Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0760 1 Allaire 1 Coldfusion Server 2026-04-16 N/A
Undocumented ColdFusion Markup Language (CFML) tags and functions in the ColdFusion Administrator allow users to gain additional privileges.
CVE-1999-0771 1 Compaq 2 Insight Management Agent, Power Management 2026-04-16 N/A
The web components of Compaq Management Agents and the Compaq Survey Utility allow a remote attacker to read arbitrary files via a .. (dot dot) attack.
CVE-2003-0097 1 Php 1 Php 2026-04-16 N/A
Unknown vulnerability in CGI module for PHP 4.3.0 allows attackers to access arbitrary files as the PHP user, and possibly execute PHP code, by bypassing the CGI force redirect settings (cgi.force_redirect or --enable-force-cgi-redirect).
CVE-1999-0998 1 Cisco 1 Cache Engine 2026-04-16 N/A
Cisco Cache Engine allows an attacker to replace content in the cache.
CVE-2003-0154 1 Mozilla 1 Bonsai 2026-04-16 N/A
Cross-site scripting vulnerabilities (XSS) in bonsai Mozilla CVS query tool allow remote attackers to execute arbitrary web script via (1) the file, root, or rev parameters to cvslog.cgi, (2) the file or root parameters to cvsblame.cgi, (3) various parameters to cvsquery.cgi, (4) the person parameter to showcheckins.cgi, (5) the module parameter to cvsqueryform.cgi, and (6) possibly other attack vectors as identified by Mozilla bug #146244.
CVE-2004-0536 2 Redhat, Tripwire 2 Enterprise Linux, Tripwire 2026-04-16 N/A
Format string vulnerability in Tripwire commercial 4.0.1 and earlier, including 2.4, and open source 2.3.1 and earlier, allows local users to gain privileges via format string specifiers in a file name, which is used in the generation of an email report.
CVE-2004-0538 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
LaunchServices in Mac OS X 10.3.4 and 10.2.8 automatically registers and executes new applications, which could allow attackers to execute arbitrary code without warning the user.
CVE-1999-1001 1 Cisco 1 Cache Engine 2026-04-16 N/A
Cisco Cache Engine allows a remote attacker to gain access via a null username and password.
CVE-2003-0165 2 Gnome, Redhat 2 Eog, Linux 2026-04-16 N/A
Format string vulnerability in Eye Of Gnome (EOG) allows attackers to execute arbitrary code via format string specifiers in a command line argument for the file to display.
CVE-1999-1002 1 Netscape 1 Communicator 2026-04-16 N/A
Netscape Navigator uses weak encryption for storing a user's Netscape mail password.
CVE-2003-0168 1 Apple 1 Quicktime 2026-04-16 N/A
Buffer overflow in Apple QuickTime Player 5.x and 6.0 for Windows allows remote attackers to execute arbitrary code via a long QuickTime URL.
CVE-1999-1007 1 Vdonet 1 Vdolive Player 2026-04-16 N/A
Buffer overflow in VDO Live Player allows remote attackers to execute commands on the VDO client via a malformed .vdo file.
CVE-1999-1009 1 Disney 1 Go Express Search 2026-04-16 N/A
The Disney Go Express Search allows remote attackers to access and modify search information for users by connecting to an HTTP server on the user's system.
CVE-1999-1017 1 Seattle Lab Software 1 Emurl 2026-04-16 N/A
Seattle Labs Emurl 2.0, and possibly earlier versions, stores e-mail attachments in a specific directory with scripting enabled, which allows a malicious ASP file attachment to execute when the recipient opens the message.
CVE-1999-1040 1 Sgi 1 Irix 2026-04-16 N/A
Vulnerabilities in (1) ipxchk and (2) ipxlink in NetWare Client 1.0 on IRIX 6.3 and 6.4 allows local users to gain root access via a modified IFS environmental variable.
CVE-2003-0195 2 Redhat, Slackware 2 Linux, Slackware Linux 2026-04-16 N/A
CUPS before 1.1.19 allows remote attackers to cause a denial of service via a partial printing request to the IPP port (631), which does not time out.
CVE-2003-0202 1 Brian Renaud 1 Metrics 2026-04-16 N/A
The (1) halstead and (2) gather_stats scripts in metrics 1.0 allow local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-1999-1055 1 Microsoft 1 Excel 2026-04-16 N/A
Microsoft Excel 97 does not warn the user before executing worksheet functions, which could allow attackers to execute arbitrary commands by using the CALL function to execute a malicious DLL, aka the Excel "CALL Vulnerability."
CVE-1999-1063 1 Cdomain 1 Cdomainfree 2026-04-16 N/A
CDomain whois_raw.cgi whois CGI script allows remote attackers to execute arbitrary commands via shell metacharacters in the fqdn parameter.
CVE-2003-0206 1 Gkrellm Newsticker 1 Gkrellm Newsticker 2026-04-16 N/A
gkrellm-newsticker gkrellm plugin before 0.3-3.1 allows remote attackers to cause a denial of service (crash) via (1) link or (2) title elements that contain multiple lines.