Vulnerabilities (CVE)

Filtered by NVD-CWE-Other
Total 29521 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2004-1945 1 Kinesphere Corporation 1 Exchange Pop3 2025-04-03 7.5 HIGH N/A
Buffer overflow in Kinesphere eXchange POP3 allows remote attackers to execute arbitrary code via a long MAIL FROM field.
CVE-2005-4797 1 Sun 2 Solaris, Sunos 2025-04-03 5.0 MEDIUM N/A
Directory traversal vulnerability in printd line printer daemon (lpd) in Solaris 7 through 10 allows remote attackers to delete arbitrary files via ".." sequences in an "Unlink data file" command.
CVE-2004-2208 1 Ideal Science 1 Idealbb 2025-04-03 5.0 MEDIUM N/A
CRLF injection vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to conduct HTTP response splitting attacks via unknown vectors.
CVE-2006-3957 1 Bosdev 1 Bosdates 2025-04-03 7.5 HIGH N/A
PHP remote file inclusion vulnerability in payment.php in BosDev BosDates allows remote attackers to execute arbitrary PHP code via a URL in the insPath parameter.
CVE-2002-0843 2 Apache, Oracle 4 Http Server, Application Server, Database Server and 1 more 2025-04-03 7.5 HIGH N/A
Buffer overflows in the ApacheBench benchmark support program (ab.c) in Apache before 1.3.27, and Apache 2.x before 2.0.43, allow a malicious web server to cause a denial of service and possibly execute arbitrary code via a long response.
CVE-2004-0534 1 Businessobjects 2 Infoview, Webintelligence 2025-04-03 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Business Objects InfoView 5.1.4 through 5.1.8 for WebIntelligence 2.7.0 through 2.7.4 allows remote attackers to inject arbitrary web script or HTML via document names when uploading a document.
CVE-2002-0314 3 Fasttrack, Grokster, Music City Networks 3 Kazaa, Grokster, Morpheus 2025-04-03 5.0 MEDIUM N/A
fasttrack p2p, as used in (1) KaZaA before 1.5, (2) grokster, and (3) morpheus allows remote attackers to cause a denial of service (memory exhaustion) via a series of client-to-client messages, which pops up new windows per message.
CVE-2004-0039 1 Checkpoint 1 Firewall-1 2025-04-03 10.0 HIGH N/A
Multiple format string vulnerabilities in HTTP Application Intelligence (AI) component in Check Point Firewall-1 NG-AI R55 and R54, and Check Point Firewall-1 HTTP Security Server included with NG FP1, FP2, and FP3 allows remote attackers to execute arbitrary code via HTTP requests that cause format string specifiers to be used in an error message, as demonstrated using the scheme of a URI.
CVE-2004-0961 2 Freeradius, Redhat 3 Freeradius, Enterprise Linux, Fedora Core 2025-04-03 5.0 MEDIUM N/A
Memory leak in FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (memory exhaustion) via a series of Access-Request packets with (1) Ascend-Send-Secret, (2) Ascend-Recv-Secret, or (3) Tunnel-Password attributes.
CVE-2004-0672 1 Netegrity 2 Identityminder, Policy Server 2025-04-03 6.8 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in the primary and management web interfaces in Netegrity IdentityMinder Web Edition 5.6 allows remote attackers to execute script as other users via (1) script that starts with %00 in the numOfExpressions parameter or (2) the mobjtype parameter.
CVE-2006-1963 1 Pcpin 1 Pcpin Chat 2025-04-03 5.5 MEDIUM N/A
Directory traversal vulnerability in main.php in PCPIN Chat 5.0.4 and earlier allows remote authenticated users to include and execute arbitrary PHP code via a ".." (dot dot) in a language cookie, as demonstrated by uploading then accessing a smiliefile image that actually contains PHP code.
CVE-2004-2125 1 Iss 4 Blackice Agent Server, Blackice Pc Protection, Blackice Server Protection and 1 more 2025-04-03 4.6 MEDIUM N/A
Buffer overflow in blackd.exe for BlackICE PC Protection 3.6 and other versions before 3.6.ccb, with application protection off, allows local users to gain system privileges by modifying the .INI file to contain a long packetLog.fileprefix value.
CVE-1999-1574 1 Ibm 1 Aix 2025-04-03 7.5 HIGH N/A
Buffer overflow in the lex routines of nslookup for AIX 4.3 may allow attackers to cause a core dump and possibly execute arbitrary code via "long input strings."
CVE-2002-1361 1 Sun 1 Cobalt Raq 4 2025-04-03 10.0 HIGH N/A
overflow.cgi CGI script in Sun Cobalt RaQ 4 with the SHP (Security Hardening Patch) installed allows remote attackers to execute arbitrary code via a POST request with shell metacharacters in the email parameter.
CVE-2006-0494 1 Mybulletinboard 1 Mybulletinboard 2025-04-03 4.3 MEDIUM N/A
Directory traversal vulnerability in MyBB (aka MyBulletinBoard) 1.02 allows local users with MyBB administrative privileges to include and possibly execute arbitrary local files via directory traversal sequences and a nul (%00) character in the plugin parameter.
CVE-1999-0192 2 Redhat, Slackware 2 Linux, Slackware Linux 2025-04-03 10.0 HIGH N/A
Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable.
CVE-1999-1071 1 Excite 1 Ews 2025-04-03 7.2 HIGH N/A
Excite for Web Servers (EWS) 1.1 installs the Architext.conf authentication file with world-writeable permissions, which allows local users to gain access to Excite accounts by modifying the file.
CVE-2000-0038 1 Glftpd 1 Glftpd 2025-04-03 7.5 HIGH N/A
glFtpD includes a default glftpd user account with a default password and a UID of 0.
CVE-2005-1153 1 Mozilla 2 Firefox, Mozilla 2025-04-03 7.5 HIGH N/A
Firefox before 1.0.3 and Mozilla Suite before 1.7.7, when blocking a popup, allows remote attackers to execute arbitrary code via a javascript: URL that is executed when the user selects the "Show javascript" option.
CVE-1999-0855 1 Freebsd 1 Freebsd 2025-04-03 7.2 HIGH N/A
Buffer overflow in FreeBSD gdc program.