Search Results (364880 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0138 2026-04-16 N/A
A system has a distributed denial of service (DDOS) attack master, agent, or zombie installed, such as (1) Trinoo, (2) Tribe Flood Network (TFN), (3) Tribe Flood Network 2000 (TFN2K), (4) stacheldraht, (5) mstream, or (6) shaft.
CVE-2000-0139 1 True North 1 Internet Anywhere Mail Server 2026-04-16 N/A
Internet Anywhere POP3 Mail Server allows local users to cause a denial of service via a malformed RETR command.
CVE-2004-0401 1 Free Software Foundation Inc. 1 Libtasn1 2026-04-16 N/A
Unknown vulnerability in libtasn1 0.1.x before 0.1.2, and 0.2.x before 0.2.7, related to the DER parsing functions.
CVE-2004-2567 1 Recipants 1 Recipants 2026-04-16 N/A
Multiple SQL injection vulnerabilities in ReciPants 1.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) user id, (2) recipe id, (3) category id, and (4) other ID number fields.
CVE-1999-0931 1 Mediahouse Software 1 Statistics Server 2026-04-16 N/A
Buffer overflow in Mediahouse Statistics Server allows remote attackers to execute commands.
CVE-1999-0932 1 Mediahouse Software 1 Statistics Server 2026-04-16 N/A
Mediahouse Statistics Server allows remote attackers to read the administrator password, which is stored in cleartext in the ss.cfg file.
CVE-2004-2749 1 2wire 1 Homeportal 2026-04-16 N/A
Directory traversal vulnerability in wra/public/wralogin in 2Wire Gateway, possibly as used in HomePortal and other product lines, allows remote attackers to read arbitrary files via a .. (dot dot) in the return parameter. NOTE: this issue was reported as XSS, but this might be a terminology error.
CVE-2004-2750 1 Jbrowser 1 Jbrowser 2026-04-16 N/A
Directory traversal vulnerability in browser.php in JBrowser 1.0 through 2.1 allows remote attackers to read arbitrary files via the directory parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2004-2752 1 Postnuke Software Foundation 1 Postnuke 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the Downloads module in PostNuke up to 0.726, and possibly later versions, allows remote attackers to inject arbitrary HTML and web script via the ttitle parameter in a viewdownloaddetails action.
CVE-1999-0943 1 Openlink 1 Openlink 2026-04-16 N/A
Buffer overflow in OpenLink 3.2 allows remote attackers to gain privileges via a long GET request to the web configurator.
CVE-2000-0142 1 Netopia 1 Timbuktu Pro 2026-04-16 N/A
The authentication protocol in Timbuktu Pro 2.0b650 allows remote attackers to cause a denial of service via connections to port 407 and 1417.
CVE-1999-0944 2026-04-16 N/A
IBM WebSphere ikeyman tool uses weak encryption to store a password for a key database that is used for SSL connections.
CVE-2000-0144 1 Axis 1 700 Network Document Server 2026-04-16 N/A
Axis 700 Network Scanner does not properly restrict access to administrator URLs, which allows users to bypass the password protection via a .. (dot dot) attack.
CVE-2000-0151 1 Gnu 1 Make 2026-04-16 N/A
GNU make follows symlinks when it reads a Makefile from stdin, which allows other local users to execute commands.
CVE-2004-0425 1 Netegrity 1 Sideminder Affiliate Agent 2026-04-16 N/A
Heap-based buffer overflow in SiteMinder Affiliate Agent 4.x allows remote attackers to execute arbitrary code via a large SMPROFILE cookie.
CVE-1999-0951 1 Omnicron 1 Omnihttpd 2026-04-16 N/A
Buffer overflow in OmniHTTPd CGI program imagemap.exe allows remote attackers to execute commands.
CVE-1999-0959 1 Sgi 1 Irix 2026-04-16 N/A
IRIX startmidi program allows local users to modify arbitrary files via a symlink attack.
CVE-2000-0153 1 Microsoft 2 Frontpage, Personal Web Server 2026-04-16 N/A
FrontPage Personal Web Server (PWS) allows remote attackers to read files via a .... (dot dot) attack.
CVE-1999-0963 1 Freebsd 1 Freebsd 2026-04-16 N/A
FreeBSD mount_union command allows local users to gain root privileges via a symlink attack.
CVE-2001-1083 2 Icecast, Redhat 2 Icecast, Powertools 2026-04-16 N/A
Icecast 1.3.7, and other versions before 1.3.11 with HTTP server file streaming support enabled allows remote attackers to cause a denial of service (crash) via a URL that ends in . (dot), / (forward slash), or \ (backward slash).