Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-3084 1 Sony 1 Playstation Portable 2026-04-16 N/A
Buffer overflow in the TIFF library in the Photo Viewer for Sony PSP 2.0 firmware allows remote attackers to cause a denial of service via a crafted TIFF image.
CVE-2005-3100 1 Astaro 1 Security Linux 2026-04-16 N/A
Unspecified "PPTP Remote DoS Vulnerability" in Astaro Security Linux 4.027 allows attackers to cause a denial of service.
CVE-2006-1514 1 Abcmidi 1 Abcmidi 2026-04-16 N/A
Multiple buffer overflows in the abcmidi-yaps translator in abcmidi 20050101, and other versions, allow remote attackers to execute arbitrary code via crafted ABC music files that trigger the overflows during translation into PostScript.
CVE-2006-1435 1 Accounting Receiving And Inventory Administration 1 Aria 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in genmessage.php in Accounting Receiving and Inventory Administration (ARIA) 0.99-6 allows remote attackers to inject arbitrary web script or HTML via the Message Field (message parameter).
CVE-2004-1438 1 Subversion 1 Subversion 2026-04-16 N/A
The mod_authz_svn Apache module for Subversion 1.0.4-r1 and earlier allows remote authenticated users, with write access to the repository, to read unauthorized parts of the repository via the svn copy command.
CVE-2004-2567 1 Recipants 1 Recipants 2026-04-16 N/A
Multiple SQL injection vulnerabilities in ReciPants 1.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) user id, (2) recipe id, (3) category id, and (4) other ID number fields.
CVE-2005-3129 1 S9y 1 Serendipity 2026-04-16 N/A
Cross-site request forgery (CSRF) vulnerability in Serendipity 0.8.4 and earlier allows remote attackers to perform unauthorized actions as a logged in user via a link or IMG tag to serendipity_admin.php.
CVE-2004-1439 1 Sapporoworks 1 Black Jumbodog 2026-04-16 N/A
Buffer overflow in BlackJumboDog 3.x allows remote attackers to execute arbitrary code via long FTP commands such as (1) USER, (2) PASS, (3) RETR,(4) CWD, (5) XMKD, and (6) XRMD.
CVE-2004-1244 1 Microsoft 1 Windows Media Player 2026-04-16 N/A
Windows Media Player 9 allows remote attackers to execute arbitrary code via a PNG file containing large (1) width or (2) height values, aka the "PNG Processing Vulnerability."
CVE-2004-1448 1 Jetbox 1 Jetbox One Cms 2026-04-16 N/A
Jetbox One 2.0.8 and possibly other versions allow remote attackers with Author privileges in the IMAGES module to upload PHP files and execute arbitrary code.
CVE-2001-1320 1 Pgp 1 Keyserver 2026-04-16 N/A
Network Associates PGP Keyserver 7.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via exceptional BER encodings (possibly buffer overflows), as demonstrated by the PROTOS LDAPv3 test suite.
CVE-2002-0022 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Buffer overflow in the implementation of an HTML directive in mshtml.dll in Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code via a web page that specifies embedded ActiveX controls in a way that causes 2 Unicode strings to be concatenated.
CVE-2004-1262 1 Stuart Cunningham 1 Bsb2ppm 2026-04-16 N/A
Buffer overflow in the bsb_open_header function in libbsb for bsb2ppm 0.0.6 allows remote attackers to execute arbitrary code via crafted BSB pictures.
CVE-2004-2583 1 Smartertools 1 Smartermail 2026-04-16 N/A
SMTP service in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote attackers to cause a denial of service (CPU consumption) via a large number of simultaneous open connections to TCP port 25.
CVE-2005-2390 1 Proftpd Project 1 Proftpd 2026-04-16 N/A
Multiple format string vulnerabilities in ProFTPD before 1.3.0rc2 allow attackers to cause a denial of service or obtain sensitive information via (1) certain inputs to the shutdown message from ftpshut, or (2) the SQLShowInfo mod_sql directive.
CVE-2006-3369 1 Iduprey 1 Kamikaze-qscm 2026-04-16 N/A
Kamikaze-QSCM 0.1 stores config.inc under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information, including the database configuration.
CVE-2006-3370 1 Bb-news 1 Blueboy 2026-04-16 N/A
Blueboy 1.0.3 stores bb_news_config.inc under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information, including the database configuration.
CVE-2005-2504 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
The System Profiler in Mac OS X 10.4.2 labels a Bluetooth device with "Requires Authentication: No" even when the user has selected the "Require pairing for security" option, which could confuse users about which setting is valid.
CVE-2005-2465 2 Pc-experience, Toppe 2 Pc-experience, Toppe Cms 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in pm.php in PCXP/TOPPE CMS allows remote attackers to inject arbitrary web script or HTML via the msg variable.
CVE-2001-1324 1 Paul Jarc 1 Idtools 2026-04-16 N/A
cvmlogin and statfile in Paul Jarc idtools before 2001.06.27 do not properly check the return value of a call to the pathexec_env function, which could cause the setstate utility to setuid to the UID environment variable and allow local users to gain privileges.