Export limit exceeded: 366570 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (366570 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1444 1 Kth 1 Kth Kerberos 2026-04-16 N/A
The Kerberos Telnet protocol, as implemented by KTH Kerberos IV and Kerberos V (Heimdal), does not encrypt authentication and encryption options sent from the server, which allows remote attackers to downgrade authentication and encryption mechanisms via a man-in-the-middle attack.
CVE-2001-1427 1 Macromedia 1 Coldfusion 2026-04-16 N/A
Unknown vulnerability in ColdFusion Server 2.0 through 4.5.1 SP2 allows remote attackers to overwrite templates with zero byte files via unknown attack vectors.
CVE-2001-1417 1 Aol 1 Instant Messenger 2026-04-16 N/A
AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a denial of service (application hang or crash) via a buddy icon GIF file whose length and width values are larger than the actual image data.
CVE-2001-1142 1 Argosoft 1 Ftp Server 2026-04-16 N/A
ArGoSoft FTP Server 1.2.2.2 uses weak encryption for user passwords, which allows an attacker with access to the password file to gain privileges.
CVE-2001-1129 1 Progress 1 Progress 2026-04-16 N/A
Format string vulnerabilities in (1) _probuild, (2) _dbutil, (3) _mprosrv, (4) _mprshut, (5) _proapsv, (6) _progres, (7) _proutil, (8) _rfutil and (9) prolib in Progress database 9.1C allows a local user to execute arbitrary code via format string specifiers in the file used by the PROMSGS environment variable.
CVE-2001-1127 1 Progress 1 Progress 2026-04-16 N/A
Buffer overflow in Progress database 8.3D and 9.1C could allow a local user to execute arbitrary code via (1) _proapsv, (2) _mprosrv, (3) _mprshut, (4) orarx, (5) sqlcpp, (6) _probrkr, (7) _sqlschema and (8) _sqldump.
CVE-2005-0308 1 Ursoftware 1 W32dasm 2026-04-16 N/A
Buffer overflow in the wsprintf function in W32Dasm 8.93 and earlier allows remote attackers to execute arbitrary code via a large import or export function name.
CVE-2000-0132 1 Microsoft 1 Virtual Machine 2026-04-16 N/A
Microsoft Java Virtual Machine allows remote attackers to read files via the getSystemResourceAsStream function.
CVE-2001-1246 2 Php, Redhat 3 Php, Enterprise Linux, Linux 2026-04-16 N/A
PHP 4.0.5 through 4.1.0 in safe mode does not properly cleanse the 5th parameter to the mail() function, which allows local users and possibly remote attackers to execute arbitrary commands via shell metacharacters.
CVE-2003-0025 1 Horde 1 Imp 2026-04-16 N/A
Multiple SQL injection vulnerabilities in IMP 2.2.8 and earlier allow remote attackers to perform unauthorized database activities and possibly gain privileges via certain database functions such as check_prefs() in db.pgsql, as demonstrated using mailbox.php3.
CVE-2004-0883 5 Linux, Redhat, Suse and 2 more 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more 2026-04-16 N/A
Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read function, (2) returning a data offset from outside the samba packet to the smb_proc_readX function, (3) sending a certain TRANS2 fragmented packet to the smb_receive_trans2 function, (4) sending a samba packet with a certain header size to the smb_proc_readX_data function, or (5) sending a certain packet based offset for the data in a packet to the smb_receive_trans2 function.
CVE-2006-0328 1 Philippe Jounin 1 Tftpd32 2026-04-16 N/A
Format string vulnerability in Tftpd32 2.81 allows remote attackers to cause a denial of service via format string specifiers in a filename in a (1) GET or (2) SEND request.
CVE-2006-0329 1 Hitachi 1 Hitsenser Data Mart Server 2026-04-16 N/A
SQL injection vulnerability in HITSENSER Data Mart Server BS, BS-S, BS-M, BS-L, and EX allows remote attackers to execute arbitrary SQL commands via unknown attack vectors.
CVE-2006-0330 1 Gallery Project 1 Gallery 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Gallery before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors, possibly involving the user name (fullname).
CVE-2006-0331 1 Thiago Melo De Paula 1 Change Passwd 2026-04-16 N/A
Buffer overflow in Change passwd 3.1 (chpasswd) SquirrelMail plugin allows local users to execute arbitrary code via long command line arguments.
CVE-2006-0334 1 Freekrai.net 1 My Amazon Store Manager 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in search.php in My Amazon Store Manager 1.0 allows remote attackers to inject arbitrary web script or HTML via the Keywords parameter. NOTE: some sources claim that the affected parameter is "q", but the only public archive of the original researcher notification shows an XSS manipulation in "Keywords".
CVE-2006-0335 1 Kerio 1 Winroute Firewall 2026-04-16 N/A
Multiple unspecified vulnerabilities in Kerio WinRoute Firewall before 6.1.4 Patch 1 allow remote attackers to cause a denial of service via multiple unspecified vectors involving (1) long strings received from Active Directory and (2) the filtering of HTML.
CVE-2006-0336 1 Kerio 1 Winroute Firewall 2026-04-16 N/A
Kerio WinRoute Firewall before 6.1.4 Patch 2 allows attackers to cause a denial of service (CPU consumption and hang) via unknown vectors involving "browsing the web".
CVE-2006-0337 1 F-secure 4 F-secure Anti-virus, F-secure Internet Security, Internet Gatekeeper and 1 more 2026-04-16 N/A
Buffer overflow in multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allows remote attackers to execute arbitrary code via crafted ZIP archives.
CVE-2006-0338 1 F-secure 4 F-secure Anti-virus, F-secure Internet Security, F-secure Personal Express and 1 more 2026-04-16 N/A
Multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allow remote attackers to hide arbitrary files and data via malformed (1) RAR and (2) ZIP archives, which are not properly scanned.