Export limit exceeded: 43277 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (43277 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1704 | 2 Gnu, Redhat | 2 Gdb, Enterprise Linux | 2026-04-16 | N/A |
| Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow. | ||||
| CVE-2006-3806 | 2 Mozilla, Redhat | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2026-04-16 | N/A |
| Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified "string function arguments." | ||||
| CVE-2006-2407 | 3 Freeftpd, Freesshd, Weonlydo | 3 Freeftpd, Freesshd, Wodsshserver | 2026-04-16 | N/A |
| Stack-based buffer overflow in (1) WeOnlyDo wodSSHServer ActiveX Component 1.2.7 and 1.3.3 DEMO, as used in other products including (2) FreeSSHd 1.0.9 and (3) freeFTPd 1.0.10, allows remote attackers to execute arbitrary code via a long key exchange algorithm string. | ||||
| CVE-2005-0199 | 1 Barton | 1 Ngircd | 2026-04-16 | 9.8 Critical |
| Integer underflow in the Lists_MakeMask() function in lists.c in ngIRCd before 0.8.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long MODE line that causes an incorrect length calculation, which leads to a buffer overflow. | ||||
| CVE-2000-0497 | 1 Ibm | 1 Websphere Application Server | 2026-04-16 | 7.5 High |
| IBM WebSphere server 3.0.2 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case. | ||||
| CVE-1999-0038 | 7 Bsdi, Data General, Debian and 4 more | 9 Bsd Os, Dg Ux, Debian Linux and 6 more | 2026-04-16 | 8.4 High |
| Buffer overflow in xlock program allows local users to execute commands as root. | ||||
| CVE-2002-0159 | 1 Cisco | 1 Secure Access Control Server | 2026-04-16 | N/A |
| Format string vulnerability in the administration function in Cisco Secure Access Control Server (ACS) for Windows, 2.6.x and earlier and 3.x through 3.01 (build 40), allows remote attackers to crash the CSADMIN module only (denial of service of administration function) or execute arbitrary code via format strings in the URL to port 2002. | ||||
| CVE-2006-2363 | 1 Limbo Cms | 1 Limbo Cms | 2026-04-16 | N/A |
| SQL injection vulnerability in the weblinks option (weblinks.html.php) in Limbo CMS allows remote attackers to execute arbitrary SQL commands via the catid parameter. | ||||
| CVE-2002-0184 | 3 Debian, Redhat, Sudo Project | 4 Debian Linux, Linux, Powertools and 1 more | 2026-04-16 | 7.8 High |
| Sudo before 1.6.6 contains an off-by-one error that can result in a heap-based buffer overflow that may allow local users to gain root privileges via special characters in the -p (prompt) argument, which are not properly expanded. | ||||
| CVE-2004-0112 | 24 4d, Apple, Avaya and 21 more | 65 Webstar, Mac Os X, Mac Os X Server and 62 more | 2026-04-16 | N/A |
| The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read. | ||||
| CVE-2005-3658 | 1 Emc | 1 Legato Networker | 2026-04-16 | N/A |
| Multiple heap-based buffer overflows in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other products such as Sun Solstice Backup (SBU) 6.0 and 6.1 and StorEdge Enterprise Backup Software (EBS) 7.1 through 7.2L, allow remote attackers to execute arbitrary code or cause a denial of service (unresponsive application) via malformed RPC packets to (1) RPC program number 390109 (nsrd.exe) and (2) RPC program number 390113 (nsrexecd.exe). | ||||
| CVE-2005-3653 | 2 Broadcom, Ca | 34 Brightstor Arcserve Backup, Brightstor Arcserve Backup Laptops Desktops, Brightstor Portal and 31 more | 2026-04-16 | N/A |
| Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field. | ||||
| CVE-2006-0813 | 1 Winace | 1 Winace | 2026-04-16 | N/A |
| Heap-based buffer overflow in WinACE 2.60 allows user-assisted attackers to execute arbitrary code via a large header block in an ARJ archive. | ||||
| CVE-2006-1615 | 1 Clamav | 1 Clamav | 2026-04-16 | N/A |
| Multiple format string vulnerabilities in the logging code in Clam AntiVirus (ClamAV) before 0.88.1 might allow remote attackers to execute arbitrary code. NOTE: as of 20060410, it is unclear whether this is a vulnerability, as there is some evidence that the arguments are actually being sanitized properly. | ||||
| CVE-1999-0239 | 1 Netscape | 1 Fasttrack Server | 2026-04-16 | 7.5 High |
| Netscape FastTrack Web server lists files when a lowercase "get" command is used instead of an uppercase GET. | ||||
| CVE-1999-0945 | 1 Microsoft | 1 Exchange Server | 2026-04-16 | N/A |
| Buffer overflow in Internet Mail Service (IMS) for Microsoft Exchange 5.5 and 5.0 allows remote attackers to conduct a denial of service via AUTH or AUTHINFO commands. | ||||
| CVE-2005-0197 | 1 Cisco | 1 Ios | 2026-04-16 | N/A |
| Cisco IOS 12.1T, 12.2, 12.2T, 12.3 and 12.3T, with Multi Protocol Label Switching (MPLS) installed but disabled, allows remote attackers to cause a denial of service (device reload) via a crafted packet sent to the disabled interface. | ||||
| CVE-1999-0876 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Buffer overflow in Internet Explorer 4.0 via EMBED tag. | ||||
| CVE-2000-0546 | 3 Cygnus Network Security Project, Kerbnet Project, Mit | 4 Cygnus Network Security, Kerbnet, Kerberos and 1 more | 2026-04-16 | N/A |
| Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the lastrealm variable in the set_tgtkey function. | ||||
| CVE-2006-3353 | 1 Opera | 1 Opera Browser | 2026-04-16 | N/A |
| Opera 9 allows remote attackers to cause a denial of service (crash) via a crafted web page that triggers an out-of-bounds memory access, related to an iframe and JavaScript that accesses certain style sheets properties. | ||||