Search Results (364864 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1872 1 Webct 1 Webct 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in WebCT Campus Edition 4.1.1.5 allows remote attackers to inject arbitrary web script or HTML via the @import URL function in a CSS style tag.
CVE-1999-0795 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
The NIS+ rpc.nisd server allows remote attackers to execute certain RPC calls without authentication to obtain system information, disable logging, or modify caches.
CVE-2000-0008 1 1st Choice Software 1 Ftppro 2026-04-16 N/A
FTPPro allows local users to read sensitive information, which is stored in plain text.
CVE-2000-0010 1 Tony Greenwood 1 Webwho\+ 2026-04-16 N/A
WebWho+ whois.cgi program allows remote attackers to execute commands via shell metacharacters in the TLD parameter.
CVE-2004-0308 1 Cisco 1 Optical Networking Systems Software 2026-04-16 N/A
Unknown vulnerability in Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), ONS 15454 SD before 4.1(3), and Cisco ONS15600 before 1.3(0) allows a superuser whose account is locked out, disabled, or suspended to gain unauthorized access via a Telnet connection to the VxWorks shell.
CVE-2000-0020 1 Man And Mice 1 Dns Pro 2026-04-16 N/A
DNS PRO allows remote attackers to conduct a denial of service via a large number of connections.
CVE-2000-0023 1 Lotus 1 Domino Server 2026-04-16 N/A
Buffer overflow in Lotus Domino HTTP server allows remote attackers to cause a denial of service via a long URL.
CVE-2000-0025 1 Microsoft 3 Internet Information Server, Site Server, Site Server Commerce 2026-04-16 N/A
IIS 4.0 and Site Server 3.0 allow remote attackers to read source code for ASP files if the file is in a virtual directory whose name includes extensions such as .com, .exe, .sh, .cgi, or .dll, aka the "Virtual Directory Naming" vulnerability.
CVE-2004-1882 1 Cactusoft 1 Cactushop 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in popuplargeimage.asp in CactuShop 5.x allows remote attackers to inject arbitrary web script or HTML via the strImageTag parameter.
CVE-2004-2563 1 Serena Software 1 Serena Teamtrack 2026-04-16 N/A
Serena TeamTrack 6.1.1 allows remote attackers to obtain sensitive information such as user names, versions, and database information, and conduct cross-site scripting (XSS) attacks, via a direct request to tmtrack.dll with modified LoginPage and Template parameters.
CVE-2000-0032 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Solaris dmi_cmd allows local users to crash the dmispd daemon by adding a malformed file to the /var/dmi/db database.
CVE-2004-0321 1 Singularity Software 1 Team Factor 2026-04-16 N/A
Team Factor 1.25 and earlier allows remote attackers to cause a denial of service (crash) via a packet that uses a negative number to specify the size of the data block that follows, which causes Team Factor to read unallocated memory.
CVE-2000-0033 1 Trend Micro 1 Interscan Viruswall 2026-04-16 N/A
InterScan VirusWall SMTP scanner does not properly scan messages with malformed attachments.
CVE-1999-0807 1 Netscape 1 Directory Server 2026-04-16 N/A
The Netscape Directory Server installation procedure leaves sensitive information in a file that is accessible to local users.
CVE-2000-0043 1 Camshot 1 Webcam Http Server 2026-04-16 N/A
Buffer overflow in CamShot WebCam HTTP server allows remote attackers to execute commands via a long GET request.
CVE-1999-1366 1 David Harris 1 Pegasus Mail 2026-04-16 N/A
Pegasus e-mail client 3.0 and earlier uses weak encryption to store POP3 passwords in the pmail.ini file, which allows local users to easily decrypt the passwords and read e-mail.
CVE-2004-2712 1 Phrozensmoke 1 Gyach Enhanced 2026-04-16 N/A
Buffer overflow in Gyach Enhanced (Gyach-E) before 1.0.0-SneakPeek-3 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to "URL data."
CVE-1999-0571 2026-04-16 N/A
A router's configuration service or management interface (such as a web server or telnet) is configured to allow connections from arbitrary hosts.
CVE-1999-1361 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Windows NT 3.51 and 4.0 running WINS (Windows Internet Name Service) allows remote attackers to cause a denial of service (resource exhaustion) via a flood of malformed packets, which causes the server to slow down and fill the event logs with error messages.
CVE-2004-1799 1 Openbsd 1 Openbsd 2026-04-16 N/A
PF in certain OpenBSD versions, when stateful filtering is enabled, does not limit packets for a session to the original interface, which allows remote attackers to bypass intended packet filters via spoofed packets to other interfaces.