to gain unauthorized access via the new account before it is saved. | ||||
| CVE-2003-0607 | 1 Stanley T. Shebs | 1 Xconq | 2026-04-16 | N/A |
| Buffer overflow in xconq 7.4.1 allows local users to become part of the "games" group via the (1) USER or (2) DISPLAY environment variables. | ||||
| CVE-2005-2630 | 1 Realnetworks | 2 Realone Player, Realplayer | 2026-04-16 | N/A |
| Heap-based buffer overflow in DUNZIP32.DLL for RealPlayer 8, 10, and 10.5 and RealOne Player 1 and 2 allows remote attackers to execute arbitrary code via a crafted RealPlayer Skin (RJS) file, a different vulnerability than CVE-2004-1094. | ||||
| CVE-2003-0648 | 2 Debian, Fte | 2 Debian Linux, Fte Text Editor | 2026-04-16 | N/A |
| Multiple buffer overflows in vfte, based on FTE, before 0.50, allow local users to execute arbitrary code. | ||||
| CVE-2003-0814 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and execute Javascript by setting the window's "href" to the malicious Javascript, then calling execCommand("Refresh") to refresh the page, aka BodyRefreshLoadsJPU or the "ExecCommand Cross Domain" vulnerability. | ||||
| CVE-2005-2638 | 1 Phpfreenews | 1 Phpfreenews | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PHPFreeNews 1.40 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) NewsMode parameter to NewsCategoryForm.php, or the (2) Match or (3) NewsMode parameter to SearchResults.php. | ||||
| CVE-2005-2639 | 1 Valusoft | 1 Chris Moneymakers World Poker Championship | 2026-04-16 | N/A |
| Buffer overflow in Chris Moneymaker's World Poker Championship 1.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long nickname. | ||||