Search Results (364862 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0411 2 Microsoft, Oracle 3 Windows 2000, Windows Xp, Sun One Application Server 2026-04-16 7.5 High
Sun ONE Application Server 7.0 for Windows 2000/XP allows remote attackers to obtain JSP source code via a request that uses the uppercase ".JSP" extension instead of the lowercase .jsp extension.
CVE-1999-1065 1 Palm Pilot 1 Hotsync Manager 2026-04-16 N/A
Palm Pilot HotSync Manager 3.0.4 in Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to port 14238 while the manager is in network mode.
CVE-1999-1068 1 Oracle 1 Http Server 2026-04-16 N/A
Oracle Webserver 2.1, when serving PL/SQL stored procedures, allows remote attackers to cause a denial of service via a long HTTP GET request.
CVE-2003-0412 1 Sun 1 One Application Server 2026-04-16 N/A
Sun ONE Application Server 7.0 for Windows 2000/XP does not log the complete URI of a long HTTP request, which could allow remote attackers to hide malicious activities.
CVE-1999-1070 1 Xylogics 1 Annex 2026-04-16 N/A
Buffer overflow in ping CGI program in Xylogics Annex terminal service allows remote attackers to cause a denial of service via a long query parameter.
CVE-1999-1071 1 Excite 1 Ews 2026-04-16 N/A
Excite for Web Servers (EWS) 1.1 installs the Architext.conf authentication file with world-writeable permissions, which allows local users to gain access to Excite accounts by modifying the file.
CVE-1999-1072 1 Excite 1 Ews 2026-04-16 N/A
Excite for Web Servers (EWS) 1.1 allows local users to gain privileges by obtaining the encrypted password from the world-readable Architext.conf authentication file and replaying the encrypted password in an HTTP request to AT-generated.cgi or AT-admin.cgi.
CVE-2006-0686 1 Virtual Hosting Control System 1 Virtual Hosting Control System 2026-04-16 N/A
add_user.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier does not check user privileges when adding a new administrative user, which allows remote attackers to gain unauthorized access.
CVE-1999-1074 1 Webmin 1 Webmin 2026-04-16 N/A
Webmin before 0.5 does not restrict the number of invalid passwords that are entered for a valid username, which could allow remote attackers to gain privileges via brute force password cracking.
CVE-2006-4367 1 All Topics 1 All Topics Hack 2026-04-16 N/A
SQL injection vulnerability in alltopics.php in the All Topics Hack 1.5.0 and earlier for phpBB 2.0.21 allows remote attackers to execute arbitrary SQL commands via the start parameter.
CVE-1999-1076 1 Apple 1 Macos 2026-04-16 N/A
Idle locking function in MacOS 9 allows local users to bypass the password protection of idled sessions by selecting the "Log Out" option and selecting a "Cancel" option in the dialog box for an application that attempts to verify that the user wants to log out, which returns the attacker into the locked session.
CVE-1999-1079 1 Ibm 1 Aix 2026-04-16 N/A
Vulnerability in ptrace in AIX 4.3 allows local users to gain privileges by attaching to a setgid program.
CVE-2003-0413 1 Sun 1 One Application Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the webapps-simple sample application for (1) Sun ONE Application Server 7.0 for Windows 2000/XP or (2) Sun Java System Web Server 6.1 allows remote attackers to insert arbitrary web script or HTML via an HTTP request that generates an "Invalid JSP file" error, which inserts the text in the resulting error message.
CVE-1999-1080 1 Sun 1 Sunos 2026-04-16 N/A
rmmount in SunOS 5.7 may mount file systems without the nosuid flag set, contrary to the documentation and its use in previous versions of SunOS, which could allow local users with physical access to gain root privileges by mounting a floppy or CD-ROM that contains a setuid program and running volcheck, when the file systems do not have the nosuid option specified in rmmount.conf.
CVE-1999-1081 1 Novell 1 Web Server 2026-04-16 N/A
Vulnerability in files.pl script in Novell WebServer Examples Toolkit 2 allows remote attackers to read arbitrary files.
CVE-2003-0423 1 Apple 1 Darwin Streaming Server 2026-04-16 N/A
parse_xml.cgi in Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote attackers to obtain the source code for parseable files via the filename parameter.
CVE-1999-1083 1 T. Hauck 1 Jana Web Server 2026-04-16 N/A
Directory traversal vulnerability in Jana proxy web server 1.45 allows remote attackers to ready arbitrary files via a .. (dot dot) attack.
CVE-2003-0425 1 Apple 1 Darwin Streaming Server 2026-04-16 N/A
Directory traversal vulnerability in Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to read arbitrary files via a ... (triple dot) in an HTTP request.
CVE-1999-1090 1 Ncsa 1 Telnet 2026-04-16 N/A
The default configuration of NCSA Telnet package for Macintosh and PC enables FTP, even though it does not include an "ftp=yes" line, which allows remote attackers to read and modify arbitrary files.
CVE-1999-1095 2 Redhat, Slackware 2 Linux, Slackware Linux 2026-04-16 N/A
sort creates temporary files and follows symbolic links, which allows local users to modify arbitrary files that are writable by the user running sort, as observed in updatedb and other programs that use sort.