Search Results (364883 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0510 1 Sco 1 Openserver 2026-04-16 N/A
Multiple buffer overflows in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to execute arbitrary code, as demonstrated via the execmail program.
CVE-2004-1930 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the cookiedecode function in mainfile.php for PHP-Nuke 6.x through 7.2, when themes are used, allows remote attackers to inject arbitrary web script or HTML via a base64-encoded user parameter or cookie.
CVE-2004-0504 3 Ethereal Group, Redhat, Sgi 3 Ethereal, Enterprise Linux, Propack 2026-04-16 N/A
Ethereal 0.10.3 allows remote attackers to cause a denial of service (crash) via certain SIP messages between Hotsip servers and clients.
CVE-2001-1122 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Windows NT 4.0 SP 6a allows a local user with write access to winnt/system32 to cause a denial of service (crash in lsass.exe) by running the NT4ALL exploit program in 'SPECIAL' mode.
CVE-2004-0355 1 Invision Power Services 1 Invision Board 2026-04-16 N/A
Invision Power Board 1.3 Final allows remote attackers to gain sensitive information by selecting a file for "Personal Photo" that is not an image file, which displays the installation path in an error message.
CVE-2002-0987 1 Caldera 2 Openunix, Unixware 2026-04-16 N/A
X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1 does not drop privileges before calling programs such as xkbcomp using popen, which could allow local users to gain privileges.
CVE-2002-1340 1 Microsoft 1 Office Web Components 2026-04-16 N/A
The "ConnectionFile" property in the DataSourceControl component in Office Web Components (OWC) 10 allows remote attackers to determine the existence of local files by detecting an exception.
CVE-2002-1364 1 Ehud Gavron 1 Tracesroute 2026-04-16 N/A
Buffer overflow in the get_origin function in traceroute-nanog allows attackers to execute arbitrary code via long WHOIS responses.
CVE-1999-0858 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 5 allows a remote attacker to modify the IE client's proxy configuration via a malicious Web Proxy Auto-Discovery (WPAD) server.
CVE-2006-0743 1 Apache 1 Log4net 2026-04-16 N/A
Format string vulnerability in LocalSyslogAppender in Apache log4net 1.2.9 might allow remote attackers to cause a denial of service (memory corruption and termination) via unknown vectors.
CVE-1999-0859 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly.
CVE-2006-1952 1 Winagents 1 Tftp Server 2026-04-16 N/A
Directory traversal vulnerability in WinAgents TFTP Server for Windows 3.1 and earlier allows remote attackers to read arbitrary files via "..." (triple dot) sequences in a GET request.
CVE-2000-0089 1 Microsoft 1 Windows Nt 2026-04-16 N/A
The rdisk utility in Microsoft Terminal Server Edition and Windows NT 4.0 stores registry hive information in a temporary file with permissions that allow local users to read it, aka the "RDISK Registry Enumeration File" vulnerability.
CVE-2000-0091 1 Inter7 1 Vpopmail 2026-04-16 N/A
Buffer overflow in vchkpw/vpopmail POP authentication package allows remote attackers to gain root privileges via a long username or password.
CVE-2000-0101 1 Make-a-store 1 Orderpage 2026-04-16 N/A
The Make-a-Store OrderPage shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.
CVE-2000-0106 1 Easycart 1 Easycart 2026-04-16 N/A
The EasyCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.
CVE-2004-0374 1 Interchange Development Group 1 Interchange 2026-04-16 N/A
Interchange before 5.0.1 allows remote attackers to "expose the content of arbitrary variables" and read or modify sensitive SQL information via an HTTP request ending with the "__SQLUSER__" string.
CVE-2000-0116 1 Checkpoint 1 Firewall-1 2026-04-16 N/A
Firewall-1 does not properly filter script tags, which allows remote attackers to bypass the "Strip Script Tags" restriction by including an extra < in front of the SCRIPT tag.
CVE-2004-1917 1 Lcdproc 1 Lcdproc 2026-04-16 N/A
Format string vulnerability in test_func_func in LCDProc 0.4.1 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the str variable.
CVE-2004-0381 3 Mysql, Oracle, Redhat 3 Mysql, Mysql, Enterprise Linux 2026-04-16 N/A
mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file.