Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0137 1 Microsoft 1 Windows Media Player 2025-04-03 N/A
Windows Media Player 7 allows remote attackers to execute malicious Java applets in Internet Explorer clients by enclosing the applet in a skin file named skin.wmz, then referencing that skin in the codebase parameter to an applet tag, aka the Windows Media Player Skins File Download" vulnerability.
CVE-2000-0226 1 Microsoft 1 Internet Information Server 2025-04-03 N/A
IIS 4.0 allows attackers to cause a denial of service by requesting a large buffer in a POST or PUT command which consumes memory, aka the "Chunked Transfer Encoding Buffer Overflow Vulnerability."
CVE-2001-0503 1 Microsoft 1 Netmeeting 2025-04-03 N/A
Microsoft NetMeeting 3.01 with Remote Desktop Sharing enabled allows remote attackers to cause a denial of service via a malformed string to the NetMeeting service port, aka a variant of the "NetMeeting Desktop Sharing" vulnerability.
CVE-2004-0630 2 Adobe, Redhat 2 Acrobat Reader, Rhel Extras 2025-04-03 N/A
The uudecoding feature in Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those before 5.0.9, allows remote attackers to execute arbitrary code via shell metacharacters ("`" or backtick) in the filename of the PDF file that is provided to the uudecode command.
CVE-2005-0334 1 Linksys 1 Psus4 Printserver 2025-04-03 N/A
Linksys PSUS4 running firmware 6032 allows remote attackers to cause a denial of service (device crash) via an HTTP POST request containing an unknown parameter without a value.
CVE-2001-0138 4 Debian, Immunix, Mandrakesoft and 1 more 5 Debian Linux, Immunix, Mandrake Linux and 2 more 2025-04-03 N/A
privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack.
CVE-2005-0342 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-03 N/A
The Finder in Mac OS X and earlier allows local users to overwrite arbitrary files and gain privileges by creating a hard link from the .DS_Store file to an arbitrary file.
CVE-2000-0236 1 Netscape 1 Enterprise Server 2025-04-03 N/A
Netscape Enterprise Server with Directory Indexing enabled allows remote attackers to list server directories via web publishing tags such as ?wp-ver-info and ?wp-cs-dump.
CVE-2002-1398 2 Postgresql, Redhat 3 Postgresql, Enterprise Linux, Linux 2025-04-03 N/A
Buffer overflow in the date parser for PostgreSQL before 7.2.2 allows attackers to cause a denial of service and possibly execute arbitrary code via a long date string, aka a vulnerability "in handling long datetime input."
CVE-2005-0350 1 F-secure 4 F-secure Anti-virus, F-secure Internet Security, F-secure Personal Express and 1 more 2025-04-03 N/A
Heap-based buffer overflow in multiple F-Secure Anti-Virus and Internet Security products allows remote attackers to execute arbitrary code via a crafted ARJ archive.
CVE-2001-1049 1 Paul M. Jones 1 Phorecast 2025-04-03 N/A
Phorecast PHP script before 0.40 allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.
CVE-2005-3399 1 Cat 1 Quick Heal 2025-04-03 N/A
Multiple interpretation error in CAT-QuickHeal 8.0 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug."
CVE-1999-1349 1 Xlink Technology 1 Omni-nfs X Enterprise 2025-04-03 N/A
NFS daemon (nfsd.exe) for Omni-NFS/X 6.1 allows remote attackers to cause a denial of service (resource exhaustion) via certain packets, possibly with the Urgent (URG) flag set, to port 111.
CVE-1999-0042 5 Bsdi, Caldera, Ibm and 2 more 6 Bsd Os, Openlinux, Aix and 3 more 2025-04-03 N/A
Buffer overflow in University of Washington's implementation of IMAP and POP servers.
CVE-2006-0984 1 Ej3 1 Topo 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in inc_header.php in EJ3 TOPo 2.2.178 allows remote attackers to inject arbitrary web script or HTML via the gTopNombre parameter.
CVE-2003-0284 1 Adobe 1 Acrobat 2025-04-03 N/A
Adobe Acrobat 5 does not properly validate JavaScript in PDF files, which allows remote attackers to write arbitrary files into the Plug-ins folder that spread to other PDF documents, as demonstrated by the W32.Yourde virus.
CVE-1999-1387 1 Microsoft 1 Windows Nt 2025-04-03 N/A
Windows NT 4.0 SP2 allows remote attackers to cause a denial of service (crash), possibly via malformed inputs or packets, such as those generated by a Linux smbmount command that was compiled on the Linux 2.0.29 kernel but executed on Linux 2.0.25.
CVE-1999-1388 1 Sun 1 Sunos 2025-04-03 N/A
passwd in SunOS 4.1.x allows local users to overwrite arbitrary files via a symlink attack and the -F command line argument.
CVE-1999-1393 1 Apple 1 Macos 2025-04-03 N/A
Control Panel "Password Security" option for Apple Powerbooks allows attackers with physical access to the machine to bypass the security by booting it with an emergency startup disk and using a disk editor to modify the on/off toggle or password in the aaaaaaaAPWD file, which is normally inaccessible.
CVE-2006-2961 1 Aclogic 1 Cesarftp 2025-04-03 N/A
Stack-based buffer overflow in CesarFTP 0.99g and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long MKD command. NOTE: the provenance of this information is unknown; the details are obtained from third party information.