Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0631 2 Adobe, Redhat 2 Acrobat Reader, Rhel Extras 2025-04-03 N/A
Buffer overflow in the uudecoding feature for Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those before 5.0.9, allows remote attackers to execute arbitrary code via a long filename for the PDF file that is provided to the uudecode command.
CVE-2003-0603 1 Mozilla 1 Bugzilla 2025-04-03 N/A
Bugzilla 2.16.x before 2.16.3, 2.17.x before 2.17.4, and earlier versions allows local users to overwrite arbitrary files via a symlink attack on temporary files that are created in directories with group-writable or world-writable permissions.
CVE-2003-0604 1 Microsoft 1 Windows Media Player 2025-04-03 N/A
Windows Media Player (WMP) 7 and 8, as running on Internet Explorer and possibly other Microsoft products that process HTML, allows remote attackers to bypass zone restrictions and access or execute arbitrary files via an IFRAME tag pointing to an ASF file whose Content-location contains a File:// URL.
CVE-2004-0632 1 Adobe 2 Acrobat, Acrobat Reader 2025-04-03 N/A
Adobe Reader 6.0 does not properly handle null characters when splitting a filename path into components, which allows remote attackers to execute arbitrary code via a file with a long extension that is not normally handled by Reader, triggering a buffer overflow.
CVE-2005-0676 1 Phpoutsourcing 1 Zorum 2025-04-03 N/A
index.php in Zorum 3.5 allows remote attackers to trigger an SQL error, and possibly inject arbitrary SQL commands, via the search capability.
CVE-2003-0607 1 Stanley T. Shebs 1 Xconq 2025-04-03 N/A
Buffer overflow in xconq 7.4.1 allows local users to become part of the "games" group via the (1) USER or (2) DISPLAY environment variables.
CVE-2003-0609 1 Sun 2 Solaris, Sunos 2025-04-03 N/A
Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local users to gain root privileges via a long LD_PRELOAD environment variable.
CVE-2004-1773 2 Gnu, Redhat 2 Sharutils, Enterprise Linux 2025-04-03 N/A
Multiple buffer overflows in sharutils 4.2.1 and earlier may allow attackers to execute arbitrary code via (1) long output from wc to shar, or (2) unknown vectors in unshar.
CVE-2003-0616 1 Mcafee 1 Epolicy Orchestrator 2025-04-03 N/A
Format string vulnerability in ePO service for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request with format strings in the computerlist parameter, which are used when logging a failed name resolution.
CVE-2004-1846 1 Expinion.net 1 News Manager Lite 2025-04-03 N/A
Multiple SQL injection vulnerabilities in News Manager Lite 2.5 allow remote attackers to execute arbitrary SQL code via the (1) ID parameter to more.asp, (2) ID parameter to category_news.asp, or (3) filter parameter to news_sort.asp.
CVE-2005-0687 1 Hashcash 1 Hashcash 2025-04-03 N/A
Format string vulnerability in Hashcash 1.16 allows remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via format string specifiers in a reply address, which is not properly handled when printing the header.
CVE-2003-0747 1 Sap 1 Internet Transaction Server 2025-04-03 N/A
wgate.dll in SAP Internet Transaction Server (ITS) 4620.2.0.323011 allows remote attackers to obtain potentially sensitive information such as directory structure and operating system via incorrect parameters (1) ~service, (2) ~templatelanguage, (3) ~language, (4) ~theme, or (5) ~template, which leaks the information in the resulting error message.
CVE-2003-0751 1 Py-membres 1 Py-membres 2025-04-03 N/A
SQL injection vulnerability in pass_done.php for PY-Membres 4.2 and earlier allows remote attackers to execute arbitrary SQL queries via the email parameter.
CVE-2004-0685 3 Linux, Redhat, Trustix 4 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 1 more 2025-04-03 N/A
Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structures, which could allow local users to obtain sensitive information by reading memory that was not cleared from previous usage.
CVE-2003-0753 1 Newsphp 1 Newsphp 2025-04-03 N/A
nphpd.php in newsPHP 216 and earlier allows remote attackers to read arbitrary files via a full pathname to the target file in the nphp_config[LangFile] parameter.
CVE-2004-0686 3 Redhat, Samba, Trustix 3 Enterprise Linux, Samba, Secure Linux 2025-04-03 N/A
Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling method = hash" option is enabled in smb.conf, has unknown impact and attack vectors.
CVE-2004-0687 5 Openbsd, Redhat, Suse and 2 more 6 Openbsd, Enterprise Linux, Network Satellite and 3 more 2025-04-03 N/A
Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c, (2) ParseAndPutPixels in create.c, and (3) ParsePixels in parse.c for libXpm before 6.8.1 allow remote attackers to execute arbitrary code via a malformed XPM image file.
CVE-2005-0021 2 Redhat, University Of Cambridge 2 Enterprise Linux, Exim 2025-04-03 N/A
Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command line option or dnsdb PTR lookup, which triggers an overflow in the dns_build_reverse function.
CVE-2005-0698 1 Jason Hines 1 Phpweblog 2025-04-03 N/A
PHP remote file inclusion vulnerability in PHPWebLog 0.5.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the (1) G_PATH parameter to init.inc.php or the (2) PATH parameter to index.php to reference a URL on a remote web server that contains the code.
CVE-2004-0688 5 Openbsd, Redhat, Suse and 2 more 6 Openbsd, Enterprise Linux, Network Satellite and 3 more 2025-04-03 N/A
Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file.