Search Results (351250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-4337 2 Gzip, Redhat 2 Gzip, Enterprise Linux 2026-04-16 N/A
Buffer overflow in the make_table function in the LHZ component in gzip 1.3.5 allows context-dependent attackers to execute arbitrary code via a crafted decoding table in a GZIP archive.
CVE-2006-0931 1 Pear 1 Pear Archive Tar 2026-04-16 N/A
Directory traversal vulnerability in PEAR::Archive_Tar 1.2, and other versions before 1.3.2, allows remote attackers to create and overwrite arbitrary files via certain crafted pathnames in a TAR archive.
CVE-2005-2213 1 Mms Ripper 1 Mms Ripper 2026-04-16 N/A
Buffer overflow in the mms_interp_header function in mms.c in MMS Ripper before 0.6.4 might allow remote attackers to execute arbitrary code via a file with more than 20 streams.
CVE-2005-2216 1 Photogal 1 Photogal Photo Gallery 2026-04-16 N/A
PHP remote file inclusion vulnerability in gals.php in PhotoGal Photo Gallery 1.5 and earlier allows remote attackers to execute arbitrary code via the news_file parameter.
CVE-2003-0068 1 Michael Jennings 1 Eterm 2026-04-16 N/A
The Eterm terminal emulator 0.9.1 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.
CVE-2005-2217 1 Craig Dansie 1 Dansie Shopping Cart 2026-04-16 N/A
Dansie Shopping Cart stores the vars.dat file under the web root with insufficient access control, which might allow remote attackers to obtain sensitive information such as program variables.
CVE-1999-0023 6 Bsdi, Freebsd, Ibm and 3 more 10 Bsd Os, Freebsd, Aix and 7 more 2026-04-16 N/A
Local user gains root privileges via buffer overflow in rdist, via lookup() function.
CVE-1999-0025 1 Sgi 1 Irix 2026-04-16 N/A
root privileges via buffer overflow in df command on SGI IRIX systems.
CVE-2000-0867 5 Debian, Mandrakesoft, Redhat and 2 more 5 Debian Linux, Mandrake Linux, Linux and 2 more 2026-04-16 N/A
Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.
CVE-2002-1598 1 Broadcom 1 Mlink 2026-04-16 N/A
Buffer overflows in Computer Associates MLink (CA-MLink) 6.5 and earlier may allow local users to execute arbitrary code via long command line arguments to (1) mlclear or (2) mllock.
CVE-1999-0261 2026-04-16 N/A
Netmanager Chameleon SMTPd has several buffer overflows that cause a crash.
CVE-2002-2250 1 Sybase 1 Adaptive Server 2026-04-16 N/A
Multiple buffer overflows in Sybase Adaptive Server 12.0 and 12.5 allow remote attackers to execute arbitrary code via (1) a long parameter to the xp_freedll extended stored procedure or (2) a long database name argument to the DBCC CHECKVERIFY function.
CVE-2003-1348 1 Ftls 1 Guestbook 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in guestbook.cgi in ftls.org Guestbook 1.1 allows remote attackers to inject arbitrary web script or HTML via the (1) comment, (2) name, or (3) title field.
CVE-1999-0357 1 Microsoft 1 Windows 98 2026-04-16 N/A
Windows 98 and other operating systems allows remote attackers to cause a denial of service via crafted "oshare" packets, possibly involving invalid fragmentation offsets.
CVE-2004-1636 1 Net Integration Technologies Inc. 1 Wvtftp 2026-04-16 N/A
Heap-based buffer overflow in the WvTFTPServer::new_connection function in wvtftpserver.cc for WvTftp 0.9 allows remote attackers to execute arbitrary code via a long option string in a TFTP packet.
CVE-1999-0444 1 Microsoft 3 Windows 95, Windows 98, Windows Nt 2026-04-16 N/A
Remote attackers can perform a denial of service in Windows machines using malicious ARP packets, forcing a message box display for each packet or filling up log files.
CVE-2005-0260 1 Broadcom 1 Brightstor Arcserve Backup 2026-04-16 N/A
Stack-based buffer overflow in the Discovery Service for BrightStor ARCserve Backup 11.1 and earlier allows remote attackers to execute arbitrary code via a long packet to UDP port 41524, which is not properly handled in a recvfrom call.
CVE-1999-1370 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
The setup wizard (ie5setup.exe) for Internet Explorer 5.0 disables (1) the screen saver, which could leave the system open to users with physical access if a failure occurs during an unattended installation, and (2) the Task Scheduler Service, which might prevent the scheduled execution of security-critical programs.
CVE-2002-2260 1 Mozilla 1 Bugzilla 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the quips feature in Mozilla Bugzilla 2.10 through 2.17 allows remote attackers to inject arbitrary web script or HTML via the "show all quips" page.
CVE-2004-1693 1 Mambo 1 Mambo 2026-04-16 N/A
PHP remote file inclusion vulnerability in Function.php in Mambo 4.5 (1.0.9) allows remote attackers to execute arbitrary PHP code by modifying the mosConfig_absolute_path parameter to reference a URL on a remote web server that contains the code.