Search Results (364785 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-1525 1 Macromedia 1 Shockwave Flash Plugin 2026-04-16 N/A
Macromedia Shockwave before 6.0 allows a malicious webmaster to read a user's mail box and possibly access internal web servers via the GetNextText command on a Shockwave movie.
CVE-1999-1534 1 Knox Software 1 Arkeia 2026-04-16 N/A
Buffer overflow in (1) nlservd and (2) rnavc in Knox Software Arkeia backup product allows local users to obtain root access via a long HOME environmental variable.
CVE-2003-0579 1 Ibm 1 U2 Universe 2026-04-16 N/A
uvadmsh in IBM U2 UniVerse 10.0.0.9 and earlier trusts the user-supplied -uv.install command line option to find and execute the uv.install program, which allows local users to gain privileges by providing a pathname that is under control of the user.
CVE-1999-1536 1 Acushop 1 Salesbuilder 2026-04-16 N/A
.sbstart startup script in AcuShop Salesbuilder is world writable, which allows local users to gain privileges by appending commands to the file.
CVE-2003-0580 1 Ibm 1 U2 Universe 2026-04-16 N/A
Buffer overflow in uvadmsh in IBM U2 UniVerse 10.0.0.9 and earlier allows the uvadm user to execute arbitrary code via a long -uv.install command line argument.
CVE-1999-1537 1 Microsoft 1 Internet Information Server 2026-04-16 N/A
IIS 3.x and 4.x does not distinguish between pages requiring encryption and those that do not, which allows remote attackers to cause a denial of service (resource exhaustion) via SSL requests to the HTTPS port for normally unencrypted files, which will cause IIS to perform extra work to send the files over SSL.
CVE-1999-1541 1 Cactus Software 1 Shell-lock 2026-04-16 N/A
shell-lock in Cactus Software Shell Lock allows local users to read or modify decoded shell files before they are executed, via a symlink attack on a temporary file.
CVE-2003-0583 1 Tolis Group 1 Bru 2026-04-16 N/A
Buffer overflow in Backup and Restore Utility for Unix (BRU) 17.0 and earlier, when running setuid, allows local users to execute arbitrary code via a long command line argument.
CVE-1999-1549 1 Lynx Project 1 Lynx 2026-04-16 7.8 High
Lynx 2.x does not properly distinguish between internal and external HTML, which may allow a local attacker to read a "secure" hidden form value from a temporary file and craft a LYNXOPTIONS: URL that causes Lynx to modify the user's configuration file and execute commands.
CVE-2003-0586 1 Brooky 1 Estore 2026-04-16 N/A
Brooky eStore 1.0.1 through 1.0.2b allows remote attackers to obtain sensitive path information via a direct HTTP request to settings.inc.php.
CVE-1999-1550 1 F5 1 Tmos 2026-04-16 N/A
bigconf.conf in F5 BIG/ip 2.1.2 and earlier allows remote attackers to read arbitrary files by specifying the target file in the "file" parameter.
CVE-2003-0590 1 Splatt 1 Splatt Forum 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Splatt Forum allows remote attackers to insert arbitrary HTML and web script via the post icon (image_subject) field.
CVE-1999-1560 1 Tamu 1 Tiger 2026-04-16 N/A
Vulnerability in a script in Texas A&M University (TAMU) Tiger allows local users to execute arbitrary commands as the Tiger user, usually root.
CVE-1999-1564 1 Freebsd 1 Freebsd 2026-04-16 N/A
FreeBSD 3.2 and possibly other versions allows a local user to cause a denial of service (panic) with a large number accesses of an NFS v3 mounted directory from a large number of processes.
CVE-1999-1565 2 Debian, Earl Hood 2 Debian Linux, Man2html 2026-04-16 N/A
Man2html 2.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
CVE-2003-0592 2 Kde, Redhat 4 Konqueror, Konqueror Embedded, Enterprise Linux and 1 more 2026-04-16 N/A
Konqueror in KDE 3.1.3 and earlier (kdelibs) allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Konqueror to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.
CVE-1999-1566 1 Intel 1 Iparty 2026-04-16 N/A
Buffer overflow in iParty server 1.2 and earlier allows remote attackers to cause a denial of service (crash) by connecting to default port 6004 and sending repeated extended characters.
CVE-2003-0599 1 Phpgroupware 1 Phpgroupware 2026-04-16 N/A
Unknown vulnerability in the Virtual File System (VFS) capability for phpGroupWare 0.9.16preRC and versions before 0.9.14.004 with unknown implications, related to the VFS path being under the web document root.
CVE-1999-1567 1 Seapine Software 1 Testtrack 2026-04-16 N/A
Seapine Software TestTrack server allows a remote attacker to cause a denial of service (high CPU) via (1) TestTrackWeb.exe and (2) ttcgi.exe by connecting to port 99 and disconnecting without sending any data.
CVE-1999-1572 5 Debian, Freebsd, Mandrakesoft and 2 more 6 Debian Linux, Freebsd, Mandrake Linux and 3 more 2026-04-16 N/A
cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those files.