Search Results (364989 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0028 1 Sgi 1 Irix 2026-04-16 N/A
root privileges via buffer overflow in login/scheme command on SGI IRIX systems.
CVE-1999-0027 1 Sgi 1 Irix 2026-04-16 N/A
root privileges via buffer overflow in eject command on SGI IRIX systems.
CVE-1999-0017 9 Caldera, Freebsd, Gnu and 6 more 11 Openlinux, Freebsd, Inet and 8 more 2026-04-16 N/A
FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.
CVE-2004-0999 1 Zgv 1 Zgv Image Viewer 2026-04-16 N/A
zgv 5.5.3 allows remote attackers to cause a denial of service (application crash via segmentation fault) via crafted multiple-image (animated) GIF images.
CVE-1999-0013 1 Ssh 1 Ssh 2026-04-16 8.4 High
Stolen credentials from SSH clients via ssh-agent program, allowing other local users to access remote accounts belonging to the ssh-agent user.
CVE-1999-0011 8 Data General, Ibm, Isc and 5 more 11 Dg Ux, Aix, Bind and 8 more 2026-04-16 5.4 Medium
Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.
CVE-1999-0005 2 Netscape, University Of Washington 2 Messaging Server, Imap 2026-04-16 N/A
Arbitrary command execution via IMAP buffer overflow in authenticate command.
CVE-1999-0002 3 Bsdi, Caldera, Redhat 3 Bsd Os, Openlinux, Linux 2026-04-16 N/A
Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems.
CVE-2004-0997 1 Linux 1 Linux Kernel 2026-04-16 N/A
Unspecified vulnerability in the ptrace MIPS assembly code in Linux kernel 2.4 before 2.4.17 allows local users to gain privileges via unknown vectors.
CVE-2005-3018 1 Apple 1 Safari 2026-04-16 N/A
Apple Safari allows remote attackers to cause a denial of service (application crash) via a crafted data:// URL.
CVE-2005-3017 1 Content2web 1 Content2web 2026-04-16 N/A
PHP file inclusion vulnerability in index.php in Content2Web 1.0.1 allows remote attackers to include arbitrary files via the show parameter, which can lead to resultant errors such as path disclosure, SQL error messages, and cross-site scripting (XSS).
CVE-2003-0026 2 Isc, Redhat 2 Dhcpd, Linux 2026-04-16 N/A
Multiple stack-based buffer overflows in the error handling routines of the minires library, as used in the NSUPDATE capability for ISC DHCPD 3.0 through 3.0.1RC10, allow remote attackers to execute arbitrary code via a DHCP message containing a long hostname.
CVE-2003-0025 1 Horde 1 Imp 2026-04-16 N/A
Multiple SQL injection vulnerabilities in IMP 2.2.8 and earlier allow remote attackers to perform unauthorized database activities and possibly gain privileges via certain database functions such as check_prefs() in db.pgsql, as demonstrated using mailbox.php3.
CVE-2003-0022 2 Redhat, Rxvt 3 Enterprise Linux, Linux, Rxvt 2026-04-16 N/A
The "screen dump" feature in rxvt 2.7.8 allows attackers to overwrite arbitrary files via a certain character escape sequence when it is echoed to a user's terminal, e.g. when the user views a file containing the malicious sequence.
CVE-2003-0013 1 Mozilla 1 Bugzilla 2026-04-16 N/A
The default .htaccess scripts for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x before 2.17.3 do not include filenames for backup copies of the localconfig file that are made from editors such as vi and Emacs, which could allow remote attackers to obtain a database password by directly accessing the backup file.
CVE-2003-0011 1 Microsoft 1 Isa Server 2026-04-16 N/A
Unknown vulnerability in the DNS intrusion detection application filter for Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service (blocked traffic to DNS servers) via a certain type of incoming DNS request that is not properly handled.
CVE-2006-4964 1 Maxdev 1 Md-pro 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in MAXdev MDPro 1.0.76 before 20060918 allows remote attackers to inject arbitrary web script or HTML via (1) vectors that bypass the XSS protection mechanisms of the pnVarCleanFromInput function, and (2) unspecified vectors related to the AntiCracker.
CVE-2003-0010 1 Microsoft 7 Windows 2000, Windows 2000 Terminal Services, Windows 98 and 4 more 2026-04-16 N/A
Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that enables a heap-based buffer overflow attack.
CVE-2006-4959 1 Sun 1 Secure Global Desktop 2026-04-16 N/A
Sun Secure Global Desktop (SSGD, aka Tarantella) before 4.3 allows remote attackers to obtain sensitive information, including hostnames, versions, and settings details, via unspecified vectors, possibly involving (1) taarchives.cgi, (2) ttaAuthentication.jsp, (3) ttalicense.cgi, (4) ttawlogin.cgi, (5) ttawebtop.cgi, (6) ttaabout.cgi, or (7) test-cgi. NOTE: This information is based upon a vague initial disclosure. Details will be updated as they become available.
CVE-2006-4955 1 Neosys 1 Neon Webmail 2026-04-16 N/A
Directory traversal vulnerability in the downloadfile servlet in Neon WebMail for Java before 5.08 allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the (1) savefolder and (2) savefilename parameters.