Search Results (21030 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-1396 1 Opera 1 Opera Browser 2026-04-16 N/A
Heap-based buffer overflow in Opera 6.05 through 7.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a filename with a long extension.
CVE-2004-0488 3 Apache, Debian, Redhat 8 Http Server, Debian Linux, Enterprise Linux and 5 more 2026-04-16 N/A
Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN.
CVE-2002-1660 1 Jelsoft 1 Vbulletin 2026-04-16 N/A
calendar.php in vBulletin before 2.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the command parameter.
CVE-2004-2732 1 Netbilling 1 Netbilling 2026-04-16 N/A
nbmember.cgi in Netbilling 2.0 allows remote attackers to obtain sensitive information via the cmd=test option, which can be leveraged to determine the access key.
CVE-2003-0870 1 Opera 1 Opera Browser 2026-04-16 N/A
Heap-based buffer overflow in Opera 7.11 and 7.20 allows remote attackers to execute arbitrary code via an HREF with a large number of escaped characters in the server name.
CVE-2006-4482 4 Canonical, Debian, Php and 1 more 5 Ubuntu Linux, Debian Linux, Php and 2 more 2026-04-16 N/A
Multiple heap-based buffer overflows in the (1) str_repeat and (2) wordwrap functions in ext/standard/string.c in PHP before 5.1.5, when used on a 64-bit system, have unspecified impact and attack vectors, a different vulnerability than CVE-2006-1990.
CVE-2004-0574 1 Microsoft 4 Exchange Server, Windows 2000, Windows Nt and 1 more 2026-04-16 N/A
The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an "unchecked buffer," leading to off-by-one and heap-based buffer overflows.
CVE-2001-1583 1 Sun 1 Sunos 2026-04-16 N/A
lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers to execute arbitrary commands via a job request with a crafted control file that is not properly handled when lpd invokes a mail program. NOTE: this might be the same vulnerability as CVE-2000-1220.
CVE-2004-1189 2 Mit, Redhat 2 Kerberos 5, Enterprise Linux 2026-04-16 N/A
The add_to_history function in svr_principal.c in libkadm5srv for MIT Kerberos 5 (krb5) up to 1.3.5, when performing a password change, does not properly track the password policy's history count and the maximum number of keys, which can cause an array index out-of-bounds error and may allow authenticated users to execute arbitrary code via a heap-based buffer overflow.
CVE-2002-2227 1 Rtfm 1 Ssldump 2026-04-16 N/A
Buffer underflow in ssldump 0.9b2 and earlier allows remote attackers to cause a denial of service (memory corruption) via a crafted SSLv2 challenge value.
CVE-2002-1898 1 Apple 2 Mac Os X, Terminal 2026-04-16 N/A
Terminal 1.3 in Apple Mac OS X 10.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a telnet:// link, which is executed by Terminal.app window.
CVE-2004-0783 2 Gnome, Redhat 3 Gdkpixbuf, Gtk, Enterprise Linux 2026-04-16 N/A
Stack-based buffer overflow in xpm_extract_color (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, may allow remote attackers to execute arbitrary code via a certain color string. NOTE: this identifier is ONLY for gtk+. It was incorrectly referenced in an advisory for a different issue (CVE-2004-0688).
CVE-1999-0067 2 Apache, Ncsa 2 Http Server, Ncsa Httpd 2026-04-16 N/A
phf CGI program allows remote command execution through shell metacharacters.
CVE-2004-0398 3 Debian, Redhat, Webdav 4 Debian Linux, Enterprise Linux, Cadaver and 1 more 2026-04-16 N/A
Heap-based buffer overflow in the ne_rfc1036_parse date parsing function for the neon library (libneon) 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client.
CVE-2005-0560 1 Microsoft 1 Exchange Server 2026-04-16 N/A
Heap-based buffer overflow in the SvrAppendReceivedChunk function in xlsasink.dll in the SMTP service of Exchange Server 2000 and 2003 allows remote attackers to execute arbitrary code via a crafted X-LINK2STATE extended verb request to the SMTP port.
CVE-2006-2362 1 Gnu 1 Binutils 2026-04-16 7.3 High
Buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation GNU Binutils before 20060423, as used by GNU strings, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a file with a crafted Tektronix Hex Format (TekHex) record in which the length character is not a valid hexadecimal character.
CVE-2005-2368 2 Redhat, Vim Development Group 2 Enterprise Linux, Vim 2026-04-16 N/A
vim 6.3 before 6.3.082, with modelines enabled, allows external user-assisted attackers to execute arbitrary commands via shell metacharacters in the (1) glob or (2) expand commands of a foldexpr expression for calculating fold levels.
CVE-2006-3945 2 Microsoft, Opera 2 Windows Xp, Opera Browser 2026-04-16 N/A
The CSS functionality in Opera 9 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by setting the background property of a DHTML element to a long http or https URL, which triggers memory corruption.
CVE-1999-0043 6 Bsdi, Caldera, Isc and 3 more 7 Bsd Os, Openlinux, Inn and 4 more 2026-04-16 9.8 Critical
Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.
CVE-2004-1287 2 Nasm, Redhat 2 Netwide Assembler, Enterprise Linux 2026-04-16 N/A
Buffer overflow in the error function in preproc.c for NASM 0.98.38 1.2 allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2005-1194.