Export limit exceeded: 347495 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347495 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2970 | 4 Apache, Canonical, Fedoraproject and 1 more | 7 Http Server, Ubuntu Linux, Fedora Core and 4 more | 2026-04-16 | N/A |
| Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections. | ||||
| CVE-2004-0737 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| Multiple cross-site scripting vulnerabilities in index.php in the Search module for Php-Nuke allows remote attackers to inject arbitrary web script or HTML via the (1) sid, (2) max, (3) sel1, (4) sel2, (5) sel3, (6) sel4, (7) sel5, (8) match, (9) mod1, (10) mod2, or (11) mod3 parameters. | ||||
| CVE-2000-1045 | 1 Padl Software | 1 Nss Ldap | 2026-04-16 | N/A |
| nss_ldap earlier than 121, when run with nscd (name service caching daemon), allows remote attackers to cause a denial of service via a flood of LDAP requests. | ||||
| CVE-2004-0736 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| The search module in Php-Nuke allows remote attackers to gain sensitive information via the (1) "**" or (2) "+" search patterns, which reveals the path in an error message. | ||||
| CVE-2000-1039 | 1 Microsoft | 5 Windows 95, Windows 98, Windows 98se and 2 more | 2026-04-16 | N/A |
| Various TCP/IP stacks and network applications allow remote attackers to cause a denial of service by flooding a target host with TCP connection attempts and completing the TCP/IP handshake without maintaining the connection state on the attacker host, aka the "NAPTHA" class of vulnerabilities. NOTE: this candidate may change significantly as the security community discusses the technical nature of NAPTHA and learns more about the affected applications. This candidate is at a higher level of abstraction than is typical for CVE. | ||||
| CVE-2004-0735 | 1 Electronic Arts | 1 Medal Of Honor Allied Assault | 2026-04-16 | N/A |
| Buffer overflow in Medal of Honor (1) Allied Assault 1.11v9 and earlier, (2) Breakthrough 2.40b and earlier, and (3) Spearhead 2.15 and earlier, when playing on a Local Area Network (LAN), allows remote attackers to execute arbitrary code via vectors such as (1) the getinfo query, (2) the connect packet, and other unknown vectors. | ||||
| CVE-2000-1037 | 1 Checkpoint | 1 Firewall-1 | 2026-04-16 | N/A |
| Check Point Firewall-1 session agent 3.0 through 4.1 generates different error messages for invalid user names versus invalid passwords, which allows remote attackers to determine valid usernames and guess a password via a brute force attack. | ||||
| CVE-2005-2969 | 2 Openssl, Redhat | 4 Openssl, Enterprise Linux, Network Satellite and 1 more | 2026-04-16 | N/A |
| The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSL_OP_MSIE_SSLV2_RSA_PADDING option, disables a verification step that is required for preventing protocol version rollback attacks, which allows remote attackers to force a client and server to use a weaker protocol than needed via a man-in-the-middle attack. | ||||
| CVE-2004-0734 | 1 Extropia | 1 Extropia Webstore | 2026-04-16 | N/A |
| Web_Store.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the page parameter. | ||||
| CVE-2000-1036 | 1 Extent Technologies | 1 Rbs Isp | 2026-04-16 | N/A |
| Directory traversal vulnerability in Extent RBS ISP web server allows remote attackers to read sensitive information via a .. (dot dot) attack on the Image parameter. | ||||
| CVE-2005-3913 | 1 Vchs | 1 Vchs | 2026-04-16 | N/A |
| Unspecified vulnerability in the domain alias management in Virtual Hosting Control System (VHCS) 2.4.6.2, related to "creating and deleting forwards for domain aliases," allows users to hijack the forwardings of other users. | ||||
| CVE-2005-3863 | 1 Ktools | 1 Ktools | 2026-04-16 | N/A |
| Stack-based buffer overflow in kkstrtext.h in ktools library 0.3 and earlier, as used in products such as (1) centericq, (2) orpheus, (3) motor, and (4) groan, allows local users or remote attackers to execute arbitrary code via a long parameter to the VGETSTRING macro. | ||||
| CVE-2005-3764 | 1 Exponent | 1 Exponent | 2026-04-16 | N/A |
| The image gallery (imagegallery) component in Exponent CMS 0.96.3 and later versions does not properly check the MIME type of uploaded files, with unknown impact from the preview icon, possibly involving injection of HTML. | ||||
| CVE-2005-3582 | 1 Imagemagick | 1 Imagemagick | 2026-04-16 | N/A |
| ImageMagick before 6.2.4.2-r1 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime. | ||||
| CVE-2005-2968 | 2 Mozilla, Redhat | 3 Firefox, Mozilla, Enterprise Linux | 2026-04-16 | N/A |
| Firefox 1.0.6 and Mozilla 1.7.10 allows attackers to execute arbitrary commands via shell metacharacters in a URL that is provided to the browser on the command line, which is sent unfiltered to bash. | ||||
| CVE-2004-0733 | 1 Ollydbg | 1 Ollydbg | 2026-04-16 | N/A |
| Format string vulnerability in OllyDbg 1.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers that are directly provided to the OutputDebugString function call. | ||||
| CVE-2000-1027 | 1 Cisco | 1 Pix Firewall Software | 2026-04-16 | N/A |
| Cisco Secure PIX Firewall 5.2(2) allows remote attackers to determine the real IP address of a target FTP server by flooding the server with PASV requests, which includes the real IP address in the response when passive mode is established. | ||||
| CVE-2005-3581 | 1 Gdal | 1 Gdal | 2026-04-16 | N/A |
| GDAL before 1.3.0-r1 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime. | ||||
| CVE-2005-2967 | 1 Xine | 1 Xine-lib | 2026-04-16 | N/A |
| Format string vulnerability in input_cdda.c in xine-lib 1-beta through 1-beta 3, 1-rc, 1.0 through 1.0.2, and 1.1.1 allows remote servers to execute arbitrary code via format string specifiers in metadata in CDDB server responses when the victim plays a CD. | ||||
| CVE-2004-0732 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in the Search module for Php-Nuke allows remote attackers to execute arbitrary SQL statements via the instory parameter. | ||||