Search Results (364862 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-1140 1 Alec Muffet 1 Cracklib 2026-04-16 N/A
Buffer overflow in CrackLib 2.5 may allow local users to gain root privileges via a long GECOS field.
CVE-2004-1733 1 Mydms 1 Mydms 2026-04-16 N/A
Directory traversal vulnerability in MyDMS 1.4.2 and other versions allows remote registered users to read arbitrary files via .. (dot dot) sequences in the URL.
CVE-1999-1143 1 Sgi 1 Irix 2026-04-16 N/A
Vulnerability in runtime linker program rld in SGI IRIX 6.x and earlier allows local users to gain privileges via setuid and setgid programs.
CVE-1999-1150 1 Livingston Portmaster 1 Portmaster 2026-04-16 N/A
Livingston Portmaster routers running ComOS use the same initial sequence number (ISN) for TCP connections, which allows remote attackers to conduct spoofing and hijack TCP sessions.
CVE-1999-1161 1 Hp 1 Hp-ux 2026-04-16 N/A
Vulnerability in ppl in HP-UX 10.x and earlier allows local users to gain root privileges by forcing ppl to core dump.
CVE-2004-0069 1 Hd Soft 1 Windows Ftp Server 2026-04-16 N/A
Format string vulnerability in HD Soft Windows FTP Server 1.6 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the username, which is processed by the wscanf function.
CVE-1999-1175 1 Cisco 1 Ios 2026-04-16 N/A
Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048.
CVE-1999-1182 6 Caldera, Debian, Delix and 3 more 6 Openlinux Lite, Debian Linux, Dld and 3 more 2026-04-16 N/A
Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error.
CVE-1999-1189 1 Netscape 2 Communicator, Navigator 2026-04-16 N/A
Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument after the ? character in a URL that references an .asp, .cgi, .html, or .pl file.
CVE-1999-1198 1 Next 1 Next 2026-04-16 N/A
BuildDisk program on NeXT systems before 2.0 does not prompt users for the root password, which allows local users to gain root privileges.
CVE-1999-1201 1 Microsoft 2 Windows 95, Windows 98 2026-04-16 N/A
Windows 95 and Windows 98 systems, when configured with multiple TCP/IP stacks bound to the same MAC address, allow remote attackers to cause a denial of service (traffic amplification) via a certain ICMP echo (ping) packet, which causes all stacks to send a ping response, aka TCP Chorusing.
CVE-2004-1752 1 Nakedsoft 1 Gaucho 2026-04-16 N/A
Stack-based buffer overflow in Gaucho 1.4 Build 145 allows remote attackers to execute arbitrary code via a POP3 email with a long Content-Type header.
CVE-1999-0384 1 Microsoft 6 Office, Outlook, Project and 3 more 2026-04-16 N/A
The Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0) can be used to read text from a user's clipboard when the user accesses documents with ActiveX content.
CVE-1999-0387 1 Microsoft 2 Windows 95, Windows 98 2026-04-16 N/A
A legacy credential caching mechanism used in Windows 95 and Windows 98 systems allows attackers to read plaintext network passwords.
CVE-1999-1238 1 Hp 1 Hp-ux 2026-04-16 N/A
Vulnerability in CORE-DIAG fileset in HP message catalog in HP-UX 9.05 and earlier allows local users to gain privileges.
CVE-2004-0088 1 Apple 1 Mac Os X 2026-04-16 N/A
The System Configuration subsystem in Mac OS 10.2.8 allows local users to modify network settings, a different vulnerability than CVE-2004-0087.
CVE-1999-1240 1 Gracenote 1 Cddbd 2026-04-16 N/A
Buffer overflow in cddbd CD database server allows remote attackers to execute arbitrary commands via a long log message.
CVE-1999-1245 1 Ucd-snmp 1 Ucd-snmp 2026-04-16 N/A
vacm ucd-snmp SNMP server, version 3.52, does not properly disable access to the public community string, which could allow remote attackers to obtain sensitive information.
CVE-2004-1756 1 Bea 1 Weblogic Server 2026-04-16 N/A
BEA WebLogic Server and WebLogic Express 8.1 SP2 and earlier, and 7.0 SP4 and earlier, when using 2-way SSL with a custom trust manager, may accept a certificate chain even if the trust manager rejects it, which allows remote attackers to spoof other users or servers.
CVE-2006-4038 1 Chaossoft 1 Gaestechaos 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in eintragen.php in GaesteChaos 0.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) gastname or (2) gastwohnort parameters.