Search Results (365367 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0983 1 Ultraedit 1 Ultraedit-32 2026-04-16 N/A
UltraEdit uses weak encryption to record FTP passwords in the uedit32.ini file, which allows local users who can read the file to decrypt the passwords and gain privileges.
CVE-2001-1021 1 Progress 1 Ws Ftp Server 2026-04-16 N/A
Buffer overflows in WS_FTP 2.02 allow remote attackers to execute arbitrary code via long arguments to (1) DELE, (2) MDTM, (3) MLST, (4) MKD, (5) RMD, (6) RNFR, (7) RNTO, (8) SIZE, (9) STAT, (10) XMKD, or (11) XRMD.
CVE-2001-0997 1 Textor Webmasters Ltd. 1 Listrec.pl 2026-04-16 N/A
Textor Webmasters Ltd listrec.pl CGI program allows remote attackers to execute arbitrary commands via shell metacharacters in the TEMPLATE parameter.
CVE-2005-0544 1 Phpmyadmin 1 Phpmyadmin 2026-04-16 N/A
phpMyAdmin 2.6.1 allows remote attackers to obtain the full path of the server via direct requests to (1) sqlvalidator.lib.php, (2) sqlparser.lib.php, (3) select_theme.lib.php, (4) select_lang.lib.php, (5) relation_cleanup.lib.php, (6) header_meta_style.inc.php, (7) get_foreign.lib.php, (8) display_tbl_links.lib.php, (9) display_export.lib.php, (10) db_table_exists.lib.php, (11) charset_conversion.lib.php, (12) ufpdf.php, (13) mysqli.dbi.lib.php, (14) setup.php, or (15) cookie.auth.lib.php, which reveals the path in a PHP error message.
CVE-2001-1022 3 Gnu, Jgroff, Redhat 3 Groff, Jgroff, Linux 2026-04-16 N/A
Format string vulnerability in pic utility in groff 1.16.1 and other versions, and jgroff before 1.15, allows remote attackers to bypass the -S option and execute arbitrary commands via format string specifiers in the plot command.
CVE-2002-2087 1 Borland Software 1 Interbase 2026-04-16 N/A
Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_drop, (2) gds_lock_mgr, or (3) gds_inet_server.
CVE-2001-1023 1 Xcache Technologies 1 Xcache 2026-04-16 N/A
Xcache 2.1 allows remote attackers to determine the absolute path of web server documents by requesting a URL that is not cached by Xcache, which returns the full pathname in the Content-PageName header.
CVE-2004-1098 3 Mandrakesoft, Roaring Penguin, Suse 4 Mandrake Linux, Mandrake Linux Corporate Server, Mimedefang and 1 more 2026-04-16 N/A
MIMEDefang in MIME-tools 5.414 allows remote attackers to bypass virus scanning capabilities via an e-mail attachment with a virus that contains an empty boundary string in the Content-Type header.
CVE-2001-1028 1 Redhat 1 Linux 2026-04-16 N/A
Buffer overflow in ultimate_source function of man 1.5 and earlier allows local users to gain privileges.
CVE-2001-1036 2 Gnu, Slackware 2 Findutils, Slackware Linux 2026-04-16 N/A
GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows local users to gain privileges via an old formatted filename database (locatedb) that contains an entry with an out-of-range offset, which causes locate to write to arbitrary process memory.
CVE-2005-2337 2 Redhat, Yukihiro Matsumoto 2 Enterprise Linux, Ruby 2026-04-16 N/A
Ruby 1.6.x up to 1.6.8, 1.8.x up to 1.8.2, and 1.9.0 development up to 2005-09-01 allows attackers to bypass safe level and taint flag protections and execute disallowed code when Ruby processes a program through standard input (stdin).
CVE-2001-1087 1 Network Appliance 1 Netcache 2026-04-16 N/A
The default configuration of the config.http.tunnel.allow_ports option on NetCache devices is set to +all, which allows remote attackers to connect to arbitrary ports on remote systems behind the device.
CVE-2006-1763 1 Blursoft 1 Blur6ex 2026-04-16 N/A
Multiple SQL injection vulnerabilities in index.php in blur6ex 0.3.452 allows remote attackers to execute arbitrary SQL commands via the ID parameter in a (1) g_reply or (2) g_permaPost action to the blog shard (engine/shards/blog.php), or a (3) g_viewContent action to the content shard (engine/shards/content.php).
CVE-2001-1091 1 Netbsd 1 Netbsd 2026-04-16 N/A
The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges, which could allow local users to gain privileges via the RCMD_CMD environment variable.
CVE-2006-2574 1 Hp 1 Hp-ux 2026-04-16 N/A
Multiple unspecified vulnerabilities in Software Distributor in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allow local users to gain privileges via unspecified attack vectors.
CVE-2001-1092 1 Compaq 1 Tru64 2026-04-16 N/A
msgchk in Digital UNIX 4.0G and earlier allows a local user to read the first line of arbitrary files via a symlink attack on the .mh_profile file.
CVE-2005-2479 1 Pablo Software Solutions 1 Quick N Easy Ftp Server 2026-04-16 N/A
Quick 'n Easy FTP Server 3.0 allows remote attackers to cause a denial of service (application crash or CPU consumption) via a long USER command.
CVE-2006-3177 1 Bible Portal Project 1 Bible Portal Project 2026-04-16 N/A
PHP remote file inclusion vulnerability in Admin/rtf_parser.php in The Bible Portal Project 2.12 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the destination parameter.
CVE-2005-0574 1 Cupidsystems 1 Cis Webserver 2026-04-16 N/A
Directory traversal vulnerability in CIS WebServer 3.5.13 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the URL.
CVE-2001-1093 1 Compaq 1 Tru64 2026-04-16 N/A
Buffer overflow in msgchk in Digital UNIX 4.0G and earlier allows local users to execute arbitrary code via a long command line argument.