Export limit exceeded: 347795 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347795 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347795 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-0989 | 1 Intel | 1 Inbusiness Email Station | 2026-04-16 | N/A |
| Buffer overflow in Intel InBusiness eMail Station 1.04.87 POP service allows remote attackers to cause a denial of service and possibly execute commands via a long username. | ||||
| CVE-2004-0692 | 2 Redhat, Trolltech | 2 Enterprise Linux, Qt | 2026-04-16 | N/A |
| The XPM parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0693. | ||||
| CVE-2005-2945 | 1 Arc | 1 Arc | 2026-04-16 | N/A |
| arc 5.21j and earlier create temporary files with world-readable permissions, which allows local users to read sensitive information from files created by (1) arc (arc.c) or (2) marc (marc.c). | ||||
| CVE-2005-3570 | 1 Horde | 1 Horde | 2026-04-16 | N/A |
| Unspecified cross-site scripting (XSS) vulnerability in Horde before 2.2.9 allows remote attackers to inject arbitrary web script or HTML via "not properly escaped error messages". | ||||
| CVE-2000-0999 | 1 Openbsd | 1 Openssh | 2026-04-16 | N/A |
| Format string vulnerabilities in OpenBSD ssh program (and possibly other BSD-based operating systems) allow attackers to gain root privileges. | ||||
| CVE-2004-0693 | 2 Redhat, Trolltech | 2 Enterprise Linux, Qt | 2026-04-16 | N/A |
| The GIF parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0692. | ||||
| CVE-2000-1003 | 1 Microsoft | 3 Windows 95, Windows 98, Windows 98se | 2026-04-16 | N/A |
| NETBIOS client in Windows 95 and Windows 98 allows a remote attacker to cause a denial of service by changing a file sharing service to return an unknown driver type, which causes the client to crash. | ||||
| CVE-2000-1007 | 1 Symantec | 1 I-gear | 2026-04-16 | N/A |
| I-gear 3.5.7 and earlier does not properly process log entries in which a URL is longer than 255 characters, which allows an attacker to cause reporting errors. | ||||
| CVE-2004-0695 | 1 4d | 1 Webstar | 2026-04-16 | N/A |
| Stack-based buffer overflow in the FTP service for 4D WebSTAR 5.3.2 and earlier allows remote attackers to execute arbitrary code via a long FTP command. | ||||
| CVE-2005-2946 | 2 Canonical, Openssl | 2 Ubuntu Linux, Openssl | 2026-04-16 | 7.5 High |
| The default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead of a more cryptographically strong algorithm, which makes it easier for remote attackers to forge certificates with a valid certificate authority signature. | ||||
| CVE-2005-3571 | 1 Codegrrl | 5 Phpcalendar, Phpclique, Phpcurrently and 2 more | 2026-04-16 | N/A |
| PHP file inclusion vulnerability in protection.php in CodeGrrl (a) PHPCalendar 1.0, (b) PHPClique 1.0, (c) PHPCurrently 2.0, (d) PHPFanBase 2.1, and (e) PHPQuotes 1.0 allows remote attackers to include arbitrary local files via the siteurl parameter when register_globals is enabled. NOTE: It was later reported that PHPFanBase 2.2 is also affected. | ||||
| CVE-2005-3859 | 1 Q-news | 1 Q-news | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in q-news.php in Q-News 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the id parameter. | ||||
| CVE-2000-1008 | 1 Palm | 1 Palm Os | 2026-04-16 | N/A |
| PalmOS 3.5.2 and earlier uses weak encryption to store the user password, which allows attackers with physical access to the Palm device to decrypt the password and gain access to the device. | ||||
| CVE-2004-0699 | 1 Checkpoint | 2 Firewall-1, Vpn-1 | 2026-04-16 | N/A |
| Heap-based buffer overflow in ASN.1 decoding library in Check Point VPN-1 products, when Aggressive Mode IKE is implemented, allows remote attackers to execute arbitrary code by initiating an IKE negotiation and then sending an IKE packet with malformed ASN.1 data. | ||||
| CVE-2005-2953 | 1 Miva | 1 Miva Merchant | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in merchant.mvc in MIVA Merchant 5 allows remote attackers to inject arbitrary web script or HTML via the Customer_Login parameter. | ||||
| CVE-2005-3572 | 1 Peel | 1 Peel | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in Peel 2.6 through 2.7 allows remote attackers to execute arbitrary SQL commands via the rubid parameter. | ||||
| CVE-2005-3758 | 1 Google | 2 Mini Search Appliance, Search Appliance | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to inject arbitrary Javascript, and possibly other web script or HTML, via a proxystylesheet variable that contains a malicious XSLT style sheet. | ||||
| CVE-2000-1009 | 2 Redhat, Trustix | 2 Linux, Secure Linux | 2026-04-16 | N/A |
| dump in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program. | ||||
| CVE-2004-0700 | 3 Gentoo, Mod Ssl, Redhat | 5 Linux, Mod Ssl, Enterprise Linux and 2 more | 2026-04-16 | N/A |
| Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function. | ||||
| CVE-2005-2955 | 1 Adaptive Technology Resource Centre | 1 Atutor | 2026-04-16 | N/A |
| config.inc.php in ATutor 1.5.1, and possibly earlier versions, uses an incomplete blacklist to check for dangerous file extensions, which allows authenticated administrators or educators to execute arbitrary code by uploading files with other executable extensions such as .inc, .php4, or others. | ||||