Export limit exceeded: 345106 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 345106 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 345106 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345106 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0772 | 4 Debian, Mit, Openpkg and 1 more | 4 Debian Linux, Kerberos 5, Openpkg and 1 more | 2026-04-16 | 9.8 Critical |
| Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and earlier may allow remote attackers to execute arbitrary code. | ||||
| CVE-2004-0777 | 1 Inter7 | 1 Courier-imap | 2026-04-16 | N/A |
| Format string vulnerability in the auth_debug function in Courier-IMAP 1.6.0 through 2.2.1 and 3.x through 3.0.3, when login debugging (DEBUG_LOGIN) is enabled, allows remote attackers to execute arbitrary code. | ||||
| CVE-2004-0778 | 2 Gnu, Redhat | 2 Cvs, Enterprise Linux | 2026-04-16 | N/A |
| CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote attackers to determine the existence of arbitrary files and directories via the -X command for an alternate history file, which causes different error messages to be returned. | ||||
| CVE-2004-0779 | 2 Firebirdsql, Mozilla | 3 Firebird, Firefox, Mozilla | 2026-04-16 | N/A |
| The (1) Mozilla 1.6, (2) Firebird 0.7 and (3) Firefox 0.8 web browsers do not properly verify that cached passwords for SSL encrypted sites are only sent via SSL encrypted sessions to the site, which allows a remote attacker to cause a cached password to be sent in cleartext to a spoofed site. | ||||
| CVE-1999-0487 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| The DHTML Edit ActiveX control in Internet Explorer allows remote attackers to read arbitrary files. | ||||
| CVE-2006-0988 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Nt | 2026-04-16 | N/A |
| The default configuration of the DNS Server service on Windows Server 2003 and Windows 2000, and the Microsoft DNS Server service on Windows NT 4.0, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification) via DNS queries with spoofed source IP addresses. | ||||
| CVE-2004-0781 | 1 Icecast | 1 Icecast | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in list.cgi in the Icecast internal web server (icecast-server) 1.3.12 and earlier allows remote attackers to inject arbitrary web script via the UserAgent parameter. | ||||
| CVE-2005-2715 | 1 Symantec Veritas | 2 Netbackup Data And Business Center, Netbackup Enterprise Server Client | 2026-04-16 | N/A |
| Format string vulnerability in the Java user interface service (bpjava-msvc) daemon for VERITAS NetBackup Data and Business Center 4.5FP and 4.5MP, and NetBackup Enterprise/Server/Client 5.0, 5.1, and 6.0, allows remote attackers to execute arbitrary code via the COMMAND_LOGON_TO_MSERVER command. | ||||
| CVE-2005-2716 | 1 Nokia | 1 Affix | 2026-04-16 | N/A |
| The event_pin_code_request function in the btsrv daemon (btsrv.c) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in a Bluetooth device name. | ||||
| CVE-2005-2717 | 1 Webcalendar | 1 Webcalendar | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in WebCalendar before 1.0.1 allows remote attackers to execute arbitrary PHP code when opening settings.php, possibly via send_reminders.php or other scripts. | ||||
| CVE-2004-0782 | 2 Gnome, Redhat | 3 Gdkpixbuf, Gtk, Enterprise Linux | 2026-04-16 | N/A |
| Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain n_col and cpp values that enable a heap-based buffer overflow. NOTE: this identifier is ONLY for gtk+. It was incorrectly referenced in an advisory for a different issue (CVE-2004-0687). | ||||
| CVE-2004-0787 | 1 Openca | 1 Openca | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the web frontend in OpenCA 0.9.1-8 and earlier, and 0.9.2 RC6 and earlier, allows remote attackers to inject arbitrary web script or HTML via the form input fields. | ||||
| CVE-1999-0283 | 2026-04-16 | N/A | ||
| The Java Web Server would allow remote users to obtain the source code for CGI programs. | ||||
| CVE-1999-0284 | 2 Ibm, Microsoft | 2 Lotus Domino Mail Server, Exchange Server | 2026-04-16 | N/A |
| Denial of service to NT mail servers including Ipswitch, Mdaemon, and Exchange through a buffer overflow in the SMTP HELO command. | ||||
| CVE-1999-0285 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Denial of service in telnet from the Windows NT Resource Kit, by opening then immediately closing a connection. | ||||
| CVE-1999-0286 | 2026-04-16 | N/A | ||
| In some NT web servers, appending a space at the end of a URL may allow attackers to read source code for active pages. | ||||
| CVE-1999-0287 | 1 Webcom | 1 Cgi Guestbook | 2026-04-16 | N/A |
| Vulnerability in the Wguest CGI program. | ||||
| CVE-1999-1240 | 1 Gracenote | 1 Cddbd | 2026-04-16 | N/A |
| Buffer overflow in cddbd CD database server allows remote attackers to execute arbitrary commands via a long log message. | ||||
| CVE-2000-0759 | 1 Apache | 1 Tomcat | 2026-04-16 | N/A |
| Jakarta Tomcat 3.1 under Apache reveals physical path information when a remote attacker requests a URL that does not exist, which generates an error message that includes the physical path. | ||||
| CVE-2000-0760 | 1 Apache | 1 Tomcat | 2026-04-16 | N/A |
| The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension. | ||||