Search Results (366877 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0150 2 Oracle, Redhat 3 Mysql, Enterprise Linux, Linux 2026-04-16 N/A
MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT * INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by modifying my.cnf.
CVE-1999-0481 1 Openbsd 1 Openbsd 2026-04-16 N/A
Denial of service in "poll" in OpenBSD.
CVE-2003-0152 1 Mozilla 1 Bonsai 2026-04-16 N/A
Unknown vulnerability in bonsai Mozilla CVS query tool allows remote attackers to execute arbitrary commands as the www-data user.
CVE-2004-0805 2 Mandrakesoft, Mpg123 3 Mandrake Linux, Mandrake Linux Corporate Server, Mpg123 2026-04-16 N/A
Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s allows remote attackers to execute arbitrary code via a certain (1) mp3 or (2) mp2 file.
CVE-1999-0482 1 Openbsd 1 Openbsd 2026-04-16 N/A
OpenBSD kernel crash through TSS handling, as caused by the crashme program.
CVE-2003-0153 1 Mozilla 1 Bonsai 2026-04-16 N/A
bonsai Mozilla CVS query tool leaks the absolute pathname of the tool in certain error messages generated by (1) cvslog.cgi, (2) cvsview2.cgi, or (3) multidiff.cgi.
CVE-1999-0486 1 Aol 1 Instant Messenger 2026-04-16 N/A
Denial of service in AOL Instant Messenger when a remote attacker sends a malicious hyperlink to the receiving client, potentially causing a system crash.
CVE-2003-0160 2 Redhat, Squirrelmail 2 Linux, Squirrelmail 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail before 1.2.11 allow remote attackers to inject arbitrary HTML code and steal information from a client's web browser.
CVE-1999-0496 1 Microsoft 1 Windows Nt 2026-04-16 N/A
A Windows NT 4.0 user can gain administrative rights by forcing NtOpenProcessToken to succeed regardless of the user's permissions, aka GetAdmin.
CVE-2004-0806 2 Cdrtools, Redhat 2 Cdrecord, Enterprise Linux 2026-04-16 N/A
cdrecord in the cdrtools package before 2.01, when installed setuid root, does not properly drop privileges before executing a program specified in the RSH environment variable, which allows local users to gain privileges.
CVE-1999-0498 2026-04-16 N/A
TFTP is not running in a restricted directory, allowing a remote attacker to access sensitive information such as password files.
CVE-1999-0501 2026-04-16 N/A
A Unix account has a guessable password.
CVE-2003-0161 5 Compaq, Hp, Redhat and 2 more 11 Tru64, Hp-ux, Hp-ux Series 700 and 8 more 2026-04-16 N/A
The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337.
CVE-2005-0773 1 Symantec Veritas 1 Backup Exec 2026-04-16 N/A
Stack-based buffer overflow in VERITAS Backup Exec Remote Agent 9.0 through 10.0 for Windows, and 9.0.4019 through 9.1.307 for Netware allows remote attackers to execute arbitrary code via a CONNECT_CLIENT_AUTH request with authentication method type 3 (Windows credentials) and a long password argument.
CVE-1999-0503 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
A Windows NT local user or administrator account has a guessable password.
CVE-2003-0166 1 Php 1 Php 2026-04-16 N/A
Integer signedness error in emalloc() function for PHP before 4.3.2 allow remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via negative arguments to functions such as (1) socket_recv, (2) socket_recvfrom, and possibly other functions.
CVE-1999-0508 2026-04-16 N/A
An account on a router, firewall, or other network device has a default, null, blank, or missing password.
CVE-2003-0167 1 Mutt 1 Mutt 2026-04-16 N/A
Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and earlier, and Balsa 1.2.4 and earlier, allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a specially crafted mail folder, a different vulnerability than CVE-2003-0140.
CVE-1999-0510 2026-04-16 N/A
A router or firewall allows source routed packets from arbitrary hosts.
CVE-1999-0515 2026-04-16 N/A
An unrestricted remote trust relationship for Unix systems has been set up, e.g. by using a + sign in /etc/hosts.equiv.