Export limit exceeded: 26468 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (26468 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-2329 1 Mirabilis 1 Icq 2026-04-16 N/A
ICQ client 2001b, 2002a and 2002b allows remote attackers to cause a denial of service (CPU consumption or crash) via a message with a large number of emoticons.
CVE-2004-1777 1 Skype Technologies 1 Skype 2026-04-16 N/A
A "range check error" in Skype for Windows before 0.98.0.28 allows local and remote attackers to cause a denial of service (application crash) via long command line arguments or a long callto:// URL, a different vulnerability than CVE-2004-1114.
CVE-2003-0637 1 Novell 1 Ichain 2026-04-16 N/A
Novell iChain 2.2 before Support Pack 1 uses a shorter timeout for a non-existent user than a valid user, which makes it easier for remote attackers to guess usernames and conduct brute force password guessing.
CVE-2003-1526 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
PHP-Nuke 7.0 allows remote attackers to obtain the installation path via certain characters such as (1) ", (2) ', or (3) > in the search field, which reveals the path in an error message.
CVE-2002-2415 1 Alliedtelesyn 2 At-8024, Rapier 24 2026-04-16 N/A
Allied Telesyn AT-8024 1.3.1 and Rapier 24 switches allow remote authenticated users to cause a denial of service in the management interface via a stream of zero (null) bytes sent via UDP to a running service.
CVE-2002-2328 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Active Directory in Windows 2000, when supporting Kerberos V authentication and GSSAPI, allows remote attackers to cause a denial of service (hang) via an LDAP client that sets the page length to zero during a large request.
CVE-2002-2322 1 Ultimate Php Board 1 Ultimate Php Board 2026-04-16 N/A
Ultimate PHP Board (UPB) 1.0b stores the users.dat data file under the web root with insufficient access control, which allows remote attackers to obtain usernames and passwords.
CVE-2002-2421 1 Andrey Cherezov 1 Acweb 2026-04-16 N/A
acWEB 1.14 allows remote attackers to cause a denial of service (crash) via an HTTP request for a MS-DOS device name such as COM2.
CVE-1999-0265 2 Microware, Novell 2 Os-9, Netware 2026-04-16 N/A
ICMP redirect messages may crash or lock up a host.
CVE-2006-1858 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a chunk length that is inconsistent with the actual length of provided parameters.
CVE-2006-4595 1 Muforum 1 Muforum 2026-04-16 N/A
muforum (µforum) 0.4c stores membres/members.dat under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as usernames and password hashes.
CVE-2006-2223 2 Quagga, Redhat 2 Quagga, Enterprise Linux 2026-04-16 N/A
RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly implement configurations that (1) disable RIPv1 or (2) require plaintext or MD5 authentication, which allows remote attackers to obtain sensitive information (routing state) via REQUEST packets such as SEND UPDATE.
CVE-2006-4023 1 Php 1 Php 2026-04-16 N/A
The ip2long function in PHP 5.1.4 and earlier may incorrectly validate an arbitrary string and return a valid network IP address, which allows remote attackers to obtain network information and facilitate other attacks, as demonstrated using SQL injection in the X-FORWARDED-FOR Header in index.php in MiniBB 2.0. NOTE: it could be argued that the ip2long behavior represents a risk for security-relevant issues in a way that is similar to strcpy's role in buffer overflows, in which case this would be a class of implementation bugs that would require separate CVE items for each PHP application that uses ip2long in a security-relevant manner.
CVE-2005-0050 1 Microsoft 3 Windows 2000, Windows 2003 Server, Windows Nt 2026-04-16 N/A
The License Logging service for Windows NT Server, Windows 2000 Server, and Windows Server 2003 does not properly validate the length of messages, which leads to an "unchecked buffer" and allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, aka the "License Logging Service Vulnerability."
CVE-2005-0209 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
Netfilter in Linux kernel 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) via crafted IP packet fragments.
CVE-2006-2384 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to conduct spoofing and phishing attacks by using a modal browser window in a way that preserves the original address bar and trusted UI of a trusted site, even after the browser has been navigated to a malicious site, aka the "Address Bar Spoofing Vulnerability."
CVE-2005-2177 2 Net-snmp, Redhat 2 Net-snmp, Enterprise Linux 2026-04-16 N/A
Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before 5.2.1.2, and 5.1.3, when net-snmp is using stream sockets such as TCP, allows remote attackers to cause a denial of service (daemon hang and CPU consumption) via a TCP packet of length 1, which triggers an infinite loop.
CVE-2006-3423 1 Webex Communications 2 Downloader Activexcontrol, Downloader Java 2026-04-16 N/A
WebEx Downloader ActiveX Control and WebEx Downloader Java before 2.1.0.0 do not validate downloaded components, which allows remote attackers to execute arbitrary code via a website that activates the GpcUrlRoot and GpcIniFileName ActiveX controls to cause the client to download a DLL file.
CVE-1999-0999 1 Microsoft 1 Sql Server 2026-04-16 N/A
Microsoft SQL 7.0 server allows a remote attacker to cause a denial of service via a malformed TDS packet.
CVE-2004-1386 1 Tiki 1 Tikiwiki Cms\/groupware 2026-04-16 N/A
TikiWiki before 1.8.4.1 does not properly verify uploaded images, which could allow remote attackers to upload and execute arbitrary PHP scripts, a different vulnerability than CVE-2005-0200.