Search Results (366508 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0059 1 Sgi 1 Irix 2026-04-16 7.3 High
IRIX fam service allows an attacker to obtain a list of all files on the server.
CVE-1999-0516 2026-04-16 N/A
An SNMP community name is guessable.
CVE-1999-0612 2 Gnu, Microsoft 4 Finger Service, Fingerd, Windows 2000 and 1 more 2026-04-16 N/A
A version of finger is running that exposes valid user information to any entity on the network.
CVE-1999-0669 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
The Eyedog ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy.
CVE-2006-3835 2 Apache, Redhat 4 Tomcat, Certificate System, Network Satellite and 1 more 2026-04-16 N/A
Apache Tomcat 5 before 5.5.17 allows remote attackers to list directories via a semicolon (;) preceding a filename with a mapped extension, as demonstrated by URLs ending with /;index.jsp and /;help.do.
CVE-1999-0671 1 Toxsoft 1 Nextftp 2026-04-16 N/A
Buffer overflow in ToxSoft NextFTP client through CWD command.
CVE-1999-0689 2 Cde, Sun 3 Cde, Solaris, Sunos 2026-04-16 N/A
The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack.
CVE-2006-2483 1 Lighthouse Development 1 Squirrelcart 2026-04-16 N/A
PHP remote file inclusion vulnerability in cart_content.php in Squirrelcart 2.2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cart_isp_root parameter.
CVE-2006-3836 1 Unidomedia 1 Chameleon Le 2026-04-16 N/A
Directory traversal vulnerability in index.php in UNIDOmedia Chameleon LE 1.203 and earlier, and possibly Chameleon PRO, allows remote attackers to read arbitrary files via the rmid parameter.
CVE-1999-0718 1 Ibm 1 Gina 2026-04-16 N/A
IBM GINA, when used for OS/2 domain authentication of Windows NT users, allows local users to gain administrator privileges by changing the GroupMapping registry key.
CVE-2006-2485 1 Quezza 1 Quezza Bb 2026-04-16 N/A
PHP remote file inclusion vulnerability in includes/class_template.php in Quezza 1.0 and earlier, and possibly 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the quezza_root_path parameter.
CVE-1999-0867 1 Microsoft 3 Commercial Internet System, Internet Information Server, Site Server 2026-04-16 N/A
Denial of service in IIS 4.0 via a flood of HTTP requests with malformed headers.
CVE-2002-1796 1 Hp 5 Chaivm Ezloader, Laserjet 4100, Laserjet 4500 and 2 more 2026-04-16 7.8 High
ChaiVM EZloader for HP color LaserJet 4500 and 4550 and HP LaserJet 4100 and 8150 does not properly verify JAR signatures for new services, which allows local users to load unauthorized Chai services.
CVE-2002-1801 1 Bizdesign 1 Imagefolio 2026-04-16 N/A
ImageFolio 2.23 through 2.27 allows remote attackers to obtain sensitive information via a nonexistent image category, which leaks the web root in the resulting error message.
CVE-2002-1802 1 Xoops 1 Xoops 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Xoops 1.0 RC3 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag when submitting news.
CVE-2002-1823 1 Lonerunner 1 Zeroo Http Server 2026-04-16 N/A
Buffer overflow in the HttpGetRequest function in Zeroo HTTP server 1.5 allows remote attackers to execute arbitrary code via a long HTTP request.
CVE-2006-2502 1 Cyrus 1 Imapd 2026-04-16 N/A
Stack-based buffer overflow in pop3d in Cyrus IMAPD (cyrus-imapd) 2.3.2, when the popsubfolders option is enabled, allows remote attackers to execute arbitrary code via a long USER command.
CVE-2002-1831 1 Microsoft 1 Msn Messenger 2026-04-16 N/A
Microsoft MSN Messenger Service 1.0 through 4.6 allows remote attackers to cause a denial of service (crash) via an invite request that contains hex-encoded spaces (%20) in the Invitation-Cookie field.
CVE-2004-0181 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The JFS file system code in Linux 2.4.x has an information leak in which in-memory data is written to the device for the JFS file system, which allows local users to obtain sensitive information by reading the raw device.
CVE-2000-1220 2 Redhat, Sgi 2 Linux, Irix 2026-04-16 N/A
The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file.