Export limit exceeded: 362705 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (362705 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1277 1 Iglooftp 1 Iglooftp 2026-04-16 N/A
The download_selection_recursive() function in ftplist.c for IglooFTP 0.6.1 allows remote malicious FTP servers to overwrite arbitrary files via filenames that contain / (slash) characters.
CVE-2004-1278 2 Abc2ps, John Chambers 2 Abc2ps, Jcabc2ps 2026-04-16 N/A
Buffer overflow in the switch_voice function in parse.c for jcabc2ps 20040902 allows remote attackers to execute arbitrary code via a crafted ABC file.
CVE-2004-1279 1 Jpegtoavi 1 Jpegtoavi 2026-04-16 N/A
Buffer overflow in the get_file_list_stdin function in jpegtoavi 1.5 allows remote attackers to execute arbitrary code via a crafted set of JPEG files and filenames.
CVE-2004-1280 1 Junkie 1 Junkie Ftp Client 2026-04-16 N/A
The gui_popup_view_fly function in gui_tview_popup.c for junkie 0.3.1 allows remote malicious FTP servers to execute arbitrary commands via shell metacharacters in a filename.
CVE-2004-1282 1 Linpopup 1 Linpopup 2026-04-16 N/A
Buffer overflow in the strexpand function in string.c for LinPopUp 1.2.0 allows remote attackers to execute arbitrary code via a crafted message that is not properly handled during a Reply operation.
CVE-2004-1283 1 Mesh Viewer 1 Mesh Viewer 2026-04-16 N/A
Buffer overflow in the Mesh::type method in mesh.c for the mview program in Mesh Viewer 0.2.2 allows remote attackers to execute arbitrary code via crafted mesh files.
CVE-2004-1284 1 Mpg123 1 Mpg123 2026-04-16 N/A
Buffer overflow in the find_next_file function in playlist.c for mpg123 0.59r allows remote attackers to execute arbitrary code via a crafted MP3 playlist.
CVE-2004-1291 1 Amir Malik 1 Qwik Smtpd 2026-04-16 N/A
Buffer overflow in qwik-smtpd allows remote attackers to use the server as an SMTP spam relay via a long HELO command, which overwrites the adjacent localIP data buffer.
CVE-2004-1301 1 Xlreader 1 Xlreader 2026-04-16 N/A
Buffer overflow in the book_format_sql function in format.c for xlreader 0.9.0 allows remote attackers to execute arbitrary code via a crafted Excel (XLS) file.
CVE-2006-1983 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Multiple heap-based buffer overflows in Mac OS X 10.4.6 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) PredictorVSetField function for TIFF or (2) CFAllocatorAllocate function for GIF, as used in applications that use ImageIO or AppKit. NOTE: the BMP vector has been re-assigned to CVE-2006-2238 because it affects a separate product family.
CVE-2006-1993 1 Mozilla 1 Firefox 2026-04-16 N/A
Mozilla Firefox 1.5.0.2, when designMode is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain Javascript that is not properly handled by the contentWindow.focus method in an iframe, which causes a reference to a deleted controller context object. NOTE: this was originally claimed to be a buffer overflow in (1) js320.dll and (2) xpcom_core.dll, but the vendor disputes this claim.
CVE-2006-1999 1 Openttd 1 Openttd 2026-04-16 N/A
The multiplayer menu in OpenTTD 0.4.7 allows remote attackers to cause a denial of service via a UDP packet with an incorrect size, which causes the client to return to the main menu.
CVE-2006-2006 1 Ivan Zahariev 1 Izarc 2026-04-16 N/A
Multiple directory traversal vulnerabilities in IZArc Archiver 3.5 beta 3 allow remote attackers to write arbitrary files via a ..\ (dot dot backslash) in a (1) .rar, (2) .tar, (3) .zip, (4) .jar, or (5) .gz archive. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-2008 1 Built2go 1 Movie Review 2026-04-16 N/A
PHP remote file inclusion vulnerability in movie_cls.php in Built2Go PHP Movie Review 2B and earlier allows remote attackers to execute arbitrary PHP code via a URL in the full_path parameter.
CVE-2006-2009 1 Phpmyagenda 1 Phpmyagenda 2026-04-16 N/A
PHP remote file inclusion vulnerability in agenda.php3 in phpMyAgenda 3.0 Final and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootagenda parameter.
CVE-2006-2010 1 Paras Chopra 1 Bloggage 2026-04-16 N/A
Multiple SQL injection vulnerabilities in check_login.asp in Bloggage allow remote attackers to execute arbitrary SQL commands via the (1) acc_name and (2) password parameter.
CVE-2006-2011 1 4homepages 1 4images 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in member.php in 4images 1.7 and earlier allows remote attackers to inject arbitrary web script or HTML via the nickname, probably involving the user_name parameter in register.php.
CVE-2006-2013 1 Web-provence 1 Sl Site 2026-04-16 N/A
SQL injection vulnerability in page.php in SL_site 1.0 allows remote attackers to execute arbitrary SQL commands via the id_page parameter. NOTE: this issue could be used to produce resultant XSS from an error message.
CVE-2006-2014 1 Web-provence 1 Sl Site 2026-04-16 N/A
Directory traversal vulnerability in gallerie.php in SL_site 1.0 allows remote attackers to list images in arbitrary directories via ".." sequences in the rep parameter, which is used to construct a directory name in admin/config.inc.php. NOTE: this issue could be used to produce resultant XSS from an error message.
CVE-2006-2015 1 Web-provence 1 Sl Site 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in SL_site 1.0 allows remote attackers to inject arbitrary web script or HTML via the recherche parameter in recherche.php. NOTE: other XSS vectors, as reported in the original disclosure, are resultant from other primary vulnerabilities that have separate CVE names.