Search Results (364976 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-2598 1 Id Software 1 Quake Ii Server 2026-04-16 N/A
Quake II server before R1Q2, as used in multiple products, allows remote attackers to corrupt the server's client state data structure by exiting a session without a valid disconnect command, then reconnecting, which prevents a mod from being notified of changes in the client state. NOTE: the impact of this issue will vary depending on which mod is being used.
CVE-2004-2128 1 Brs 1 Webweaver 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in BRS WebWeaver 1.07 allows remote attackers to execute arbitrary script as other users via the query string to ISAPISkeleton.dll.
CVE-2001-0558 1 T. Hauck 1 Jana Web Server 2026-04-16 N/A
T. Hauck Jana Webserver 2.01 beta 1 and earlier allows a remote attacker to create a denial of service via a URL request which includes a MS-DOS device name (i.e. GET /aux HTTP/1.0).
CVE-2002-0349 1 Tiny Software 1 Tiny Personal Firewall 2026-04-16 N/A
Tiny Personal Firewall (TPF) 2.0.15, under certain configurations, will pop up an alert to the system even when the screen is locked, which could allow an attacker with physical access to the machine to hide activities or bypass access restrictions.
CVE-2001-0567 2 Redhat, Zope 2 Powertools, Zope 2026-04-16 N/A
Digital Creations Zope 2.3.2 and earlier allows a local attacker to gain additional privileges via the changing of ZClass permission mappings for objects and methods in the ZClass.
CVE-2001-1320 1 Pgp 1 Keyserver 2026-04-16 N/A
Network Associates PGP Keyserver 7.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via exceptional BER encodings (possibly buffer overflows), as demonstrated by the PROTOS LDAPv3 test suite.
CVE-2000-0980 1 Microsoft 4 Windows 95, Windows 98, Windows 98se and 1 more 2026-04-16 N/A
NMPI (Name Management Protocol on IPX) listener in Microsoft NWLink does not properly filter packets from a broadcast address, which allows remote attackers to cause a broadcast storm and flood the network.
CVE-2001-1326 1 Qualcomm 1 Eudora 2026-04-16 N/A
Eudora 5.1 allows remote attackers to execute arbitrary code when the "Use Microsoft Viewer" option is enabled and the "allow executables in HTML content" option is disabled, via an HTML email with a form that is activated from an image that the attacker spoofs as a link, which causes the user to execute the form and access embedded attachments.
CVE-2000-0981 1 Oracle 1 Mysql 2026-04-16 N/A
MySQL Database Engine uses a weak authentication method which leaks information that could be used by a remote attacker to recover the password.
CVE-2000-0987 1 Oracle 2 Internet Directory, Oracle8i 2026-04-16 N/A
Buffer overflow in oidldapd in Oracle 8.1.6 allow local users to gain privileges via a long "connect" command line parameter.
CVE-2000-0993 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2026-04-16 N/A
Format string vulnerability in pw_error function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd.
CVE-2000-0999 1 Openbsd 1 Openssh 2026-04-16 N/A
Format string vulnerabilities in OpenBSD ssh program (and possibly other BSD-based operating systems) allow attackers to gain root privileges.
CVE-2004-2138 1 Allwebscripts 1 Mysqlguest 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in AWSguest.php in AllWebScripts MySQLGuest allows remote attackers to inject arbitrary HTML and PHP code via the (1) Name, (2) Email, (3) Homepage or (4) Comments field.
CVE-2000-1001 1 Element N.v 1 Element Instantshop 2026-04-16 N/A
add_2_basket.asp in Element InstantShop allows remote attackers to modify price information via the "price" hidden form variable.
CVE-2004-2143 1 Mambo 1 Mambo Portal 2026-04-16 N/A
SQL injection vulnerability in the ReMOSitory Server add-on module to Mambo Portal 4.5.1 (1.09) and earlier allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in the com_remository option.
CVE-2000-0349 1 Sco 1 Unixware 2026-04-16 N/A
Vulnerability in the passthru driver in SCO UnixWare 7.1.0 allows an attacker to cause a denial of service.
CVE-2000-1005 1 Extropia 1 Extropia Webstore 2026-04-16 N/A
Directory traversal vulnerability in html_web_store.cgi and web_store.cgi CGI programs in eXtropia WebStore allows remote attackers to read arbitrary files via a .. (dot dot) attack on the page parameter.
CVE-2002-0284 1 Nullsoft 1 Winamp 2026-04-16 N/A
Winamp 2.78 and 2.77, when opening a wma file that requires a license, sends the full path of the Temporary Internet Files directory to the web page that is processing the license, which could allow malicious web servers to obtain the pathname.
CVE-2004-0871 1 Mozilla 1 Mozilla 2026-04-16 N/A
Mozilla does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka "Cross Security Boundary Cookie Injection."
CVE-2004-0872 1 Opera 1 Opera Browser 2026-04-16 N/A
Opera does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka "Cross Security Boundary Cookie Injection."