Search Results (364887 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-1317 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Windows NT 4.0 SP4 and earlier allows local users to gain privileges by modifying the symbolic link table in the \?? object folder using a different case letter (upper or lower) to point to a different device.
CVE-2000-0494 1 Symantec Veritas 1 Volume Manager 2026-04-16 N/A
Veritas Volume Manager creates a world writable .server_pids file, which allows local users to add arbitrary commands into the file, which is then executed by the vmsa_server script.
CVE-2000-0495 1 Microsoft 1 Windows Media Services 2026-04-16 N/A
Microsoft Windows Media Encoder allows remote attackers to cause a denial of service via a malformed request, aka the "Malformed Windows Media Encoder Request" vulnerability.
CVE-2004-2578 1 Phpgroupware 1 Phpgroupware 2026-04-16 N/A
phpGroupWare before 0.9.16.002 transmits the (1) header admin and (2) setup passwords in plaintext via cookies, which allows remote attackers to sniff passwords.
CVE-2000-0498 1 Unify 1 Ewave Servletexec 2026-04-16 7.5 High
Unify eWave ServletExec allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case.
CVE-2000-0499 1 Bea 1 Weblogic Server 2026-04-16 7.5 High
The default configuration of BEA WebLogic 3.1.8 through 4.5.1 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case.
CVE-2000-0500 1 Bea 1 Weblogic Server 2026-04-16 N/A
The default configuration of BEA WebLogic 5.1.0 allows a remote attacker to view source code of programs by requesting a URL beginning with /file/, which causes the default servlet to display the file without further processing.
CVE-1999-1274 1 Ipass 1 Roamserver 2026-04-16 N/A
iPass RoamServer 3.1 creates temporary files with world-writable permissions.
CVE-2000-0501 1 Alt-n 1 Mdaemon 2026-04-16 N/A
Race condition in MDaemon 2.8.5.0 POP server allows local users to cause a denial of service by entering a UIDL command and quickly exiting the server.
CVE-2004-1990 1 Aldo Vargas 1 Aldos Web Server 2026-04-16 N/A
Aldo's Web Server (aweb) 1.5 allows remote attackers to gain sensitive information via an arbitrary character, which reveals the full path and the user running the aweb process, possibly due to a malformed request.
CVE-2004-1991 1 Aldostools 1 Aldo\'s Web Server 2026-04-16 N/A
Directory traversal vulnerability in Aldo's Web Server (aweb) 1.5 allows remote attackers to view arbitrary files via a .. (dot dot) in an HTTP GET request.
CVE-2000-0269 1 Gnu 1 Emacs 2026-04-16 N/A
Emacs 20 does not properly set permissions for a slave PTY device when starting a new subprocess, which allows local users to read or modify communications between Emacs and the subprocess.
CVE-2000-0252 1 Craig Dansie 1 Dansie Shopping Cart 2026-04-16 N/A
The dansie shopping cart application cart.pl allows remote attackers to execute commands via a shell metacharacters in a form variable.
CVE-2000-0248 1 Redhat 1 Linux 2026-04-16 N/A
The web GUI for the Linux Virtual Server (LVS) software in the Red Hat Linux Piranha package has a backdoor password that allows remote attackers to execute arbitrary commands.
CVE-2000-0247 1 Gnqs 1 Gnqs 2026-04-16 N/A
Unknown vulnerability in Generic-NQS (GNQS) allows local users to gain root privileges.
CVE-2000-0246 1 Microsoft 6 Commercial Internet System, Internet Information Server, Internet Information Services and 3 more 2026-04-16 N/A
IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the "Virtualized UNC Share" vulnerability.
CVE-2000-0244 1 Citrix 2 Metaframe, Winframe 2026-04-16 N/A
The Citrix ICA (Independent Computing Architecture) protocol uses weak encryption (XOR) for user authentication.
CVE-2000-0243 1 Analogx 1 Simpleserver Www 2026-04-16 N/A
AnalogX SimpleServer:WWW HTTP server 1.03 allows remote attackers to cause a denial of service via a short GET request to cgi-bin.
CVE-2000-0240 1 Vqsoft 1 Vqserver 2026-04-16 N/A
vqSoft vqServer program allows remote attackers to read arbitrary files via a /........../ in the URL, a variation of a .. (dot dot) attack.
CVE-1999-1107 1 Kde 1 Kde 2026-04-16 N/A
Buffer overflow in kppp in KDE allows local users to gain root access via a long PATH environmental variable.