Export limit exceeded: 29909 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29909 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1053 | 1 Freebsd | 1 Fetch | 2026-04-16 | N/A |
| Integer overflow in fetch on FreeBSD 4.1 through 5.3 allows remote malicious servers to execute arbitrary code via certain HTTP headers in an HTTP response, which lead to a buffer overflow. | ||||
| CVE-2004-1054 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Untrusted execution path vulnerability in invscout in IBM AIX 5.1.0, 5.2.0, and 5.3.0 allows local users to gain privileges by modifying the PATH environment variable to point to a malicious "uname" program, which is executed from lsvpd after lsvpd has been invoked by invscout. | ||||
| CVE-2004-1057 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| Multiple drivers in Linux kernel 2.4.19 and earlier do not properly mark memory with the VM_IO flag, which causes incorrect reference counts and may lead to a denial of service (kernel panic) when accessing freed kernel pages. | ||||
| CVE-2002-1459 | 1 Leszek Krupinski | 1 L-forum | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in L-Forum 2.40 and earlier, when the "Enable HTML in messages" option is off, allows remote attackers to insert arbitrary script or HTML via message fields including (1) From, (2) E-Mail, and (3) Subject. | ||||
| CVE-2002-1460 | 1 Leszek Krupinski | 1 L-forum | 2026-04-16 | N/A |
| L-Forum 2.40 and earlier does not properly verify whether a file was uploaded or if the associated variables were set by POST (attachment, attachment_name, attachment_size and attachment_type), which allows remote attackers to read arbitrary files. | ||||
| CVE-2002-1491 | 1 Cisco | 1 Vpn 5000 Client | 2026-04-16 | N/A |
| The Cisco VPN 5000 Client for MacOS before 5.2.2 records the most recently used login password in plaintext when saving "Default Connection" settings, which could allow local users to gain privileges. | ||||
| CVE-2004-1058 | 3 Linux, Redhat, Ubuntu | 3 Linux Kernel, Enterprise Linux, Ubuntu Linux | 2026-04-16 | N/A |
| Race condition in Linux kernel 2.6 allows local users to read the environment variables of another process that is still spawning via /proc/.../cmdline. | ||||
| CVE-2004-1470 | 1 Snipsnap | 1 Snipsnap | 2026-04-16 | N/A |
| CRLF injection vulnerability in SnipSnap 0.5.2a, and other versions before 1.0b1, allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server. | ||||
| CVE-2002-1887 | 1 Gregory Kokanosky | 1 Phpmynewsletter | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in customize.php for phpMyNewsletter 0.6.10 allows remote attackers to execute arbitrary PHP code via the l parameter. | ||||
| CVE-2004-1641 | 1 South River Technologies | 1 Titan Ftp Server | 2026-04-16 | N/A |
| Heap-based buffer overflow in Titan FTP 3.21 and earlier allows remote attackers to cause a denial of service (crash) via a long FTP command such as (1) CWD, (2) STAT, or (3) LIST. | ||||
| CVE-2004-0609 | 1 Rssh | 1 Rssh | 2026-04-16 | N/A |
| rssh 2.0 through 2.1.x expands command line arguments before entering a chroot jail, which allows remote authenticated users to determine the existence of files in a directory outside the jail. | ||||
| CVE-2004-0610 | 1 Microsoft | 1 Mn-500 Wireless Base Station | 2026-04-16 | N/A |
| The Web administration interface in Microsoft MN-500 Wireless Router allows remote attackers to cause a denial of service (connection refusal) via a large number of open HTTP connections. | ||||
| CVE-2004-1062 | 1 Viewcvs | 1 Viewcvs | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ViewCVS 0.9.2 allow remote attackers to inject arbitrary HTML and web script via certain error messages. | ||||
| CVE-1999-0699 | 1 Bluestone | 1 Sapphire Web | 2026-04-16 | N/A |
| The Bluestone Sapphire web server allows session hijacking via easily guessable session IDs. | ||||
| CVE-1999-0719 | 1 Gnu | 1 Gnumeric | 2026-04-16 | N/A |
| The Guile plugin for the Gnumeric spreadsheet package allows attackers to execute arbitrary code. | ||||
| CVE-2004-2128 | 1 Brs | 1 Webweaver | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in BRS WebWeaver 1.07 allows remote attackers to execute arbitrary script as other users via the query string to ISAPISkeleton.dll. | ||||
| CVE-2004-2129 | 1 Loom Software | 2 Surfnow Professional, Surfnow Standard | 2026-04-16 | N/A |
| SurfNOW 2.2 allows remote attackers to cause a denial of service (crash) via a series of long HTTP GET requests, possibly triggering a buffer overflow. | ||||
| CVE-2004-2130 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in privmsg.php in phpBB 2.0.6 allow remote attackers to execute arbitrary script or HTML via the (1) folder or (2) mode variables. | ||||
| CVE-2004-2148 | 1 Slava Astashonok | 1 Fprobe | 2026-04-16 | N/A |
| Unknown local vulnerability in the "change user" feature of Slava Astashonok Fprobe 1.0.5 and earlier has unknown impact and attack vectors. | ||||
| CVE-2004-2149 | 1 Oracle | 1 Mysql | 2026-04-16 | N/A |
| Buffer overflow in the prepared statements API in libmysqlclient for MySQL 4.1.3 beta and 4.1.4 allows remote attackers to cause a denial of service via a large number of placeholders. | ||||