Export limit exceeded: 363288 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 363288 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1186 | 2 Gnu, Redhat | 2 Enscript, Enterprise Linux | 2026-04-16 | N/A |
| Multiple buffer overflows in enscript 1.6.3 allow remote attackers or local users to cause a denial of service (application crash). | ||||
| CVE-2004-1187 | 3 Mandrakesoft, Mplayer, Xine | 4 Mandrake Linux, Mplayer, Xine and 1 more | 2026-04-16 | N/A |
| Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99.2, and other packages such as MPlayer that use the same code, allows remote attackers to execute arbitrary code via long PNA_TAG values, a different vulnerability than CVE-2004-1188. | ||||
| CVE-2004-1188 | 3 Mandrakesoft, Mplayer, Xine | 4 Mandrake Linux, Mplayer, Xine and 1 more | 2026-04-16 | N/A |
| The pnm_get_chunk function in xine 0.99.2 and earlier, and other packages such as MPlayer that use the same code, does not properly verify that the chunk size is less than the PREAMBLE_SIZE, which causes a read operation with a negative length that leads to a buffer overflow via (1) RMF_TAG, (2) DATA_TAG, (3) PROP_TAG, (4) MDPR_TAG, and (5) CONT_TAG values, a different vulnerability than CVE-2004-1187. | ||||
| CVE-2004-1358 | 1 Sun | 1 Solaris | 2026-04-16 | N/A |
| The patches (1) 114332-08 and (2) 114929-06 for Sun Solaris 9 disable the auditing functionality of the Basic Security Module (BSM), which allows attackers to avoid having their activity logged. | ||||
| CVE-2004-1359 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Multiple buffer overflows in uucp for Sun Solaris 2.6, 7, 8, and 9 allow local users to execute arbitrary code as the uucp user. | ||||
| CVE-2004-1360 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Unknown vulnerability in conv_fix in Sun Solaris 7 through 9, when invoked by conv_lpd, allows local users to overwrite arbitrary files. | ||||
| CVE-2004-1361 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2026-04-16 | N/A |
| Integer underflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a malformed .hlp file, which leads to a heap-based buffer overflow. | ||||
| CVE-2006-2024 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2026-04-16 | N/A |
| Multiple vulnerabilities in libtiff before 3.8.1 allow context-dependent attackers to cause a denial of service via a TIFF image that triggers errors in (1) the TIFFFetchAnyArray function in (a) tif_dirread.c; (2) certain "codec cleanup methods" in (b) tif_lzw.c, (c) tif_pixarlog.c, and (d) tif_zip.c; (3) and improper restoration of setfield and getfield methods in cleanup functions within (e) tif_jpeg.c, tif_pixarlog.c, (f) tif_fax3.c, and tif_zip.c. | ||||
| CVE-2004-1362 | 1 Oracle | 9 Application Server, Collaboration Suite, E-business Suite and 6 more | 2026-04-16 | N/A |
| The PL/SQL module for the Oracle HTTP Server in Oracle Application Server 10g, when using the WE8ISO8859P1 character set, does not perform character conversions properly, which allows remote attackers to bypass access restrictions for certain procedures via an encoded URL with "%FF" encoded sequences that are improperly converted to "Y" characters. | ||||
| CVE-2004-1414 | 1 Gadu-gadu | 1 Gadu-gadu Instant Messenger | 2026-04-16 | N/A |
| Gadu-Gadu 6.1 build 156 allows remote attackers to cause a denial of service (application hang) via a message that contains many special strings that are converted to images. | ||||
| CVE-2004-1415 | 1 Ben3w | 1 2bgal | 2026-04-16 | N/A |
| SQL injection vulnerability in (1) disp_album.php and possibly (2) disp_img.php in 2Bgal 2.4 and 2.5.1 allows remote attackers to execute arbitrary SQL commands via the id_album parameter. | ||||
| CVE-2006-2045 | 1 Ip3 Networks | 1 Ip3 Netaccess 75 | 2026-04-16 | N/A |
| The (1) shadow password file in na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 has world readable permissions, which allows local users to view encrypted passwords; and the (2) NetAccess database file has world readable and writable permissions, which allows local users to view sensitive information and modify data. | ||||
| CVE-2004-1416 | 2 Microsoft, Realnetworks | 2 Internet Explorer, Realone Player | 2026-04-16 | N/A |
| pnxr3260.dll in the RealOne 2.0 build 6.0.11.868 browser plugin, as used in Internet Explorer, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embed tag. | ||||
| CVE-2006-2046 | 1 Application Dynamics | 1 Cartweaver Coldfusion | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Application Dynamics Cartweaver ColdFusion 2.16.11 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) category and (2) keywords parameters in (a) Results.cfm, and the (3) ProdID parameter in (b) Details.cfm. | ||||
| CVE-2004-1442 | 1 Ibm | 1 Net.data | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in db2www CGI interpreter in IBM Net.Data 7 and 7.2 allows remote attackers to inject arbitrary web script or HTML via a macro filename, which is not properly handled by error messages such as "DTWP001E." | ||||
| CVE-2004-1443 | 1 Horde | 1 Imp | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the inline MIME viewer in Horde-IMP (Internet Messaging Program) 3.2.4 and earlier, when used with Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via an e-mail message. | ||||
| CVE-1999-1089 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Buffer overflow in chfn command in HP-UX 9.X through 10.20 allows local users to gain privileges via a long command line argument. | ||||
| CVE-1999-1115 | 1 Hp | 1 Apollo Domain Os | 2026-04-16 | N/A |
| Vulnerability in the /etc/suid_exec program in HP Apollo Domain/OS sr10.2 and sr10.3 beta, related to the Korn Shell (ksh). | ||||
| CVE-1999-1134 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Vulnerability in Vue 3.0 in HP 9.x allows local users to gain root privileges, as fixed by PHSS_4038, PHSS_4055, and PHSS_4066. | ||||
| CVE-2004-0965 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| stmkfont in HP-UX B.11.00 through B.11.23 relies on the user-specified PATH when executing certain commands, which allows local users to execute arbitrary code by modifying the PATH environment variable to point to malicious programs. | ||||