CVE & Exploit Intelligence Database

Updated 1h ago

Search and track vulnerabilities with real-time exploit intelligence. Cross-reference CVEs against public exploits from ExploitDB, Metasploit, GitHub, and Nuclei — with CVSS and EPSS scoring, CISA KEV monitoring, and AI-powered exploit analysis.

337,123 CVEs tracked 53,223 with exploits 4,686 exploited in wild 1,539 CISA KEV 3,912 Nuclei templates 37,757 vendors 42,429 researchers

13,470 results Clear all

CVE-2004-0978 EPSS 0.42

Internet Explorer <6 - Buffer Overflow

Heap-based buffer overflow in the Hrtbeat.ocx (Heartbeat) ActiveX control for Internet Explorer 5.01 through 6, when users who visit online gaming sites that are associated with MSN, allows remote attackers to execute arbitrary code via the SetupData parameter.

CWE-787 Feb 09, 2005

CVE-2004-1287 1 PoC Analysis EPSS 0.16

Nasm Netwide Assembler - Out-of-Bounds Write

Buffer overflow in the error function in preproc.c for NASM 0.98.38 1.2 allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2005-1194.

CWE-787 Jan 10, 2005

CVE-2004-1189 EPSS 0.00

MIT Kerberos 5 < 1.3.5 - Out-of-Bounds Write

The add_to_history function in svr_principal.c in libkadm5srv for MIT Kerberos 5 (krb5) up to 1.3.5, when performing a password change, does not properly track the password policy's history count and the maximum number of keys, which can cause an array index out-of-bounds error and may allow authenticated users to execute arbitrary code via a heap-based buffer overflow.

CWE-787 Dec 31, 2004

CVE-2004-0574 1 PoC Analysis EPSS 0.85

Microsoft Windows NT Server <4.0-2003 - RCE

The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an "unchecked buffer," leading to off-by-one and heap-based buffer overflows.

CWE-787 Nov 03, 2004

CVE-2004-0783 EPSS 0.28

gtk+ <2.4.4 - RCE

Stack-based buffer overflow in xpm_extract_color (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, may allow remote attackers to execute arbitrary code via a certain color string. NOTE: this identifier is ONLY for gtk+. It was incorrectly referenced in an advisory for a different issue (CVE-2004-0688).

CWE-787 Oct 20, 2004

CVE-2004-0488 EPSS 0.63

Apache mod_ssl - Buffer Overflow

Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN.

CWE-787 Jul 07, 2004

CVE-2004-0398 EPSS 0.05

Neon <0.24.5 - Buffer Overflow

Heap-based buffer overflow in the ne_rfc1036_parse date parsing function for the neon library (libneon) 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client.

CWE-787 Jul 07, 2004

CVE-2003-1396 1 PoC Analysis EPSS 0.04

Opera Browser < 7.10 - Out-of-Bounds Write

Heap-based buffer overflow in Opera 6.05 through 7.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a filename with a long extension.

CWE-787 Dec 31, 2003

CVE-2003-0870 1 PoC Analysis EPSS 0.12

Opera <7.11,7.20 - Buffer Overflow

Heap-based buffer overflow in Opera 7.11 and 7.20 allows remote attackers to execute arbitrary code via an HREF with a large number of escaped characters in the server name.

CWE-787 Nov 17, 2003

CVE-2002-2227 EPSS 0.02

Rtfm Ssldump < 0.9b2 - Out-of-Bounds Write

Buffer underflow in ssldump 0.9b2 and earlier allows remote attackers to cause a denial of service (memory corruption) via a crafted SSLv2 challenge value.

CWE-787 Dec 31, 2002

CVE & Exploit Intelligence Database

Investigate

Ecosystems

Reference Indexes

Recent Blog Posts

CVEForge Labs

KEV Gaps