Search Results (364870 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0984 1 Matts Whois 1 Matts Whois 2026-04-16 N/A
Matt's Whois program whois.cgi allows remote attackers to execute commands via shell metacharacters in the domain entry.
CVE-2003-0365 1 Icq Inc 1 Icqlite 2026-04-16 N/A
ICQLite 2003a creates the ICQ Lite directory with an ACE for "Full Control" privileges for Interactive Users, which allows local users to gain privileges as other users by replacing the executables with malicious programs.
CVE-1999-0982 1 Sun 2 Solaris, Web-based Enterprise Management 2026-04-16 N/A
The Sun Web-Based Enterprise Management (WBEM) installation script stores a password in plaintext in a world readable file.
CVE-1999-0976 1 Eric Allman 1 Sendmail 2026-04-16 N/A
Sendmail allows local users to reinitialize the aliases database via the newaliases command, then cause a denial of service by interrupting Sendmail.
CVE-2003-0358 3 Debian, Falconseye Project, Nethack 3 Debian Linux, Falconseye, Nethack 2026-04-16 N/A
Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges via a long -s command line option.
CVE-1999-0975 1 Microsoft 3 Windows 95, Windows 98, Windows Nt 2026-04-16 N/A
The Windows help system can allow a local user to execute commands as another user by editing a table of contents metafile with a .CNT extension and modifying the topic action to include the commands to be executed when the .hlp file is accessed.
CVE-1999-0974 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in Solaris snoop allows remote attackers to gain root privileges via GETQUOTA requests to the rpc.rquotad service.
CVE-2003-0356 2 Ethereal, Redhat 3 Ethereal, Enterprise Linux, Linux 2026-04-16 9.8 Critical
Multiple off-by-one vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) AIM, (2) GIOP Gryphon, (3) OSPF, (4) PPTP, (5) Quake, (6) Quake2, (7) Quake3, (8) Rsync, (9) SMB, (10) SMPP, and (11) TSP dissectors, which do not properly use the tvb_get_nstringz and tvb_get_nstringz0 functions.
CVE-1999-0967 1 Microsoft 3 Internet Explorer, Outlook Express, Windows Explorer 2026-04-16 N/A
Buffer overflow in the HTML library used by Internet Explorer, Outlook Express, and Windows Explorer via the res: local resource protocol.
CVE-1999-0964 1 Freebsd 1 Freebsd 2026-04-16 N/A
Buffer overflow in FreeBSD setlocale in the libc module allows attackers to execute arbitrary code via a long PATH_LOCALE environment variable.
CVE-1999-0961 1 Hp 1 Hp-ux 2026-04-16 N/A
HPUX sysdiag allows local users to gain root privileges via a symlink attack during log file creation.
CVE-1999-0960 1 Sgi 1 Irix 2026-04-16 N/A
IRIX cdplayer allows local users to create directories in arbitrary locations via a command line option.
CVE-1999-0958 1 Todd Miller 1 Sudo 2026-04-16 N/A
sudo 1.5.x allows local users to execute arbitrary commands via a .. (dot dot) attack.
CVE-1999-0957 1 Great Circle Associates 1 Majorcool 2026-04-16 N/A
MajorCool mj_key_cache program allows local users to modify files via a symlink attack.
CVE-1999-0953 1 Matt Wright 1 Wwwboard 2026-04-16 N/A
WWWBoard stores encrypted passwords in a password file that is under the web root and thus accessible by remote attackers.
CVE-1999-0950 1 Texas Imperial Software 1 Wftpd 2026-04-16 N/A
Buffer overflow in WFTPD FTP server allows remote attackers to gain root access via a series of MKD and CWD commands that create nested directories.
CVE-1999-0949 3 Sgi, Sun, Turbolinux 4 Irix, Solaris, Sunos and 1 more 2026-04-16 N/A
Buffer overflow in canuum program for Canna input system allows local users to gain root privileges.
CVE-1999-0947 1 An 1 An-httpd 2026-04-16 N/A
AN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, and envout.bat, which allow remote attackers to execute commands via shell metacharacters.
CVE-1999-0945 1 Microsoft 1 Exchange Server 2026-04-16 N/A
Buffer overflow in Internet Mail Service (IMS) for Microsoft Exchange 5.5 and 5.0 allows remote attackers to conduct a denial of service via AUTH or AUTHINFO commands.
CVE-1999-0938 1 University College London 1 Sdr 2026-04-16 N/A
MBone SDR Package allows remote attackers to execute commands via shell metacharacters in Session Initiation Protocol (SIP) messages.