Search Results (366011 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-1039 1 Sgi 1 Irix 2026-04-16 N/A
Vulnerability in (1) diskalign and (2) diskperf in IRIX 6.4 patches 2291 and 2848 allow a local user to create root-owned files leading to a root compromise.
CVE-2003-0405 1 Vignette 3 Content Suite, Storyserver, Vignette 2026-04-16 N/A
Vignette StoryServer 5 and Vignette V/6 allows remote attackers to execute arbitrary TCL code via (1) an HTTP query or cookie which is processed in the NEEDS command, or (2) an HTTP Referrer that is processed in the VALID_PATHS command.
CVE-1999-1041 1 Sco 2 Openserver, Unix 2026-04-16 N/A
Buffer overflow in mscreen on SCO OpenServer 5.0 and SCO UNIX 3.2v4 allows a local user to gain root access via (1) a long TERM environmental variable and (2) a long entry in the .mscreenrc file.
CVE-1999-1043 1 Microsoft 1 Exchange Server 2026-04-16 N/A
Microsoft Exchange Server 5.5 and 5.0 does not properly handle (1) malformed NNTP data, or (2) malformed SMTP data, which allows remote attackers to cause a denial of service (application error).
CVE-1999-1044 1 Digital 1 Unix 2026-04-16 N/A
Vulnerability in Advanced File System Utility (advfs) in Digital UNIX 4.0 through 4.0d allows local users to gain privileges.
CVE-2003-0407 1 Gnome 1 Batalla Naval 2026-04-16 N/A
Buffer overflow in gbnserver for Gnome Batalla Naval 1.0.4 allows remote attackers to execute arbitrary code via a long connection string.
CVE-1999-1045 1 Realnetworks 1 Realserver 2026-04-16 N/A
pnserver in RealServer 5.0 and earlier allows remote attackers to cause a denial of service by sending a short, malformed request.
CVE-1999-1046 1 Ipswitch 1 Imail 2026-04-16 N/A
Buffer overflow in IMonitor in IMail 5.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to port 8181.
CVE-1999-1047 1 Bsdi 1 Gauntlet 2026-04-16 N/A
When BSDI patches for Gauntlet 5.0 BSDI are installed in a particular order, Gauntlet allows remote attackers to bypass firewall access restrictions, and does not log the activities.
CVE-1999-1048 2 Debian, Redhat 2 Debian Linux, Linux 2026-04-16 N/A
Buffer overflow in bash 2.0.0, 1.4.17, and other versions allows local attackers to gain privileges by creating an extremely large directory name, which is inserted into the password prompt via the \w option in the PS1 environmental variable when another user changes into that directory.
CVE-1999-1050 1 Matt Wright 1 Formhandler.cgi 2026-04-16 N/A
Directory traversal vulnerability in Matt Wright FormHandler.cgi script allows remote attackers to read arbitrary files via (1) a .. (dot dot) in the reply_message_attach attachment parameter, or (2) by specifying the filename as a template.
CVE-2003-0409 1 Brs 1 Webweaver 2026-04-16 N/A
Buffer overflow in BRS WebWeaver 1.04 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP (1) POST or (2) HEAD request.
CVE-2004-1011 6 Carnegie Mellon University, Conectiva, Openpkg and 3 more 6 Cyrus Imap Server, Linux, Openpkg and 3 more 2026-04-16 N/A
Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015.
CVE-1999-1051 1 Matt Wright 1 Formhandler.cgi 2026-04-16 N/A
Default configuration in Matt Wright FormHandler.cgi script allows arbitrary directories to be used for attachments, and only restricts access to the /etc/ directory, which allows remote attackers to read arbitrary files via the reply_message_attach attachment parameter.
CVE-2006-4351 1 Oneorzero 1 Oneorzero 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in OneOrZero 1.6.4.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
CVE-1999-1053 2 Apache, Matt Wright 2 Http Server, Matt Wright Guestbook 2026-04-16 N/A
guestbook.pl cleanses user-inserted SSI commands by removing text between "<!--" and "-->" separators, which allows remote attackers to execute arbitrary commands when guestbook.pl is run on Apache 1.3.9 and possibly other versions, since Apache allows other closing sequences besides "-->".
CVE-1999-1054 1 Globetrotter 1 Flexlm 2026-04-16 N/A
The default configuration of FLEXlm license manager 6.0d, and possibly other versions, allows remote attackers to shut down the server via the lmdown command.
CVE-1999-1057 1 Digital 1 Vms 2026-04-16 N/A
VMS 4.0 through 5.3 allows local users to gain privileges via the ANALYZE/PROCESS_DUMP dcl command.
CVE-2006-4355 1 Drupal 1 Drupal Easylinks Module 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Drupal Easylinks Module (easylinks.module) 4.7 before 1.5.2.1 2006/08/19 12:02:27 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-1999-1058 1 Arcane Software 1 Vermillion Ftp Daemon 2026-04-16 N/A
Buffer overflow in Vermillion FTP Daemon VFTPD 1.23 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via several long CWD commands.