Search Results (363081 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0132 2 Hp, Sun 3 Hp-ux, Solaris, Sunos 2026-04-16 N/A
Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root access.
CVE-2000-0587 1 Glftpd 1 Glftpd 2026-04-16 N/A
The privpath directive in glftpd 1.18 allows remote attackers to bypass access restrictions for directories by using the file name completion capability.
CVE-2000-0589 1 Sawmill 1 Sawmill 2026-04-16 N/A
SawMill 5.0.21 uses weak encryption to store passwords, which allows attackers to easily decrypt the password and modify the SawMill configuration.
CVE-2000-0590 1 Cgi-world 1 Poll It 2026-04-16 N/A
Poll It 2.0 CGI script allows remote attackers to read arbitrary files by specifying the file name in the data_dir parameter.
CVE-2003-0816 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions by (1) using the NavigateAndFind method to load a file: URL containing Javascript, as demonstrated by NAFfileJPU, (2) using the window.open method to load a file: URL containing Javascript, as demonstrated using WsOpenFileJPU, (3) setting the href property in the base tag for the _search window, as demonstrated using WsBASEjpu, (4) loading the search window into an Iframe, as demonstrated using WsFakeSrc, (5) caching a javascript: URL in the browser history, then accessing that URL in the same frame as the target domain, as demonstrated using WsOpenJpuInHistory, NAFjpuInHistory, BackMyParent, BackMyParent2, and RefBack, aka the "Script URLs Cross Domain" vulnerability.
CVE-2000-0592 1 Sapporoworks 1 Sapporoworks Winproxy 2026-04-16 N/A
Buffer overflows in POP3 service in WinProxy 2.0 and 2.0.1 allow remote attackers to execute arbitrary commands via long USER, PASS, LIST, RETR, or DELE commands.
CVE-2003-0820 1 Microsoft 2 Word, Works 2026-04-16 N/A
Microsoft Word 97, 98(J), 2000, and 2002, and Microsoft Works Suites 2001 through 2004, do not properly check the length of the "Macro names" data value, which could allow remote attackers to execute arbitrary code via a buffer overflow attack.
CVE-1999-0311 1 Hp 1 Hp-ux 2026-04-16 N/A
fpkg2swpk in HP-UX allows local users to gain root access.
CVE-2000-0598 1 Fortech 1 Proxy\+ 2026-04-16 N/A
Fortech Proxy+ allows remote attackers to bypass access restrictions for to the administration service by redirecting their connections through the telnet proxy.
CVE-2000-0600 2 Netscape, Novell 2 Enterprise Server, Netware 2026-04-16 N/A
Netscape Enterprise Server in NetWare 5.1 allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed URL.
CVE-1999-1125 1 Oracle 1 Http Server 2026-04-16 N/A
Oracle Webserver 2.1 and earlier runs setuid root, but the configuration file is owned by the oracle account, which allows any local or remote attacker who obtains access to the oracle account to gain privileges or modify arbitrary files by modifying the configuration file.
CVE-2000-0605 1 Blackboard 1 Courseinfo 2026-04-16 N/A
Blackboard CourseInfo 4.0 stores the local and SQL administrator user names and passwords in cleartext in a registry key whose access control allows users to access the passwords.
CVE-1999-1205 1 Hp 1 Hp-ux 2026-04-16 N/A
nettune in HP-UX 10.01 and 10.00 is installed setuid root, which allows local users to cause a denial of service by modifying critical networking configuration information.
CVE-2000-0608 1 Netwin 2 Cwmail, Dmailweb 2026-04-16 N/A
NetWin dMailWeb and cwMail 2.6i and earlier allows remote attackers to cause a denial of service via a long POP parameter (pophost).
CVE-2000-0609 1 Netwin 2 Cwmail, Dmailweb 2026-04-16 N/A
NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to cause a denial of service via a long username parameter.
CVE-2000-0610 1 Netwin 2 Cwmail, Dmailweb 2026-04-16 N/A
NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to bypass authentication and use the server for mail relay via a username that contains a carriage return.
CVE-2003-0823 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Internet Explorer 6 SP1 and earlier allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by calling the window.moveBy method, aka HijackClick, a different vulnerability than CVE-2003-1027.
CVE-2000-0613 1 Cisco 1 Pix Firewall 2026-04-16 N/A
Cisco Secure PIX Firewall does not properly identify forged TCP Reset (RST) packets, which allows remote attackers to force the firewall to close legitimate connections.
CVE-2003-0826 1 Gnu 1 Lsh 2026-04-16 N/A
lsh daemon (lshd) does not properly return from certain functions in (1) read_line.c, (2) channel_commands.c, or (3) client_keyexchange.c when long input is provided, which could allow remote attackers to execute arbitrary code via a heap-based buffer overflow attack.
CVE-2004-1031 2 Gentoo, Thibault Godouet 2 Linux, Fcron 2026-04-16 N/A
fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to bypass access restrictions and load an arbitrary configuration file by starting an suid process and pointing the fcronsighup configuration file to a /proc entry that is owned by root but modifiable by the user, such as /proc/self/cmdline or /proc/self/environ.