Export limit exceeded: 80243 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (80243 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0578 | 1 Ibm | 1 U2 Universe | 2026-04-16 | 7.8 High |
| cci_dir in IBM U2 UniVerse 10.0.0.9 and earlier creates hard links and unlinks files as root, which allows local users to gain privileges by deleting and overwriting arbitrary files. | ||||
| CVE-2003-0625 | 1 Hadrons | 1 Xfstt | 2026-04-16 | 7.5 High |
| Off-by-one error in certain versions of xfstt allows remote attackers to read potentially sensitive memory via a malformed client request in the connection handshake, which leaks the memory in the server's response. | ||||
| CVE-2004-2172 | 1 Netsourcecommerce | 1 Productcart | 2026-04-16 | 7.5 High |
| EarlyImpact ProductCart uses a weak encryption scheme to encrypt passwords, which allows remote attackers to obtain the password via a chosen plaintext attack. | ||||
| CVE-2004-2339 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2026-04-16 | 8.4 High |
| Microsoft Windows 2000, XP, and possibly 2003 allows local users with the SeDebugPrivilege privilege to execute arbitrary code as kernel and read or write kernel memory via the NtSystemDebugControl function, which does not verify its pointer arguments. Note: this issue has been disputed, since Administrator privileges are typically required to exploit this issue, thus privilege boundaries are not crossed | ||||
| CVE-2006-1078 | 1 Acme Labs | 1 Thttpd | 2026-04-16 | 8.4 High |
| Multiple buffer overflows in htpasswd, as used in Acme thttpd 2.25b, and possibly other products such as Apache, might allow local users to gain privileges via (1) a long command line argument and (2) a long line in a file. NOTE: since htpasswd is normally installed as a non-setuid program, and the exploit is through command line options, perhaps this issue should not be included in CVE. However, if there are some typical or recommended configurations that use htpasswd with sudo privileges, or common products that access htpasswd remotely, then perhaps it should be included. | ||||
| CVE-2006-1236 | 1 Crossfire | 1 Crossfire | 2026-04-16 | 7.3 High |
| Buffer overflow in the SetUp function in socket/request.c in CrossFire 1.9.0 allows remote attackers to execute arbitrary code via a long setup sound command, a different vulnerability than CVE-2006-1010. | ||||
| CVE-2004-0217 | 2 Redhat, Symantec | 2 Linux, Antivirus Scan Engine | 2026-04-16 | 7.0 High |
| The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat Linux allows local users to create or append to arbitrary files via a symlink attack on /tmp/LiveUpdate.log. | ||||
| CVE-2004-0346 | 1 Proftpd | 1 Proftpd | 2026-04-16 | 7.8 High |
| Off-by-one buffer overflow in _xlate_ascii_write() in ProFTPD 1.2.7 through 1.2.9rc2p allows local users to gain privileges via a 1024 byte RETR command. | ||||
| CVE-2005-1036 | 2 Amd, Freebsd | 2 Amd64, Freebsd | 2026-04-16 | 7.8 High |
| FreeBSD 5.x to 5.4 on AMD64 does not properly initialize the IO permission bitmap used to allow user access to certain hardware, which allows local users to bypass intended access restrictions to cause a denial of service, obtain sensitive information, and possibly gain privileges. | ||||
| CVE-2005-1831 | 1 Todd Miller | 1 Sudo | 2026-04-16 | 8.4 High |
| Sudo 1.6.8p7 on SuSE Linux 9.3, and possibly other Linux distributions, allows local users to gain privileges by using sudo to call su, then entering a blank password and hitting CTRL-C. NOTE: SuSE and multiple third-party researchers have not been able to replicate this issue, stating "Sudo catches SIGINT and returns an empty string for the password so I don't see how this could happen unless the user's actual password was empty. | ||||
| CVE-2000-0498 | 1 Unify | 1 Ewave Servletexec | 2026-04-16 | 7.5 High |
| Unify eWave ServletExec allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case. | ||||
| CVE-2005-1828 | 1 Dlink | 2 Dsl-504t, Dsl-504t Firmware | 2026-04-16 | 7.5 High |
| D-Link DSL-504T stores usernames and passwords in cleartext in the router configuration file, which allows remote attackers to obtain sensitive information. | ||||
| CVE-2000-0499 | 1 Bea | 1 Weblogic Server | 2026-04-16 | 7.5 High |
| The default configuration of BEA WebLogic 3.1.8 through 4.5.1 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case. | ||||
| CVE-2001-0334 | 1 Microsoft | 1 Internet Information Server | 2026-04-16 | 7.5 High |
| FTP service in IIS 5.0 and earlier allows remote attackers to cause a denial of service via a wildcard sequence that generates a long string when it is expanded. | ||||
| CVE-2005-1941 | 1 Silvercity Project | 1 Silvercity | 2026-04-16 | 7.8 High |
| SilverCity before 0.9.5-r1 installs (1) cgi-styler-form.py, (2) cgi-styler.py, and (3) source2html.py with read and write world permissions, which allows local users to execute arbitrary code. | ||||
| CVE-2002-0051 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | 7.8 High |
| Windows 2000 allows local users to prevent the application of new group policy settings by opening Group Policy files with exclusive-read access. | ||||
| CVE-2002-0844 | 2 Distrotech, Redhat | 2 Cvs, Enterprise Linux | 2026-04-16 | 7.8 High |
| Off-by-one overflow in the CVS PreservePermissions of rcs.c for CVSD before 1.11.2 allows local users to execute arbitrary code. | ||||
| CVE-2002-1697 | 1 Vtun Project | 1 Vtun | 2026-04-16 | 7.5 High |
| Electronic Code Book (ECB) mode in VTun 2.0 through 2.5 uses a weak encryption algorithm that produces the same ciphertext from the same plaintext blocks, which could allow remote attackers to gain sensitive information. | ||||
| CVE-2002-1721 | 1 Pldaniels | 1 Altermime | 2026-04-16 | 7.5 High |
| Off-by-one error in alterMIME 0.1.10 and 0.1.11 allows remote attackers to cause a denial of service (crash) via an x-header that causes snprintf overwrite the FFGET_FILE variable with a (null) byte. | ||||
| CVE-2002-1810 | 1 Dlink | 2 Dwl-900ap\+, Dwl-900ap\+ Firmware | 2026-04-16 | 7.5 High |
| D-Link DWL-900AP+ Access Point 2.1 and 2.2 allows remote attackers to access the TFTP server without authentication and read the config.img file, which contains sensitive information such as the administrative password, the WEP encryption keys, and network configuration information. | ||||