Search Results (364877 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1751 1 Massive Entertainment 1 Ground Control Ii Operation Exodus 2026-04-16 N/A
Ground Control II: Operation Exodus 1.0.0.7 and earlier allows remote servers to cause a denial of service (client or server crash) via a large packet, which generates a "Message too long" socket error that is treated as a critical error.
CVE-2004-1754 1 Symantec 2 Enterprise Firewall, Gateway Security 2026-04-16 N/A
The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records.
CVE-2005-3120 3 Debian, Invisible-island, Redhat 3 Debian Linux, Lynx, Enterprise Linux 2026-04-16 9.8 Critical
Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.
CVE-2004-1761 2 Ethereal Group, Redhat 3 Ethereal, Enterprise Linux, Linux 2026-04-16 N/A
Unknown vulnerability in Ethereal 0.8.13 to 0.10.2 allows attackers to cause a denial of service (segmentation fault) via a malformed color filter file.
CVE-2005-3123 1 Gnu 1 Gnump3d 2026-04-16 N/A
Directory traversal vulnerability in GNUMP3D before 2.9.6 allows remote attackers to read arbitrary files via crafted sequences such as "/.//..//////././", which is collapsed into "/.././" after ".." and "//" sequences are removed.
CVE-2004-1768 1 Symantec 1 Brightmail Antispam 2026-04-16 N/A
The character converters in the Spamhunter and Language ID modules for Symantec Brightmail AntiSpam 6.0.1 before patch 132 allow remote attackers to cause a denial of service (crash) via messages with the ISO-8859-10 character set, which is not recognized by the converters.
CVE-2004-1769 1 Cpanel 1 Cpanel 2026-04-16 N/A
The "Allow cPanel users to reset their password via email" feature in cPanel 9.1.0 build 34 and earlier, including 8.x, allows remote attackers to execute arbitrary code via the user parameter to resetpass.
CVE-2004-1774 1 Oracle 2 Application Server, Oracle10g 2026-04-16 N/A
Buffer overflow in the SDO_CODE_SIZE procedure of the MD2 package (MDSYS.MD2.SDO_CODE_SIZE) in Oracle 10g before 10.1.0.2 Patch 2 allows local users to execute arbitrary code via a long LAYER parameter.
CVE-2004-1777 1 Skype Technologies 1 Skype 2026-04-16 N/A
A "range check error" in Skype for Windows before 0.98.0.28 allows local and remote attackers to cause a denial of service (application crash) via long command line arguments or a long callto:// URL, a different vulnerability than CVE-2004-1114.
CVE-2004-1779 1 Thwboard 1 Thwboard Beta 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in board.php for ThWboard before beta 2.84 allows remote attackers to inject arbitrary web script or HTML via the lastvisited parameter.
CVE-2005-3132 2 Icewarp, Merak 2 Web Mail, Mail Server 2026-04-16 N/A
MERAK Mail Server 8.2.4r with Icewarp Web Mail 5.5.1, and possibly earlier versions, allows remote attackers to obtain sensitive information via a direct request to bwlist_inc.html, which reveals the path in an error message.
CVE-2005-4572 1 Myezshop 1 Myezshop Shopping Cart 2026-04-16 N/A
Multiple SQL injection vulnerabilities in myEZshop Shopping Cart allow remote attackers to execute arbitrary SQL commands via the (1) GroupsId and (2) ItemsId parameters in admin.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2004-1789 1 Zyxel 1 Zywall10 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the web management interface in ZyWALL 10 4.07 allows remote attackers to inject arbitrary web script or HTML via the rpAuth_1 page.
CVE-2005-3146 2 Storebackup, Suse 2 Storebackup, Suse Linux 2026-04-16 N/A
StoreBackup before 1.19 allows local users to perform unauthorized operations on arbitrary files via a symlink attack on temporary files.
CVE-2004-1797 1 Freznoshop 1 Freznoshop 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in search.php for FreznoShop 1.3.0 RC1 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter.
CVE-2005-3147 2 Storebackup, Suse 2 Storebackup, Suse Linux 2026-04-16 N/A
StoreBackup before 1.19 creates the backup root with world-readable permissions, which allows local users to obtain sensitive information.
CVE-2006-0002 1 Microsoft 3 Exchange Server, Office, Outlook 2026-04-16 N/A
Unspecified vulnerability in Microsoft Outlook 2000 through 2003, Exchange 5.0 Server SP2 and 5.5 SP4, Exchange 2000 SP3, and Office allows remote attackers to execute arbitrary code via an e-mail message with a crafted Transport Neutral Encapsulation Format (TNEF) MIME attachment, related to message length validation.
CVE-2005-4579 1 Hitachi 1 Business Logic 2026-04-16 N/A
Multiple HTTP response splitting vulnerabilities in Hitachi Business Logic - Container (BLC) P-2443-9114 01-00 through 02-06 on Windows, and P-1M43-9111 01-01 through 02-00 on AIX, allow remote attackers to inject arbitrary HTTP headers via unknown attack vectors in an unspecified input form.
CVE-1999-1229 1 Id Software 1 Quake 2 Server 2026-04-16 N/A
Quake 2 server 3.13 on Linux does not properly check file permissions for the config.cfg configuration file, which allows local users to read arbitrary files via a symlink from config.cfg to the target file.
CVE-2000-0175 1 Sun 1 Staroffice 2026-04-16 N/A
Buffer overflow in StarOffice StarScheduler web server allows remote attackers to gain root access via a long GET command.