Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-1398 1 Sgi 1 Irix 2026-04-16 N/A
Vulnerability in xfsdump in SGI IRIX may allow local users to obtain root privileges via the bck.log log file, possibly via a symlink attack.
CVE-2002-2137 5 Alloy, D-link, Eusso and 2 more 5 Gl-2422ap-s, Dwl-900ap\+, Gl2422 Ap and 2 more 2026-04-16 N/A
GlobalSunTech Wireless Access Points (1) WISECOM GL2422AP-0T, and possibly OEM products such as (2) D-Link DWL-900AP+ B1 2.1 and 2.2, (3) ALLOY GL-2422AP-S, (4) EUSSO GL2422-AP, and (5) LINKSYS WAP11-V2.2, allow remote attackers to obtain sensitive information like WEP keys, the administrator password, and the MAC filter via a "getsearch" request to UDP port 27155.
CVE-2002-0632 1 Sgi 1 Irix 2026-04-16 N/A
Vulnerability in SGI BDS (Bulk Data Service) BDSPro 2.4 and earlier allows clients to read arbitrary files on a BDS server.
CVE-2002-1395 2 Debian, Redhat 3 Internet Message, Enterprise Linux, Linux 2026-04-16 N/A
Internet Message (IM) 141-18 and earlier uses predictable file and directory names, which allows local users to (1) obtain unauthorized directory permissions via a temporary directory used by impwagent, and (2) overwrite and create arbitrary files via immknmz.
CVE-1999-1481 1 National Science Foundation 1 Squid Web Proxy 2026-04-16 N/A
Squid 2.2.STABLE5 and below, when using external authentication, allows attackers to bypass access controls via a newline in the user/password pair.
CVE-1999-1489 1 Slackware 1 Slackware Linux 2026-04-16 N/A
Buffer overflow in TestChip function in XFree86 SuperProbe in Slackware Linux 3.1 allows local users to gain root privileges via a long -nopr argument.
CVE-1999-1558 1 Digital 2 Digital Openvms, Digital Openvms Axp 2026-04-16 N/A
Vulnerability in loginout in Digital OpenVMS 7.1 and earlier allows unauthorized access when external authentication is enabled.
CVE-2004-1164 1 Cisco 1 Cns Network Registrar 2026-04-16 N/A
The lock manager in Cisco CNS Network Registrar 6.0 through 6.1.1.3 allows remote attackers to cause a denial of service (process crash) via a certain "unexpected packet sequence."
CVE-2002-1496 1 Nulllogic 1 Null Httpd 2026-04-16 N/A
Heap-based buffer overflow in Null HTTP Server 0.5.0 and earlier allows remote attackers to execute arbitrary code via a negative value in the Content-Length HTTP header.
CVE-2002-1557 1 Cisco 1 Optical Networking Systems Software 2026-04-16 N/A
Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service (reset to TCC, TCC+, TCCi or XTC) via a malformed HTTP request that does not contain a leading / (slash) character.
CVE-2000-0090 1 Vmware 1 Workstation 2026-04-16 N/A
VMWare 1.1.2 allows local users to cause a denial of service via a symlink attack.
CVE-2002-0676 1 Apple 1 Mac Os X 2026-04-16 N/A
SoftwareUpdate for MacOS 10.1.x does not use authentication when downloading a software update, which could allow remote attackers to execute arbitrary code by posing as the Apple update server via techniques such as DNS spoofing or cache poisoning, and supplying Trojan Horse updates.
CVE-2000-0100 1 Microsoft 1 Systems Management Server 2026-04-16 N/A
The SMS Remote Control program is installed with insecure permissions, which allows local users to gain privileges by modifying or replacing the program.
CVE-2004-0633 4 Ethereal Group, Gentoo, Mandrakesoft and 1 more 5 Ethereal, Linux, Mandrake Linux and 2 more 2026-04-16 N/A
The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow.
CVE-2005-1166 1 Dameware Development 2 Dameware Nt Utilities, Miniremote Control 2026-04-16 N/A
The DNTUS26 process in Dameware NT Utilities and the DWRCS process in MiniRemote Control 4.9 and earlier stores the username and password in cleartext in memory, which could allow attackers to obtain sensitive information.
CVE-2002-0681 1 Goahead Software 1 Goahead Webserver 2026-04-16 N/A
Cross-site scripting vulnerability in GoAhead Web Server 2.1 allows remote attackers to execute script as other web users via script in a URL that generates a "404 not found" message, which does not quote the script.
CVE-2002-0682 1 Apache 1 Tomcat 2026-04-16 N/A
Cross-site scripting vulnerability in Apache Tomcat 4.0.3 allows remote attackers to execute script as other web users via script in a URL with the /servlet/ mapping, which does not filter the script when an exception is thrown by the servlet.
CVE-2000-0109 1 Comstock 1 Multicsp 2026-04-16 N/A
The mcsp Client Site Processor system (MultiCSP) in Standard and Poor's ComStock is installed with several accounts that have no passwords or easily guessable default passwords.
CVE-2000-1120 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in digest command in IBM AIX 4.3.x and earlier allows local users to execute arbitrary commands.
CVE-2002-0686 1 Iplanet 1 Iplanet Web Server 2026-04-16 N/A
Buffer overflow in the search component for iPlanet Web Server (iWS) 4.1 and Sun ONE Web Server 6.0 allows remote attackers to execute arbitrary code via a long argument to the NS-rel-doc-name parameter.