Search Results (364696 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-1034 1 Att 1 Svr4 2026-04-16 N/A
Vulnerability in login in AT&T System V Release 4 allows local users to gain privileges.
CVE-2006-3475 1 Free Qboard 1 Free Qboard 2026-04-16 N/A
Multiple PHP remote file inclusion vulnerabilities in free QBoard 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the qb_path parameter to (1) index.php, (2) about.php, (3) contact.php, (4) delete.php, (5) faq.php, (6) features.php or (7) history.php, a different set of vectors than CVE-2006-2998.
CVE-2004-0398 3 Debian, Redhat, Webdav 4 Debian Linux, Enterprise Linux, Cadaver and 1 more 2026-04-16 N/A
Heap-based buffer overflow in the ne_rfc1036_parse date parsing function for the neon library (libneon) 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client.
CVE-2004-0404 1 Psionic 1 Logcheck 2026-04-16 N/A
logcheck before 1.1.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary directory in /var/tmp.
CVE-2004-0405 2 Cvs, Redhat 3 Cvs, Enterprise Linux, Linux 2026-04-16 N/A
CVS before 1.11 allows CVS clients to read arbitrary files via .. (dot dot) sequences in filenames via CVS client requests, a different vulnerability than CVE-2004-0180.
CVE-2004-0411 2 Kde, Redhat 2 Konqueror, Enterprise Linux 2026-04-16 N/A
The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote attackers to manipulate the options that are passed to the associated programs, possibly to read arbitrary files or execute arbitrary code.
CVE-2005-2735 1 Phpgraphy 1 Phpgraphy 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in phpGraphy 0.9.9a and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.
CVE-2004-0416 6 Cvs, Gentoo, Openbsd and 3 more 6 Cvs, Linux, Openbsd and 3 more 2026-04-16 N/A
Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code.
CVE-2005-2736 1 Yapig 1 Yapig 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in YaPig 0.95 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.
CVE-2005-2737 1 Photopost 1 Photopost Php Pro 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in PhotoPost PHP Pro 5.1 allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.
CVE-2004-0417 6 Cvs, Gentoo, Openbsd and 3 more 6 Cvs, Linux, Openbsd and 3 more 2026-04-16 N/A
Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space.
CVE-2004-0418 6 Cvs, Gentoo, Openbsd and 3 more 6 Cvs, Linux, Openbsd and 3 more 2026-04-16 N/A
serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data.
CVE-1999-1036 1 Cops 1 Cops 2026-04-16 N/A
COPS 1.04 allows local users to overwrite or create arbitrary files via a symlink attack on temporary files in (1) res_diff, (2) ca.src, and (3) mail.chk.
CVE-2005-4512 1 Waxtrapp 1 Waxtrapp 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in WAXTRAPP 3.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters.
CVE-2004-0420 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
The Windows Shell application in Windows 98, Windows ME, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by spoofing the type of a file via a CLSID specifier in the filename, as demonstrated using Internet Explorer 6.0.2800.1106 on Windows XP.
CVE-1999-1037 1 Coast 1 Satan 2026-04-16 N/A
rex.satan in SATAN 1.1.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/rex.$$ file.
CVE-2005-2739 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Keychain Access in Mac OS X 10.4.2 and earlier keeps a password visible even if a keychain times out while the password is being viewed, which could allow attackers with physical access to obtain the password.
CVE-2004-0428 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Unknown vulnerability in CoreFoundation in Mac OS X 10.3.3 and Mac OS X 10.3.3 Server, related to "the handling of an environment variable," has unknown attack vectors and unknown impact.
CVE-2004-0429 1 Apple 1 Mac Os X 2026-04-16 N/A
Unknown vulnerability related to "the handling of large requests" in RAdmin for Apple Mac OS X 10.3.3 and Mac OS X 10.2.8 may allow attackers to have unknown impact via unknown attack vectors.
CVE-2005-2741 2 Apple, Perry Kiehtreiber 3 Mac Os X, Mac Os X Server, Securityd 2026-04-16 N/A
Authorization Services in securityd for Apple Mac OS X 10.3.9 allows local users to gain privileges by granting themselves certain rights that should be restricted to administrators.