Export limit exceeded: 29926 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29926 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1682 | 1 Qnx | 1 Rtp | 2026-04-16 | N/A |
| Format string vulnerability in QNX 6.1 FTP client allows remote authenticated users to gain group bin privileges via format string specifiers in the QUOTE command. | ||||
| CVE-2004-1136 | 1 Globalscape | 1 Cuteftp | 2026-04-16 | N/A |
| Buffer overflow in CuteFTP Professional 6.0, and possibly other versions, allows remote FTP servers to cause a denial of service (application crash) via large replies to FTP commands. | ||||
| CVE-2005-4449 | 1 Flatnuke | 1 Flatnuke | 2026-04-16 | N/A |
| verify.php in FlatNuke 2.5.6 allows remote authenticated administrators to modify arbitrary PHP files by setting the file parameter to an arbitrary file and injecting the code into the body parameter. NOTE: if a FlatNuke administrator is normally assumed to be able to modify arbitrary content, then this issue does not cross privilege boundaries and would not be a vulnerability. | ||||
| CVE-2005-4448 | 1 Flatnuke | 1 Flatnuke | 2026-04-16 | N/A |
| FlatNuke 2.5.6 verifies authentication credentials based on an MD5 checksum of the admin name and the hashed password rather than the plaintext password, which allows attackers to gain privileges by obtaining the password hash (possibly via CVE-2005-2813), then calculating the credentials and including them in the secid cookie. | ||||
| CVE-2004-1137 | 3 Linux, Redhat, Ubuntu | 3 Linux Kernel, Enterprise Linux, Ubuntu Linux | 2026-04-16 | N/A |
| Multiple vulnerabilities in the IGMP functionality for Linux kernel 2.4.22 to 2.4.28, and 2.6.x to 2.6.9, allow local and remote attackers to cause a denial of service or execute arbitrary code via (1) the ip_mc_source function, which decrements a counter to -1, or (2) the igmp_marksources function, which does not properly validate IGMP message parameters and performs an out-of-bounds read. | ||||
| CVE-2004-2537 | 1 Netwin | 1 Surgemail | 2026-04-16 | N/A |
| Unspecified vulnerability in SurgeMail before 2.2c10 has unknown impact and attack vectors, related to a "Webmail security bug." | ||||
| CVE-2004-1138 | 2 Redhat, Vim Development Group | 2 Enterprise Linux, Vim | 2026-04-16 | N/A |
| VIM before 6.3 and gVim before 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as (1) termcap, (2) printdevice, (3) titleold, (4) filetype, (5) syntax, (6) backupext, (7) keymap, (8) patchmode, or (9) langmenu. | ||||
| CVE-2004-2538 | 1 Nilesh Dosooye | 1 Phpcodegenie | 2026-04-16 | N/A |
| Direct static code injection vulnerability in the PCG simple application generation in phpCodeGenie before 3.0.2 allows remote authenticated users to execute arbitrary code via the (1) header or (2) footer. | ||||
| CVE-2005-4445 | 1 David Harris | 1 Pegasus Mail | 2026-04-16 | N/A |
| Off-by-one error in Pegasus Mail 4.21a through 4.21c and 4.30PB1 allows remote attackers to execute arbitrary code via a long email message header, which triggers a one-byte buffer overflow. | ||||
| CVE-2004-1139 | 7 Altlinux, Conectiva, Debian and 4 more | 9 Alt Linux, Linux, Debian Linux and 6 more | 2026-04-16 | N/A |
| Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash). | ||||
| CVE-2004-2547 | 1 Netwin | 2 Surgemail, Webmail | 2026-04-16 | N/A |
| NetWin (1) SurgeMail before 2.0c and (2) WebMail allow remote attackers to obtain sensitive information via HTTP requests that (a) specify the / URI, (b) specify the /scripts/ URI, or (c) specify a non-existent file, which reveal the path in an error message. | ||||
| CVE-2004-1140 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2026-04-16 | N/A |
| Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (application hang) and possibly fill available disk space via an invalid RTP timestamp. | ||||
| CVE-2004-1144 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| Unknown vulnerability in the 32bit emulation code in Linux 2.4 on AMD64 systems allows local users to gain privileges. | ||||
| CVE-2005-0193 | 1 Isync | 1 Mrouter | 2026-04-16 | N/A |
| Buffer overflow in the (1) -v and (2) -a switches in mRouter in iSync 1.5 in Mac OS X 10.3.7 and earlier allows local users to execute arbitrary code. | ||||
| CVE-2004-2548 | 1 Netwin | 2 Surgemail, Webmail | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in NetWin (1) SurgeMail before 2.0c and (2) WebMail allow remote attackers to inject arbitrary web script or HTML via (a) a URI containing the script, or (b) the username field in the login form. NOTE: it is possible that the first attack vector is resultant from the error message issue (CVE-2004-2547). | ||||
| CVE-2004-1145 | 7 Altlinux, Conectiva, Debian and 4 more | 9 Alt Linux, Linux, Debian Linux and 6 more | 2026-04-16 | N/A |
| Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files. | ||||
| CVE-2005-4442 | 1 Openldap | 1 Openldap | 2026-04-16 | N/A |
| Untrusted search path vulnerability in OpenLDAP before 2.2.28-r3 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH. | ||||
| CVE-2004-1152 | 2 Adobe, Redhat | 2 Acrobat Reader, Rhel Extras | 2026-04-16 | N/A |
| Buffer overflow in the mailListIsPdf function in Adobe Acrobat Reader 5.09 for Unix allows remote attackers to execute arbitrary code via an e-mail message with a crafted PDF attachment. | ||||
| CVE-2004-1153 | 1 Adobe | 1 Acrobat Reader | 2026-04-16 | N/A |
| Format string vulnerability in Adobe Acrobat Reader 6.0.0 through 6.0.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an .ETD document containing format string specifiers in (1) title or (2) baseurl fields. | ||||
| CVE-2000-1012 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| The catopen function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to read arbitrary files via the LANG environmental variable. | ||||