Export limit exceeded: 344947 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 344947 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344947 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0087 | 1 National Language Support | 1 Libim | 2026-04-16 | N/A |
| Buffer overflow in libIM library (libIM.a) for National Language Support (NLS) on AIX 4.3 through 5.2 allows local users to gain privileges via several possible attack vectors, including a long -im argument to aixterm. | ||||
| CVE-2005-2612 | 1 Wordpress | 1 Wordpress | 2026-04-16 | N/A |
| Direct code injection vulnerability in WordPress 1.5.1.3 and earlier allows remote attackers to execute arbitrary PHP code via the cache_lastpostdate[server] cookie. | ||||
| CVE-2005-3498 | 1 Ibm | 1 Websphere Application Server | 2026-04-16 | N/A |
| IBM WebSphere Application Server 5.0.x before 5.02.15, 5.1.x before 5.1.1.8, and 6.x before fixpack V6.0.2.5, when session trace is enabled, records a full URL including the queryString in the trace logs when an application encodes a URL, which could allow attackers to obtain sensitive information. | ||||
| CVE-2003-0088 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| TruBlueEnvironment for MacOS 10.2.3 and earlier allows local users to overwrite or create arbitrary files and gain root privileges by setting a certain environment variable that is used to write debugging information. | ||||
| CVE-2005-2613 | 1 Cpaint | 1 Cpaint | 2026-04-16 | N/A |
| Unknown vulnerability in CPAINT Ajax Toolkit before 1.3-SP allows attackers to execute arbitrary PHP or ASP code or read files via unknown vectors. | ||||
| CVE-2003-0092 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Heap-based buffer overflow in dtsession for Solaris 2.5.1 through Solaris 9 allows local users to gain root privileges via a long HOME environment variable. | ||||
| CVE-2003-0093 | 2 Lbl, Redhat | 3 Tcpdump, Enterprise Linux, Linux | 2026-04-16 | N/A |
| The RADIUS decoder in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service (crash) via an invalid RADIUS packet with a header length field of 0, which causes tcpdump to generate data within an infinite loop. | ||||
| CVE-2003-0094 | 1 Andries Brouwer | 1 Util-linux | 2026-04-16 | N/A |
| A patch for mcookie in the util-linux package for Mandrake Linux 8.2 and 9.0 uses /dev/urandom instead of /dev/random, which causes mcookie to use an entropy source that is more predictable than expected, which may make it easier for certain types of attacks to succeed. | ||||
| CVE-2005-2614 | 1 Crosscom Olicom | 1 Discuz | 2026-04-16 | N/A |
| Discuz! 4.0 rc4 does not properly restrict types of files that are uploaded to the server, which allows remote attackers to execute arbitrary commands via a filename containing ".php.rar" or other multiple extensions that include .php. | ||||
| CVE-2005-3499 | 1 Frisk Software | 1 F-prot Antivirus | 2026-04-16 | N/A |
| Frisk F-Prot Antivirus allows remote attackers to bypass protection via a ZIP file with a version header greater than 15, which prevents F-Prot from decompressing and analyzing the file. | ||||
| CVE-2003-0095 | 1 Oracle | 3 Database Server, Oracle8i, Oracle9i | 2026-04-16 | N/A |
| Buffer overflow in ORACLE.EXE for Oracle Database Server 9i, 8i, 8.1.7, and 8.0.6 allows remote attackers to execute arbitrary code via a long username that is provided during login, as exploitable through client applications that perform their own authentication, as demonstrated using LOADPSP. | ||||
| CVE-2005-2615 | 1 Eqdkp | 1 Eqdkp | 2026-04-16 | N/A |
| Unknown vulnerability in session.php in EQdkp before 1.3.0 has unknown impact and attack vectors, possibly involving auto_login_id. | ||||
| CVE-2003-0096 | 1 Oracle | 3 Database Server, Oracle8i, Oracle9i | 2026-04-16 | N/A |
| Multiple buffer overflows in Oracle 9i Database release 2, Release 1, 8i, 8.1.7, and 8.0.6 allow remote attackers to execute arbitrary code via (1) a long conversion string argument to the TO_TIMESTAMP_TZ function, (2) a long time zone argument to the TZ_OFFSET function, or (3) a long DIRECTORY parameter to the BFILENAME function. | ||||
| CVE-2003-0097 | 1 Php | 1 Php | 2026-04-16 | N/A |
| Unknown vulnerability in CGI module for PHP 4.3.0 allows attackers to access arbitrary files as the PHP user, and possibly execute PHP code, by bypassing the CGI force redirect settings (cgi.force_redirect or --enable-force-cgi-redirect). | ||||
| CVE-2003-0098 | 2 Apcupsd, Debian | 2 Apcupsd, Debian Linux | 2026-04-16 | N/A |
| Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly via format strings in a request to a slave server. | ||||
| CVE-2003-0099 | 1 Apc | 1 Apcupsd | 2026-04-16 | N/A |
| Multiple buffer overflows in apcupsd before 3.8.6, and 3.10.x before 3.10.5, may allow attackers to cause a denial of service or execute arbitrary code, related to usage of the vsprintf function. | ||||
| CVE-2003-0105 | 1 Port80 Software | 1 Servermask | 2026-04-16 | N/A |
| ServerMask 2.2 and earlier does not obfuscate (1) ETag, (2) HTTP Status Message, or (3) Allow HTTP responses, which could tell remote attackers that the web server is an IIS server. | ||||
| CVE-2003-0113 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via an HTTP response containing long values in (1) Content-type and (2) Content-encoding fields. | ||||
| CVE-2005-2616 | 1 Ezupload | 1 Ezupload | 2026-04-16 | N/A |
| Multiple PHP file include vulnerabilities in ezUpload 2.2 allow remote attackers to execute arbitrary code via the path parameter to (1) initialize.php, (2) customize.php, (3) form.php, or (4) index.php. | ||||
| CVE-2003-0115 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check parameters that are passed during third party rendering, which could allow remote attackers to execute arbitrary web script, aka the "Third Party Plugin Rendering" vulnerability, a different vulnerability than CVE-2003-0233. | ||||