Search Results (366291 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0478 1 Sendmail 1 Sendmail 2026-04-16 N/A
Denial of service in HP-UX sendmail 8.8.6 related to accepting connections.
CVE-2004-2414 1 Novell 1 Netware 2026-04-16 N/A
Novell NetWare 6.5 SP 1.1, when installing or upgrading using the Overlay CDs and performing a custom installation with OpenSSH, includes sensitive password information in the (1) NIOUTPUT.TXT and (2) NI.LOG log files, which might allow local users to obtain the passwords.
CVE-1999-0595 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
A Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded.
CVE-1999-0746 2 Slackware, Suse 2 Slackware Linux, Suse Linux 2026-04-16 N/A
A default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a remote attacker to conduct a denial of service.
CVE-2005-1751 2 Redhat, Shtool 2 Enterprise Linux, Shtool 2026-04-16 N/A
Race condition in shtool 2.0.1 and earlier allows local users to create or modify arbitrary files via a symlink attack on the .shtool.$$ temporary file, a different vulnerability than CVE-2005-1759.
CVE-2005-1755 1 Php Poll Creator 1 Php Poll Creator 2026-04-16 N/A
PHP remote file inclusion vulnerability in poll_vote.php in PHP Poll Creator 1.01 allows remote attackers to execute arbitrary PHP code via the relativer_pfad parameter.
CVE-2004-2427 1 Axis 14 2100 Network Camera, 2110 Network Camera, 2120 Network Camera and 11 more 2026-04-16 N/A
Axis Network Camera 2.40 and earlier, and Video Server 3.12 and earlier, allows remote attackers to obtain sensitive information via direct requests to (1) admin/getparam.cgi, (2) admin/systemlog.cgi, (3) admin/serverreport.cgi, and (4) admin/paramlist.cgi, modify system information via (5) setparam.cgi and (6) factorydefault.cgi, or (7) cause a denial of service (reboot) via restart.cgi.
CVE-2004-2438 1 Php Fusion 1 Php Fusion 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in PHP-Fusion 4.01 allows remote attackers to inject arbitrary web script or HTML via the (1) Submit News, (2) Submit Link or (3) Submit Article field.
CVE-2004-2452 1 Hitachi 1 Cosminexus Portal Framework 2026-04-16 N/A
Unknown vulnerability in Hitachi Cosminexus Portal Framework 01-00, 01-01, 01-02, 02-01, 02-02, 02-03, and other versions allows remote attackers to obtain sensitive information in the <ut:cache> tag library.
CVE-2005-0989 3 Mozilla, Netscape, Redhat 4 Firefox, Mozilla, Navigator and 1 more 2026-04-16 N/A
The find_replen function in jsstr.c in the Javascript engine for Mozilla Suite 1.7.6, Firefox 1.0.1 and 1.0.2, and Netscape 7.2 allows remote attackers to read portions of heap memory in a Javascript string via the lambda replace method.
CVE-2004-2464 1 Ada 1 Imgsvr 2026-04-16 N/A
Directory traversal vulnerability in ADA Image Server (ImgSvr) 0.4 allows remote attackers to read arbitrary files or list directories via hex-encoded "..//" sequences ("%2e%2e%2f%2f"). NOTE: it was later reported that 0.6.21 and earlier is also affected.
CVE-2004-2466 1 Efs Software 1 Easy Chat Server 2026-04-16 N/A
chat.ghp in Easy Chat Server 1.2 allows remote attackers to cause a denial of service (server crash) via a long username parameter, possibly due to a buffer overflow. NOTE: it was later reported that 2.2 is also affected.
CVE-2005-0950 1 Faststone 1 4in1 Browser 2026-04-16 N/A
Directory traversal vulnerability in FastStone 4in1 Browser 1.2 allows remote attackers to read arbitrary files via a (1) ... (triple dot) or (2) ..\ (dot dot backslash) in the URL.
CVE-2005-1701 1 Portailphp 1 Portailphp 2026-04-16 N/A
SQL injection vulnerability in PortailPHP 1.3 allows remote attackers to execute arbitrary SQL commands via the id parameter to the (1) News, (2) File, (3) Liens, or (4) Faq modules.
CVE-2005-0946 1 Coinsoft Technologies 1 Phpcoin 2026-04-16 N/A
SQL injection vulnerability in phpCoin 1.2.1b and earlier allows remote attackers to execute arbitrary SQL commands via the (1) term/keywords field on the search page, (2) username or (3) e-mail field on the forgot password page, or (4) domain name on the ordering new package page.
CVE-2004-2224 1 Appfoundry 1 Message Foundry 2026-04-16 N/A
Appfoundry Message Foundry 2.75 .0003 allows remote attackers to cause a denial of service (crash) via an HTTP GET request that contains MS-DOS device names such as com1.
CVE-2004-2217 1 Ychat 1 Ychat 2026-04-16 N/A
Multiple unknown vulnerabilities in yhttpd in yChat before 0.7 allow remote attackers to cause a denial of service (segmentation fault) via unknown vectors.
CVE-2004-2213 1 Mbedthis Software 1 Mbedthis Appweb Http Server 2026-04-16 N/A
Mbedthis AppWeb HTTP server before 1.1.3 allows remote attackers to obtain the source code for scripts via a (1) trailing dot (".") or (2) trailing space in an HTTP request.
CVE-2006-4348 1 Kochsuite Component 1 Kochsuite Component 2026-04-16 N/A
PHP remote file inclusion vulnerability in config.kochsuite.php in the Kochsuite (com_kochsuite) 0.9.4 component for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVE-2004-2205 1 Symantec Veritas 1 Cluster Server 2026-04-16 N/A
Unknown vulnerability in Veritas Cluster Server 1.0.1 through 4.0 allows local users to gain root access via unspecified vectors.