Search Results (2501 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1318 1 Qualcomm 1 Eudora Worldmail Server 2026-04-16 N/A
Vulnerabilities in Qualcomm Eudora WorldMail Server may allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.
CVE-2000-0442 2 Qualcomm, Sun 3 Qpopper, Cobalt Raq 2, Cobalt Raq 3i 2026-04-16 N/A
Qpopper 2.53 and earlier allows local users to gain privileges via a formatting string in the From: header, which is processed by the euidl command.
CVE-2003-0336 1 Qualcomm 1 Eudora 2026-04-16 N/A
Qualcomm Eudora 5.2.1 allows remote attackers to read arbitrary files via an email message with a carriage return (CR) character in a spoofed "Attachment Converted:" string, which is not properly handled by Eudora.
CVE-2005-4267 1 Qualcomm 1 Worldmail 2026-04-16 N/A
Stack-based buffer overflow in Qualcomm WorldMail 3.0 allows remote attackers to execute arbitrary code via a long IMAP command that ends with a "}" character, as demonstrated using long (1) LIST, (2) LSUB, (3) SEARCH TEXT, (4) STATUS INBOX, (5) AUTHENTICATE, (6) FETCH, (7) SELECT, and (8) COPY commands.
CVE-1999-0006 1 Qualcomm 1 Qpopper 2026-04-16 9.8 Critical
Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows remote attackers to gain root access using a long PASS command.
CVE-2001-1326 1 Qualcomm 1 Eudora 2026-04-16 N/A
Eudora 5.1 allows remote attackers to execute arbitrary code when the "Use Microsoft Viewer" option is enabled and the "allow executables in HTML content" option is disabled, via an HTML email with a form that is activated from an image that the attacker spoofs as a link, which causes the user to execute the form and access embedded attachments.
CVE-2001-0677 1 Qualcomm 1 Eudora 2026-04-16 N/A
Eudora 5.0.2 allows a remote attacker to read arbitrary files via an email with the path of the target file in the "Attachment Converted" MIME header, which sends the file when the email is forwarded to the attacker by the user.
CVE-2002-0833 1 Qualcomm 1 Eudora 2026-04-16 N/A
Buffer overflow in Eudora 5.1.1 and 5.0-J for Windows, and possibly other versions, allows remote attackers to execute arbitrary code via a multi-part message with a long boundary string.
CVE-2002-0454 1 Qualcomm 1 Qpopper 2026-04-16 N/A
Qpopper (aka in.qpopper or popper) 4.0.3 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a very large string, which causes an infinite loop.
CVE-2000-0096 1 Qualcomm 1 Qpopper 2026-04-16 N/A
Buffer overflow in qpopper 3.0 beta versions allows local users to gain privileges via a long LIST command.
CVE-2003-0376 1 Qualcomm 1 Eudora 2026-04-16 N/A
Buffer overflow in Eudora 5.2.1 allows remote attackers to cause a denial of service (crash and failed restart) and possibly execute arbitrary code via an Attachment Converted argument with a large number of . (dot) characters.
CVE-2003-0143 1 Qualcomm 1 Qpopper 2026-04-16 N/A
The pop_msg function in qpopper 4.0.x before 4.0.5fc2 does not null terminate a message buffer after a call to Qvsnprintf, which could allow authenticated users to execute arbitrary code via a buffer overflow in a mdef command with a long macro name.
CVE-2002-1770 1 Qualcomm 1 Eudora 2026-04-16 N/A
Qualcomm Eudora 5.1 allows remote attackers to execute arbitrary code via an HTML e-mail message that uses a file:// URL in a t:video tag to reference an attached Windows Media Player file containing JavaScript code, which is launched and executed in the My Computer zone by Internet Explorer.
CVE-2005-3098 1 Qualcomm 1 Qpopper 2026-04-16 N/A
poppassd in Qualcomm qpopper 4.0.8 allows local users to modify arbitrary files and gain privileges via the -t (trace file) command line argument.
CVE-2002-1210 1 Qualcomm 1 Eudora 2026-04-16 N/A
Qualcomm Eudora 5.1.1, 5.2, and possibly other versions stores email attachments in a predictable location, which allows remote attackers to read arbitrary files via a link that loads an attachment with malicious script into a frame, which then executes the script in the local browser context.
CVE-2004-2301 1 Qualcomm 1 Eudora 2026-04-16 N/A
Eudora before 6.1.1 allows remote attackers to cause a denial of service (crash) via an e-mail with a long "To:" field, possibly due to a buffer overflow.
CVE-2004-1944 1 Qualcomm 1 Eudora 2026-04-16 N/A
Eudora 6.1 and 6.0.3 for Windows allows remote attackers to cause a denial of service (crash) via a deeply nested multipart MIME message.
CVE-1999-0822 1 Qualcomm 1 Qpopper 2026-04-16 N/A
Buffer overflow in Qpopper (qpop) 3.0 allows remote root access via AUTH command.
CVE-2006-0637 1 Qualcomm 1 Eudora Worldmail 2026-04-16 N/A
Buffer overflow in cram.dll in QUALCOMM Eudora WorldMail 3.0 allows remote attackers to execute arbitrary code via an IMAP APPEND command with a long message literal argument, as demonstrated by Worldmail.pl. NOTE: this is a different vector and a different manipulation than CVE-2005-4267, so it might be a different vulnerability than CVE-2005-4267.
CVE-2004-1521 1 Qualcomm 1 Eudora 2026-04-16 N/A
Eudora 6.2.0.14 does not issue a warning when a user forwards an e-mail message that contains base64 or quoted-printable encoded attachments, which makes it easier for remote attackers to read arbitrary files via spoofed "Converted" headers.