Search Results (351250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-0738 1 Microsoft 1 Exchange Server 2026-04-16 N/A
Stack consumption vulnerability in Microsoft Exchange Server 2003 SP1 allows users to cause a denial of service (hang) by deleting or moving a folder with deeply nested subfolders, which causes Microsoft Exchange Information Store service (Store.exe) to hang as a result of a large number of recursive calls.
CVE-2005-1043 7 Apple, Conectiva, Peachtree and 4 more 8 Mac Os X, Mac Os X Server, Linux and 5 more 2026-04-16 N/A
exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.
CVE-2005-1102 1 Wordpress 1 Wordpress 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in template-functions-post.php in WordPress 1.5 and earlier allow remote attackers to execute arbitrary commands via the (1) content or (2) title of the post.
CVE-2001-0937 1 Matt Wright 1 Pgpmail.pl 2026-04-16 N/A
PGPMail.pl 1.31 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) recipient or (2) pgpuserid parameters.
CVE-2001-0264 1 Gene6 1 G6 Ftp Server 2026-04-16 N/A
Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows remote attackers to obtain NETBIOS credentials by requesting information on a file that is in a network share, which causes the server to send the credentials to the host that owns the share, and allows the attacker to sniff the connection.
CVE-2001-0265 1 Pgp 1 Pgp 2026-04-16 N/A
ASCII Armor parser in Windows PGP 7.0.3 and earlier allows attackers to create files in arbitrary locations via a malformed ASCII armored file.
CVE-2005-2903 1 Eset Software 1 Nod32 Antivirus 2026-04-16 N/A
Heap-based buffer overflow in NOD32 2.5 with nod32.002 1.033 build 1127, with active scanning enabled, allows remote attackers to execute arbitrary code via an ARJ archive containing a file with a long filename.
CVE-2005-2309 1 Opera 1 Opera Browser 2026-04-16 N/A
Opera 8.01 allows remote attackers to cause a denial of service (CPU consumption) via a crafted JPEG image, as demonstrated using random.jpg.
CVE-2001-0271 1 Mailnews.cgi 1 Mailnews.cgi 2026-04-16 N/A
mailnews.cgi 1.3 and earlier allows remote attackers to execute arbitrary commands via a user name that contains shell metacharacters.
CVE-2005-2313 1 Checkpoint 1 Secureclient Ng 2026-04-16 N/A
Check Point SecuRemote NG with Application Intelligence R54 allows attackers to obtain credentials and gain privileges via unknown attack vectors.
CVE-2001-0273 1 Holger Lamm 1 Pgp4pine 2026-04-16 N/A
pgp4pine Pine/PGP interface version 1.75-6 does not properly check to see if a public key has expired when obtaining the keys via Gnu Privacy Guard (GnuPG), which causes the message to be sent in cleartext.
CVE-2002-1120 1 Savant 1 Savant Web Server 2026-04-16 N/A
Buffer overflow in Savant Web Server 3.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
CVE-2005-3006 1 Opera 1 Opera Browser 2026-04-16 N/A
The mail client in Opera before 8.50 opens attached files from the user's cache directory without warning the user, which might allow remote attackers to inject arbitrary web script and spoof attachment filenames.
CVE-2005-2332 1 Php.warpedweb.net 1 Phppageprotect 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in PHPPageProtect 1.0.0a allows remote attackers to inject arbitrary web script or HTML via the username parameter to (1) admin.php or (2) login.php.
CVE-2005-2938 1 Apple 1 Itunes 2026-04-16 N/A
Unquoted Windows search path vulnerability in iTunesHelper.exe in iTunes 4.7.1.30 and iTunes 5 for Windows might allow local users to gain privileges via a malicious C:\program.exe file.
CVE-2003-0121 1 Clearswift 1 Mailsweeper 2026-04-16 N/A
Clearswift MAILsweeper 4.x allows remote attackers to bypass attachment detection via an attachment that does not specify a MIME-Version header field, which is processed by some mail clients.
CVE-2003-1170 1 Gernot Stocker 1 Kpopup 2026-04-16 N/A
Format string vulnerability in main.cpp in kpopup 0.9.1 and 0.9.5pre2 allows local users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via format string specifiers in command line arguments.
CVE-2003-1172 1 Apache 1 Cocoon 2026-04-16 N/A
Directory traversal vulnerability in the view-source sample file in Apache Software Foundation Cocoon 2.1 and 2.2 allows remote attackers to access arbitrary files via a .. (dot dot) in the filename parameter.
CVE-2004-1891 1 Sgi 1 Irix 2026-04-16 N/A
The ftp_syslog function in ftpd in SGI IRIX 6.5.20 "doesn't work with anonymous FTP," which has an unknown impact, possibly preventing the actions of anonymous users from being logged.
CVE-2004-2725 1 Aztek Forum 1 Aztek Forum 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Aztek Forum 4.0 allow remote attackers to inject arbitrary web script or HTML via (1) the search parameter in (a) search.php, (2) the email parameter in (b) subscribe.php, and (3) the return and (4) title parameters in (c) forum_2.php.