Search Results (351250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0164 2 Caldera, Redhat 4 Openlinux Server, Openlinux Workstation, Enterprise Linux and 1 more 2026-04-16 N/A
Vulnerability in the MIT-SHM extension of the X server on Linux (XFree86) 4.2.1 and earlier allows local users to read and write arbitrary shared memory, possibly to cause a denial of service or gain privileges.
CVE-2001-1491 1 Opera Software 1 Opera Web Browser 2026-04-16 N/A
Opera 5.11 allows remote attackers to cause a denial of service (CPU consumption and memory leak) via a web page with a large number of images.
CVE-2002-0006 2 Redhat, Xchat 2 Linux, Xchat 2026-04-16 N/A
XChat 1.8.7 and earlier, including default configurations of 1.4.2 and 1.4.3, allows remote attackers to execute arbitrary IRC commands as other clients via encoded characters in a PRIVMSG command that calls CTCP PING, which expands the characters in the client response when the percascii variable is set.
CVE-2006-2521 1 Accomplishtechnology 1 Phpmydirectory 2026-04-16 N/A
PHP remote file inclusion vulnerability in cron.php in phpMyDirectory 10.4.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the ROOT_PATH parameter.
CVE-2006-2529 1 Fckeditor 1 Fckeditor 2026-04-16 N/A
editor/filemanager/upload/php/upload.php in FCKeditor before 2.3 Beta, when the upload feature is enabled, does not verify the Type parameter, which allows remote attackers to upload arbitrary file types. NOTE: It is not clear whether this is related to CVE-2006-0658.
CVE-2003-1153 1 Bytehoard 1 Bytehoard 2026-04-16 N/A
byteHoard 0.7 and 0.71 allows remote attackers to list arbitrary files and directories via a direct request to files.inc.php.
CVE-2001-1176 1 Checkpoint 3 Firewall-1, Provider-1, Vpn-1 2026-04-16 N/A
Format string vulnerability in Check Point VPN-1/FireWall-1 4.1 allows a remote authenticated firewall administrator to execute arbitrary code via format strings in the control connection.
CVE-2001-1177 1 Samsung 2 Ml-85g Gdi Printer Driver, Ml-85p Printer Driver 2026-04-16 N/A
ml85p in Samsung ML-85G GDI printer driver before 0.2.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-2003-1154 1 Clearswift 1 Mailsweeper 2026-04-16 N/A
MAILsweeper for SMTP 4.3 allows remote attackers to bypass virus protection via a mail message with a malformed zip attachment, as exploited by certain MIMAIL virus variants.
CVE-2001-0824 1 Ibm 1 Websphere Application Server 2026-04-16 N/A
Cross-site scripting vulnerability in IBM WebSphere 3.02 and 3.5 FP2 allows remote attackers to execute Javascript by inserting the Javascript into (1) a request for a .JSP file, or (2) a request to the webapp/examples/ directory, which inserts the Javascript into an error page.
CVE-2003-1155 1 X-cd-roast 1 X-cd-roast 2026-04-16 N/A
X-CD-Roast 0.98 alpha10 through alpha14 allows local users to overwrite arbitrary files via a symlink attack on an unknown file.
CVE-2003-1259 1 Globalscape 1 Cuteftp 2026-04-16 N/A
Buffer overflow in CuteFTP 4.2 and 5.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP server banner.
CVE-2004-1358 1 Sun 1 Solaris 2026-04-16 N/A
The patches (1) 114332-08 and (2) 114929-06 for Sun Solaris 9 disable the auditing functionality of the Basic Security Module (BSM), which allows attackers to avoid having their activity logged.
CVE-2003-1260 1 Globalscape 1 Cuteftp 2026-04-16 N/A
Buffer overflow in CuteFTP 5.0 allows remote attackers to execute arbitrary code via a long response to a LIST command.
CVE-2001-1197 1 Kde 1 Kdeutils 2026-04-16 N/A
klprfax_filter in KDE2 KDEUtils allows local users to overwrite arbitrary files via a symlink attack on the klprfax.filter temporary file.
CVE-2001-1199 1 Steve Kneizys 1 Agora.cgi 2026-04-16 N/A
Cross-site scripting vulnerability in agora.cgi for Agora 3.0a through 4.0g, when debug mode is enabled, allows remote attackers to execute Javascript on other clients via the cart_id parameter.
CVE-2003-1156 1 Sun 2 Jdk, Jre 2026-04-16 N/A
Java Runtime Environment (JRE) and Software Development Kit (SDK) 1.4.2 through 1.4.2_02 allows local users to overwrite arbitrary files via a symlink attack on (1) unpack.log, as created by the unpack program, or (2) .mailcap1 and .mime.types1, as created by the RPM program.
CVE-2003-1262 1 Http Fetcher 1 Http Fetcher Library 2026-04-16 N/A
Buffer overflow in the http_fetch function of HTTP Fetcher 1.0.0 and 1.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL request via a long (1) host, (2) referer, or (3) userAgent value.
CVE-2001-1206 1 Matrixs Cgi Vault 1 Last Lines 2026-04-16 N/A
Matrix CGI vault Last Lines 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the $error_log variable.
CVE-2004-1373 1 Nullsoft 1 Shoutcast Server 2026-04-16 N/A
Format string vulnerability in SHOUTcast 1.9.4 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via format string specifiers in a content URL, as demonstrated in the filename portion of a .mp3 file.