Export limit exceeded: 364514 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 364514 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364514 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0183 1 Michael Sandrof 1 Ircii 2026-04-16 N/A
Buffer overflow in ircII 4.4 IRC client allows remote attackers to execute commands via the DCC chat capability.
CVE-2004-0294 1 Yabbforumsoftware 1 Yet Another Bulletin Board 2026-04-16 N/A
YaBB 1 SP 1.3.1 displays different error messages when a user exists or not, which makes it easier for remote attackers to identify valid users and conduct a brute force password guessing attack.
CVE-2003-0532 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Internet Explorer 5.01 SP3 through 6.0 SP1 does not properly determine object types that are returned by web servers, which could allow remote attackers to execute arbitrary code via an object tag with a data parameter to a malicious file hosted on a server that returns an unsafe Content-Type, aka the "Object Type" vulnerability.
CVE-2004-0306 1 Cisco 1 Optical Networking Systems Software 2026-04-16 N/A
Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), ONS 15454 SD before 4.1(3), and Cisco ONS 15600 before 1.3(0) enable TFTP service on UDP port 69 by default, which allows remote attackers to GET or PUT ONS system files on the current active TCC in the /flash0 or /flash1 directories.
CVE-2005-2290 1 Wps 1 Web Portal System 2026-04-16 N/A
wps_shop.cgi in WPS Web Portal System 0.7.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) art and (2) cat variables.
CVE-2003-0536 1 Phpsysinfo 1 Phpsysinfo 2026-04-16 N/A
Directory traversal vulnerability in phpSysInfo 2.1 and earlier allows attackers with write access to a local directory to read arbitrary files as the PHP user or cause a denial of service via .. (dot dot) sequences in the (1) template or (2) lng parameters.
CVE-2003-0539 3 Ddskk, Redhat, Skk 6 Ddskk, Daredevil Skk, Ddskk-xemacs and 3 more 2026-04-16 N/A
skk (Simple Kana to Kanji conversion program) 12.1 and earlier, and the ddskk package which is based on skk, creates temporary files insecurely, which allows local users to overwrite arbitrary files.
CVE-2003-0541 2 Gnome, Redhat 2 Gtkhtml, Linux 2026-04-16 N/A
gtkhtml before 1.1.10, as used in Evolution, allows remote attackers to cause a denial of service (crash) via a malformed message that causes a null pointer dereference.
CVE-2003-0545 2 Openssl, Redhat 2 Openssl, Linux 2026-04-16 9.8 Critical
Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an SSL client certificate with a certain invalid ASN.1 encoding.
CVE-2005-2293 1 Oracle 1 Forms Builder 2026-04-16 5.5 Medium
Oracle Formsbuilder 9.0.4 stores database usernames and passwords in a temporary file, which is not deleted after it is used, which allows local users to obtain sensitive information.
CVE-2003-0547 2 Gnome, Redhat 3 Gdm, Kdebase, Linux 2026-04-16 N/A
GDM before 2.4.1.6, when using the "examine session errors" feature, allows local users to read arbitrary files via a symlink attack on the ~/.xsession-errors file.
CVE-2003-0550 1 Redhat 2 Enterprise Linux, Linux 2026-04-16 N/A
The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology.
CVE-2005-2301 1 Powerdns 1 Powerdns 2026-04-16 N/A
PowerDNS before 2.9.18, when running with an LDAP backend, does not properly escape LDAP queries, which allows remote attackers to cause a denial of service (failure to answer ldap questions) and possibly conduct an LDAP injection attack.
CVE-2005-2304 1 Microsoft 2 Internet Explorer, Live Messenger 2026-04-16 N/A
Microsoft MSN Messenger 9.0 and Internet Explorer 6.0 allows remote attackers to cause a denial of service (crash) via an image with an ICC Profile with a large Tag Count.
CVE-2003-0553 1 Netscape 1 Navigator 2026-04-16 N/A
Buffer overflow in the Client Detection Tool (CDT) plugin (npcdt.dll) for Netscape 7.02 allows remote attackers to execute arbitrary code via an attachment with a long filename.
CVE-2003-0557 1 Lagarde 1 Storefront 2026-04-16 N/A
SQL injection vulnerability in login.asp for StoreFront 6.0, and possibly earlier versions, allows remote attackers to obtain sensitive user information via SQL statements in the password field.
CVE-2003-0554 1 Neomodus 1 Direct Connect 2026-04-16 N/A
NeoModus Direct Connect 1.0 build 9, and possibly other versions, allows remote attackers to cause a denial of service (connection and possibly memory exhaustion) via a flood of ConnectToMe requests containing arbitrary IP addresses and ports.
CVE-2005-2319 1 Yawp 1 Yawp 2026-04-16 N/A
PHP remote file include vulnerability in Yawp library 1.0.6 and earlier, as used in YaWiki and possibly other products, allows remote attackers to include arbitrary files via the _Yawp[conf_path] parameter.
CVE-2003-0555 1 Imagemagick 1 Imagemagick 2026-04-16 N/A
ImageMagick 5.4.3.x and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a "%x" filename, possibly triggering a format string vulnerability.
CVE-2003-0556 1 Polycom 3 Mgc-100, Mgc-25, Mgc-50 2026-04-16 N/A
Polycom MGC 25 allows remote attackers to cause a denial of service (crash) via a large number of "user" requests to the control port 5003, as demonstrated using the blast TCP stress tester.