Search Results (364862 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0407 1 Gnome 1 Batalla Naval 2026-04-16 N/A
Buffer overflow in gbnserver for Gnome Batalla Naval 1.0.4 allows remote attackers to execute arbitrary code via a long connection string.
CVE-1999-1045 1 Realnetworks 1 Realserver 2026-04-16 N/A
pnserver in RealServer 5.0 and earlier allows remote attackers to cause a denial of service by sending a short, malformed request.
CVE-1999-1046 1 Ipswitch 1 Imail 2026-04-16 N/A
Buffer overflow in IMonitor in IMail 5.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to port 8181.
CVE-1999-1047 1 Bsdi 1 Gauntlet 2026-04-16 N/A
When BSDI patches for Gauntlet 5.0 BSDI are installed in a particular order, Gauntlet allows remote attackers to bypass firewall access restrictions, and does not log the activities.
CVE-1999-1048 2 Debian, Redhat 2 Debian Linux, Linux 2026-04-16 N/A
Buffer overflow in bash 2.0.0, 1.4.17, and other versions allows local attackers to gain privileges by creating an extremely large directory name, which is inserted into the password prompt via the \w option in the PS1 environmental variable when another user changes into that directory.
CVE-1999-1050 1 Matt Wright 1 Formhandler.cgi 2026-04-16 N/A
Directory traversal vulnerability in Matt Wright FormHandler.cgi script allows remote attackers to read arbitrary files via (1) a .. (dot dot) in the reply_message_attach attachment parameter, or (2) by specifying the filename as a template.
CVE-2003-0409 1 Brs 1 Webweaver 2026-04-16 N/A
Buffer overflow in BRS WebWeaver 1.04 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP (1) POST or (2) HEAD request.
CVE-2004-1011 6 Carnegie Mellon University, Conectiva, Openpkg and 3 more 6 Cyrus Imap Server, Linux, Openpkg and 3 more 2026-04-16 N/A
Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015.
CVE-1999-1051 1 Matt Wright 1 Formhandler.cgi 2026-04-16 N/A
Default configuration in Matt Wright FormHandler.cgi script allows arbitrary directories to be used for attachments, and only restricts access to the /etc/ directory, which allows remote attackers to read arbitrary files via the reply_message_attach attachment parameter.
CVE-2006-4351 1 Oneorzero 1 Oneorzero 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in OneOrZero 1.6.4.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
CVE-1999-1053 2 Apache, Matt Wright 2 Http Server, Matt Wright Guestbook 2026-04-16 N/A
guestbook.pl cleanses user-inserted SSI commands by removing text between "<!--" and "-->" separators, which allows remote attackers to execute arbitrary commands when guestbook.pl is run on Apache 1.3.9 and possibly other versions, since Apache allows other closing sequences besides "-->".
CVE-1999-1054 1 Globetrotter 1 Flexlm 2026-04-16 N/A
The default configuration of FLEXlm license manager 6.0d, and possibly other versions, allows remote attackers to shut down the server via the lmdown command.
CVE-1999-1057 1 Digital 1 Vms 2026-04-16 N/A
VMS 4.0 through 5.3 allows local users to gain privileges via the ANALYZE/PROCESS_DUMP dcl command.
CVE-2006-4355 1 Drupal 1 Drupal Easylinks Module 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Drupal Easylinks Module (easylinks.module) 4.7 before 1.5.2.1 2006/08/19 12:02:27 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-1999-1058 1 Arcane Software 1 Vermillion Ftp Daemon 2026-04-16 N/A
Buffer overflow in Vermillion FTP Daemon VFTPD 1.23 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via several long CWD commands.
CVE-1999-1059 1 Att 1 Svr4 2026-04-16 N/A
Vulnerability in rexec daemon (rexecd) in AT&T TCP/IP 4.0 for various SVR4 systems allows remote attackers to execute arbitrary commands.
CVE-1999-1061 1 Hp 1 Jetdirect 2026-04-16 N/A
HP Laserjet printers with JetDirect cards, when configured with TCP/IP, can be configured without a password, which allows remote attackers to connect to the printer and change its IP address or disable logging.
CVE-2006-4358 1 Dieselscripts 1 Diesel Pay 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in Diesel Pay allows remote attackers to inject arbitrary web script or HTML via the read parameter.
CVE-1999-1062 1 Hp 1 Jetdirect 2026-04-16 N/A
HP Laserjet printers with JetDirect cards, when configured with TCP/IP, allow remote attackers to bypass print filters by directly sending PostScript documents to TCP ports 9099 and 9100.
CVE-1999-1064 1 Windowmaker 1 Windowmaker 2026-04-16 N/A
Multiple buffer overflows in WindowMaker 0.52 through 0.60.0 allow attackers to cause a denial of service and possibly execute arbitrary commands by executing WindowMaker with a long program name (argv[0]).