Export limit exceeded: 364938 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364938 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0607 1 Stanley T. Shebs 1 Xconq 2026-04-16 N/A
Buffer overflow in xconq 7.4.1 allows local users to become part of the "games" group via the (1) USER or (2) DISPLAY environment variables.
CVE-2005-2630 1 Realnetworks 2 Realone Player, Realplayer 2026-04-16 N/A
Heap-based buffer overflow in DUNZIP32.DLL for RealPlayer 8, 10, and 10.5 and RealOne Player 1 and 2 allows remote attackers to execute arbitrary code via a crafted RealPlayer Skin (RJS) file, a different vulnerability than CVE-2004-1094.
CVE-2003-0648 2 Debian, Fte 2 Debian Linux, Fte Text Editor 2026-04-16 N/A
Multiple buffer overflows in vfte, based on FTE, before 0.50, allow local users to execute arbitrary code.
CVE-2003-0814 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and execute Javascript by setting the window's "href" to the malicious Javascript, then calling execCommand("Refresh") to refresh the page, aka BodyRefreshLoadsJPU or the "ExecCommand Cross Domain" vulnerability.
CVE-2005-2638 1 Phpfreenews 1 Phpfreenews 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in PHPFreeNews 1.40 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) NewsMode parameter to NewsCategoryForm.php, or the (2) Match or (3) NewsMode parameter to SearchResults.php.
CVE-2005-2639 1 Valusoft 1 Chris Moneymakers World Poker Championship 2026-04-16 N/A
Buffer overflow in Chris Moneymaker's World Poker Championship 1.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long nickname.
CVE-2005-3365 1 Codeworx Technologies 1 Dcp-portal 2026-04-16 N/A
Multiple SQL injection vulnerabilities in DCP-Portal 6 and earlier allow remote attackers to execute arbitrary SQL commands, possibly requiring encoded characters, via (1) the name parameter in register.php, (2) the email parameter in lostpassword.php, (3) the year parameter in calendar.php, and the (4) cid parameter to index.php. NOTE: the mid parameter for forums.php is already associated with CVE-2005-0454. NOTE: the index.php/cid vector was later reported to affect 6.11.
CVE-2003-0828 1 Gus And Psilord 1 Freesweep 2026-04-16 N/A
Buffer overflow in freesweep in Debian GNU/Linux 3.0 allows local users to gain "games" group privileges when processing environment variables.
CVE-2003-0902 1 Minimalist 1 Minimalist 2026-04-16 N/A
Unknown vulnerability in minimalist mailing list manager 2.4, 2.2, and possibly other versions, allows remote attackers to execute arbitrary commands.
CVE-2005-3926 1 Guppy 1 Guppy 2026-04-16 N/A
Direct static code injection vulnerability in error.php in GuppY 4.5.9 and earlier, when register_globals is disabled, allows remote attackers to execute arbitrary PHP code via the _SERVER[REMOTE_ADDR] parameter, which is injected into a .inc script that is later included by the main script.
CVE-2005-3935 1 Socketkb 1 Socketkb 2026-04-16 N/A
SQL injection vulnerability in SocketKB 1.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) node and (2) art_id parameters.
CVE-2003-0965 2 Gnu, Redhat 2 Mailman, Linux 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the admin CGI script for Mailman before 2.1.4 allows remote attackers to steal session cookies and conduct unauthorized activities.
CVE-2003-0989 1 Redhat 3 Enterprise Linux, Linux, Tcpdump 2026-04-16 N/A
tcpdump before 3.8.1 allows remote attackers to cause a denial of service (infinite loop) via certain ISAKMP packets, a different vulnerability than CVE-2004-0057.
CVE-2005-2642 1 Mutt 1 Mutt 2026-04-16 N/A
Buffer overflow in the mutt_decode_xbit function in Handler.c for Mutt 1.5.10 allows remote attackers to execute arbitrary code, possibly due to interactions with libiconv or gettext.
CVE-2003-0994 1 Symantec 4 Norton Antivirus, Norton Internet Security, Norton System Works and 1 more 2026-04-16 N/A
The GUI functionality for an interactive session in Symantec LiveUpdate 1.70.x through 1.90.x, as used in Norton Internet Security 2001 through 2004, SystemWorks 2001 through 2004, and AntiVirus and Norton AntiVirus Pro 2001 through 2004, AntiVirus for Handhelds v3.0, allows local users to gain SYSTEM privileges.
CVE-2003-1009 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Directory Services in Apple Mac OS X 10.0.2, 10.0.3, 10.2.8, 10.3.2 and Apple Mac OS X Server 10.2 through 10.3.2 accepts authentication server information from unknown LDAP or NetInfo sources as provided by a malicious DHCP server, which allows remote attackers to gain privileges.
CVE-2005-3944 1 Faq System 1 Faq System 2026-04-16 N/A
SQL injection vulnerability in survey.php in ilyav Survey System 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the SURVEY_ID parameter.
CVE-2003-1014 3 Clearswift, F-secure, Paul L Daniels 3 Mailsweeper, Internet Gatekeeper, Ripmime 2026-04-16 N/A
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use multiple MIME fields with the same name, which may be interpreted differently by mail clients.
CVE-2003-1029 1 Lbl 1 Tcpdump 2026-04-16 N/A
The L2TP protocol parser in tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a packet with invalid data to UDP port 1701, which causes l2tp_avp_print to use a bad length value when calling print_octets.
CVE-2003-1031 1 Jelsoft 1 Vbulletin 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in register.php for vBulletin 3.0 Beta 2 allows remote attackers to inject arbitrary HTML or web script via optional fields such as (1) "Interests-Hobbies", (2) "Biography", or (3) "Occupation."