Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1115 1 Gentoo 1 Linux 2026-04-16 N/A
The init scripts in Search for Extraterrestrial Intelligence (SETI) project 3.08-r3 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs.
CVE-2004-1117 1 Gentoo 1 Linux 2026-04-16 N/A
The init scripts in ChessBrain 20407 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs.
CVE-2005-4618 1 Linux 1 Linux Kernel 2026-04-16 N/A
Buffer overflow in sysctl in the Linux Kernel 2.6 before 2.6.15 allows local users to corrupt user memory and possibly cause a denial of service via a long string, which causes sysctl to write a zero byte outside the buffer. NOTE: since the sysctl is called from a userland program that provides the argument, this might not be a vulnerability, unless a legitimate user-assisted or setuid scenario can be identified.
CVE-2004-1118 1 Weonlydo 1 Wodftpdlx Activex Component 2026-04-16 N/A
Buffer overflow in the WodFtpDLX.ocx (WeOnlyDo!) ActiveX component before 2.3.2.97, as used by CoffeeCup Direct FTP 6.2.0.62 and CoffeeCup Free FTP 3.0.0.10, and possibly other applications, allows remote attackers to execute arbitrary code via a long filename.
CVE-2005-0063 1 Microsoft 6 Windows 2000, Windows 2003 Server, Windows 98 and 3 more 2026-04-16 N/A
The document processing application used by the Windows Shell in Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by modifying the CLSID stored in a file so that it is processed by HTML Application Host (MSHTA), as demonstrated using a Microsoft Word document.
CVE-2004-1119 1 Nullsoft 1 Winamp 2026-04-16 N/A
Stack-based buffer overflow in IN_CDDA.dll in Winamp 5.05, and possibly other versions including 5.06, allows remote attackers to execute arbitrary code via a certain .m3u playlist file.
CVE-2002-0393 1 Red-m 1 1050ap Lan Acess Point 2026-04-16 N/A
Buffer overflow in Red-M 1050 (Bluetooth Access Point) management web interface allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long administration password.
CVE-2005-0550 1 Microsoft 3 Windows 2000, Windows 2003 Server, Windows Xp 2026-04-16 N/A
Buffer overflow in Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to cause a denial of service (i.e., system crash) via a malformed request, aka "Object Management Vulnerability".
CVE-2005-1208 1 Microsoft 4 Windows 2000, Windows 2003 Server, Windows 98 and 1 more 2026-04-16 N/A
Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via a crafted compiled Help (.CHM) file with a large size field that triggers a heap-based buffer overflow, as demonstrated using a "ms-its:" URL in Internet Explorer.
CVE-2004-1124 1 Sco 2 Openserver, Unixware 2026-04-16 N/A
Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 allows local users to escape the chroot jail and conduct unauthorized activities.
CVE-2004-2457 1 3com 1 3crwe754g72-a 2026-04-16 N/A
Unspecified vulnerability in 3Com OfficeConnect ADSL 11g Router allows remote attackers to cause a denial of service (crash) via a large amount of UDP traffic.
CVE-2005-1212 1 Microsoft 7 Windows 2000, Windows 2000 Terminal Services, Windows 2003 Server and 4 more 2026-04-16 N/A
Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field.
CVE-2005-1981 1 Microsoft 2 Windows 2000, Windows 2003 Server 2026-04-16 N/A
Unknown vulnerability in Microsoft Windows 2000 Server and Windows Server 2003 domain controllers allows remote authenticated users to cause a denial of service (system crash) via a crafted Kerberos message.
CVE-2006-0084 1 Rasmp 1 Rasmp 2026-04-16 N/A
Cross-site scripting vulnerability in index.php in raSMP 2.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the $_SERVER[HTTP_USER_AGENT] variable (User-Agent header).
CVE-2002-0410 1 Aeromail 1 Aeromail 2026-04-16 N/A
send_message.php in AeroMail before 1.45 allows remote attackers to read arbitrary files on the server, instead of just uploaded files, via an attachment that modifies the filename to be uploaded.
CVE-2004-1129 1 Youngzsoft 1 Cmailserver 2026-04-16 N/A
SQL injection vulnerability in (1) fdelmail.asp, (2) addressc.asp, and possibly (3) postmail.asp and (4) fmvmail.asp in CMailServer 5.2 allow remote attackers to inject arbitrary SQL commands and delete mail metadata or e-mail addresses of contacts via the indexOfMail parameter.
CVE-2002-0426 1 Linksys 1 Befvp41 2026-04-16 N/A
VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router before 1.40.1 reduces the key lengths for keys that are supplied via manual key entry, which makes it easier for attackers to crack the keys.
CVE-2004-1130 1 Youngzsoft 1 Cmailserver 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in admin.asp in CMailServer 5.2 allows remote attackers to execute arbitrary web script or HTML via personal information fields, such as (1) username, (2) name, or (3) comments.
CVE-2006-0085 1 Nkads 1 Nkads 2026-04-16 N/A
SQL injection vulnerability in Nkads 1.0 alfa 3 allows remote attackers to execute arbitrary SQL commands via the (1) usuario_nkads_admin or (2) password_nkads_admin parameters.
CVE-2005-1983 1 Microsoft 2 Windows 2000, Windows Xp 2026-04-16 N/A
Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.