Export limit exceeded: 16478 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (16478 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-2215 | 2 Php, Redhat | 2 Php, Enterprise Linux | 2026-04-16 | N/A |
| The imap_header function in the IMAP functionality for PHP before 4.3.0 allows remote attackers to cause a denial of service via an e-mail message with a large number of "To" addresses, which triggers an error in the rfc822_write_address function. | ||||
| CVE-2004-0942 | 2 Apache, Redhat | 2 Http Server, Enterprise Linux | 2026-04-16 | N/A |
| Apache webserver 2.0.52 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an HTTP GET request with a MIME header containing multiple lines with a large number of space characters. | ||||
| CVE-2004-1165 | 2 Kde, Redhat | 3 Kdelibs, Konqueror, Enterprise Linux | 2026-04-16 | N/A |
| Konqueror 3.3.1 allows remote attackers to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded newline ("%0a") before the FTP command, which causes the commands to be inserted into the resulting FTP session, as demonstrated using a PORT command. | ||||
| CVE-2006-4253 | 4 K-meleon Project, Mozilla, Netscape and 1 more | 4 K-meleon, Firefox, Navigator and 1 more | 2026-04-16 | N/A |
| Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple Javascript timed events that load a deeply nested XML file, followed by redirecting the browser to another page, which leads to a concurrency failure that causes structures to be freed incorrectly, as demonstrated by (1) ffoxdie and (2) ffoxdie3. NOTE: it has been reported that Netscape 8.1 and K-Meleon 1.0.1 are also affected by ffoxdie. Mozilla confirmed to CVE that ffoxdie and ffoxdie3 trigger the same underlying vulnerability. NOTE: it was later reported that Firefox 2.0 RC2 and 1.5.0.7 are also affected. | ||||
| CVE-2004-1177 | 2 Gnu, Redhat | 2 Mailman, Enterprise Linux | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the driver script in mailman before 2.1.5 allows remote attackers to inject arbitrary web script or HTML via a URL, which is not properly escaped in the resulting error page. | ||||
| CVE-2004-0941 | 3 Gd Graphics Library, Redhat, Trustix | 3 Gdlib, Enterprise Linux, Secure Linux | 2026-04-16 | N/A |
| Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function, a different set of vulnerabilities than CVE-2004-0990. | ||||
| CVE-2004-0940 | 7 Apache, Hp, Openpkg and 4 more | 9 Http Server, Hp-ux, Openpkg and 6 more | 2026-04-16 | 7.8 High |
| Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error. | ||||
| CVE-2004-0930 | 5 Conectiva, Gentoo, Redhat and 2 more | 8 Linux, Linux, Enterprise Linux and 5 more | 2026-04-16 | N/A |
| The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters. | ||||
| CVE-2003-0542 | 2 Apache, Redhat | 5 Http Server, Enterprise Linux, Linux and 2 more | 2026-04-16 | N/A |
| Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9 captures. | ||||
| CVE-2003-0247 | 1 Redhat | 2 Enterprise Linux, Linux | 2026-04-16 | N/A |
| Unknown vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service ("kernel oops"). | ||||
| CVE-2004-1270 | 2 Easy Software Products, Redhat | 3 Cups, Enterprise Linux, Fedora Core | 2026-04-16 | N/A |
| lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to passwd.new via certain user input that triggers an error message. | ||||
| CVE-2004-1287 | 2 Nasm, Redhat | 2 Netwide Assembler, Enterprise Linux | 2026-04-16 | N/A |
| Buffer overflow in the error function in preproc.c for NASM 0.98.38 1.2 allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2005-1194. | ||||
| CVE-2004-0923 | 3 Apple, Easy Software Products, Redhat | 4 Mac Os X, Mac Os X Server, Cups and 1 more | 2026-04-16 | N/A |
| CUPS 1.1.20 and earlier records authentication information for a device URI in the error_log file, which allows local users to obtain user names and passwords. | ||||
| CVE-2004-0914 | 6 Gentoo, Lesstif, Redhat and 3 more | 8 Linux, Lesstif, Enterprise Linux and 5 more | 2026-04-16 | N/A |
| Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candidates in the future, per CVE's content decisions. | ||||
| CVE-2002-1350 | 2 Lbl, Redhat | 3 Tcpdump, Enterprise Linux, Linux | 2026-04-16 | N/A |
| The BGP decoding routines in tcpdump 3.6.x before 3.7 do not properly copy data, which allows remote attackers to cause a denial of service (application crash). | ||||
| CVE-2004-0906 | 2 Mozilla, Redhat | 3 Mozilla, Thunderbird, Enterprise Linux | 2026-04-16 | N/A |
| The XPInstall installer in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 sets insecure permissions for certain installed files within xpi packages, which could allow local users to overwrite arbitrary files or execute arbitrary code. | ||||
| CVE-2004-0905 | 5 Conectiva, Mozilla, Netscape and 2 more | 10 Linux, Firefox, Mozilla and 7 more | 2026-04-16 | N/A |
| Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain. | ||||
| CVE-2004-2069 | 2 Openbsd, Redhat | 2 Openssh, Enterprise Linux | 2026-04-16 | N/A |
| sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using privilege separation, does not properly signal the non-privileged process when a session has been terminated after exceeding the LoginGraceTime setting, which leaves the connection open and allows remote attackers to cause a denial of service (connection consumption). | ||||
| CVE-2002-0594 | 4 Galeon, Mozilla, Netscape and 1 more | 5 Galeon Browser, Mozilla, Navigator and 2 more | 2026-04-16 | N/A |
| Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to determine the existence of files on the client system via a LINK element in a Cascading Style Sheet (CSS) page that causes an HTTP redirect. | ||||
| CVE-2004-0904 | 4 Conectiva, Mozilla, Netscape and 1 more | 10 Linux, Firefox, Mozilla and 7 more | 2026-04-16 | N/A |
| Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows. | ||||