Export limit exceeded: 43222 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (43222 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-2253 | 1 Cyrus | 1 Libsieve | 2026-04-16 | N/A |
| Multiple buffer overflows in Cyrus Sieve / libSieve 2.1.2 and earlier allow remote attackers to execute arbitrary code via (1) a long header name, (2) a long IMAP flag, or (3) a script that generates a large number of errors that overflow the resulting error string. | ||||
| CVE-2005-3658 | 1 Emc | 1 Legato Networker | 2026-04-16 | N/A |
| Multiple heap-based buffer overflows in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other products such as Sun Solstice Backup (SBU) 6.0 and 6.1 and StorEdge Enterprise Backup Software (EBS) 7.1 through 7.2L, allow remote attackers to execute arbitrary code or cause a denial of service (unresponsive application) via malformed RPC packets to (1) RPC program number 390109 (nsrd.exe) and (2) RPC program number 390113 (nsrexecd.exe). | ||||
| CVE-2002-0184 | 3 Debian, Redhat, Sudo Project | 4 Debian Linux, Linux, Powertools and 1 more | 2026-04-16 | 7.8 High |
| Sudo before 1.6.6 contains an off-by-one error that can result in a heap-based buffer overflow that may allow local users to gain root privileges via special characters in the -p (prompt) argument, which are not properly expanded. | ||||
| CVE-2002-0159 | 1 Cisco | 1 Secure Access Control Server | 2026-04-16 | N/A |
| Format string vulnerability in the administration function in Cisco Secure Access Control Server (ACS) for Windows, 2.6.x and earlier and 3.x through 3.01 (build 40), allows remote attackers to crash the CSADMIN module only (denial of service of administration function) or execute arbitrary code via format strings in the URL to port 2002. | ||||
| CVE-2005-0199 | 1 Barton | 1 Ngircd | 2026-04-16 | 9.8 Critical |
| Integer underflow in the Lists_MakeMask() function in lists.c in ngIRCd before 0.8.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long MODE line that causes an incorrect length calculation, which leads to a buffer overflow. | ||||
| CVE-2005-0197 | 1 Cisco | 1 Ios | 2026-04-16 | N/A |
| Cisco IOS 12.1T, 12.2, 12.2T, 12.3 and 12.3T, with Multi Protocol Label Switching (MPLS) installed but disabled, allows remote attackers to cause a denial of service (device reload) via a crafted packet sent to the disabled interface. | ||||
| CVE-2005-0138 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| rpc.mountd in SGI IRIX 6.5.25, 6.5.26, and 6.5.27 does not correctly allow access to anonymous clients that connect from a system whose hostname can not be determined. NOTE: while this issue occurs in a security mechanism, there is no apparent attacker role and probably does not satisfy the CVE definition of a vulnerability. | ||||
| CVE-2005-3656 | 2 Guiseppe Tanzilli And Matthias Eckermann, Redhat | 2 Mod Auth Pgsql, Enterprise Linux | 2026-04-16 | N/A |
| Multiple format string vulnerabilities in logging functions in mod_auth_pgsql before 2.0.3, when used for user authentication against a PostgreSQL database, allows remote unauthenticated attackers to execute arbitrary code, as demonstrated via the username. | ||||
| CVE-2005-3154 | 1 Softwin | 1 Bitdefender | 2026-04-16 | N/A |
| Format string vulnerability in the logging functionality in BitDefender AntiVirus 7.2 through 9 allows remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in file or directory name. | ||||
| CVE-2001-1582 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Buffer overflow in the LDAP naming services library (libsldap) in Sun Solaris 8 allows local users to execute arbitrary code via a long LDAP_OPTIONS environment variable to a privileged program that uses libsldap. | ||||
| CVE-2004-1992 | 1 Solarwinds | 1 Serv-u File Server | 2026-04-16 | N/A |
| Buffer overflow in Serv-U FTP server before 5.0.0.6 allows remote attackers to cause a denial of service (crash) via a long -l parameter, which triggers an out-of-bounds read. | ||||
| CVE-2005-3120 | 3 Debian, Invisible-island, Redhat | 3 Debian Linux, Lynx, Enterprise Linux | 2026-04-16 | 9.8 Critical |
| Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters. | ||||
| CVE-2006-3677 | 2 Mozilla, Redhat | 3 Firefox, Seamonkey, Enterprise Linux | 2026-04-16 | N/A |
| Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code by changing certain properties of the window navigator object (window.navigator) that are accessed when Java starts up, which causes a crash that leads to code execution. | ||||
| CVE-2005-4667 | 2 Info-zip, Redhat | 2 Unzip, Enterprise Linux | 2026-04-16 | N/A |
| Buffer overflow in UnZip 5.50 and earlier allows user-assisted attackers to execute arbitrary code via a long filename command line argument. NOTE: since the overflow occurs in a non-setuid program, there are not many scenarios under which it poses a vulnerability, unless unzip is passed long arguments when it is invoked from other programs. | ||||
| CVE-2004-0179 | 4 Apache, Debian, Redhat and 1 more | 7 Openoffice, Subversion, Debian Linux and 4 more | 2026-04-16 | N/A |
| Multiple format string vulnerabilities in (1) neon 0.24.4 and earlier, and other products that use neon including (2) Cadaver, (3) Subversion, and (4) OpenOffice, allow remote malicious WebDAV servers to execute arbitrary code. | ||||
| CVE-2005-3962 | 2 Perl, Redhat | 2 Perl, Enterprise Linux | 2026-04-16 | N/A |
| Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an integer wrap and leads to a buffer overflow, as demonstrated using format string vulnerabilities in Perl applications. | ||||
| CVE-2005-3863 | 1 Ktools | 1 Ktools | 2026-04-16 | N/A |
| Stack-based buffer overflow in kkstrtext.h in ktools library 0.3 and earlier, as used in products such as (1) centericq, (2) orpheus, (3) motor, and (4) groan, allows local users or remote attackers to execute arbitrary code via a long parameter to the VGETSTRING macro. | ||||
| CVE-2006-3401 | 1 Id Software | 1 Quake 3 Engine | 2026-04-16 | N/A |
| Stack-based buffer overflow in Quake 3 Engine as used by Quake 3: Arena 1.32b and 1.32c allows remote attackers to cause a denial of service and possibly execute code via long CS_ITEMS values. | ||||
| CVE-2005-3760 | 1 Ibm | 1 Websphere Application Server | 2026-04-16 | N/A |
| Double free vulnerability in the BBOORB module in IBM WebSphere Application Server for z/OS 5.0 allows attackers to cause a denial of service (ABEND). | ||||
| CVE-2005-4092 | 1 Apple | 2 Itunes, Quicktime | 2026-04-16 | N/A |
| Multiple heap-based buffer overflows in QuickTime.qts in Apple QuickTime Player 7.0.3 and iTunes 6.0.1 (3) and earlier allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a .mov file with (1) a Movie Resource atom with a large size value, or (2) an stsd atom with a modified Sample Description Table size value, and possibly other vectors involving media files. NOTE: item 1 was originally identified by CVE-2005-4127 for a pre-patch announcement, and item 2 was originally identified by CVE-2005-4128 for a pre-patch announcement. | ||||