Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-1258 1 Sun 1 Sunos 2026-04-16 N/A
rpc.pwdauthd in SunOS 4.1.1 and earlier does not properly prevent remote access to the daemon, which allows remote attackers to obtain sensitive system information.
CVE-2002-0617 1 Microsoft 2 Excel, Office 2026-04-16 N/A
The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code by creating a hyperlink on a drawing shape in a source workbook that points to a destination workbook containing an autoexecute macro, aka "Hyperlinked Excel Workbook Macro Bypass."
CVE-1999-1259 1 Microsoft 1 Office 2026-04-16 N/A
Microsoft Office 98, Macintosh Edition, does not properly initialize the disk space used by Office 98 files and effectively inserts data from previously deleted files into the Office file, which could allow attackers to obtain sensitive information.
CVE-1999-1266 1 Metamail Corporation 1 Metamail 2026-04-16 N/A
rsh daemon (rshd) generates different error messages when a valid username is provided versus an invalid name, which allows remote attackers to determine valid users on the system.
CVE-2002-2064 1 Phpwebgallery 1 Phpwebgallery 2026-04-16 N/A
isadmin.php in PhpWebGallery 1.0 allows remote attackers to gain administrative access via by setting the photo_login cookie to pseudo.
CVE-1999-1270 1 Kde 1 Kde 2026-04-16 N/A
KMail in KDE 1.0 provides a PGP passphrase as a command line argument to other programs, which could allow local users to obtain the passphrase and compromise the PGP keys of other users by viewing the arguments via programs that list process information, such as ps.
CVE-2002-2076 1 Summit Computer Networks 1 Lil Http 2026-04-16 N/A
Directory traversal vulnerability in Lil' HTTP server 2.1 and 2.2 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET request.
CVE-1999-1376 1 Microsoft 1 Internet Information Server 2026-04-16 N/A
Buffer overflow in fpcount.exe in IIS 4.0 with FrontPage Server Extensions allows remote attackers to execute arbitrary commands.
CVE-1999-1377 1 Matt Wright 1 Download.cgi 2026-04-16 N/A
Matt Wright's download.cgi 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the f parameter.
CVE-2002-1394 2 Apache, Redhat 3 Tomcat, Rhel Stronghold, Stronghold 2026-04-16 N/A
Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148.
CVE-1999-1380 1 Symantec 1 Norton Utilities 2026-04-16 N/A
Symantec Norton Utilities 2.0 for Windows 95 marks the TUNEOCX.OCX ActiveX control as safe for scripting, which allows remote attackers to execute arbitrary commands via the run option through malicious web pages that are accessed by browsers such as Internet Explorer 3.0.
CVE-2002-2115 1 Hns 2 Hns, Hns-lite 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Hyper NIKKI System (HNS) Lite before 0.9 and HNS before 2.10-pl2 allows remote attackers to inject arbitrary web script or HTML.
CVE-1999-1395 1 Dec 1 Dec Openvms 2026-04-16 N/A
Vulnerability in Monitor utility (SYS$SHARE:SPISHR.EXE) in VMS 5.0 through 5.4-2 allows local users to gain privileges.
CVE-1999-1398 1 Sgi 1 Irix 2026-04-16 N/A
Vulnerability in xfsdump in SGI IRIX may allow local users to obtain root privileges via the bck.log log file, possibly via a symlink attack.
CVE-2002-2137 5 Alloy, D-link, Eusso and 2 more 5 Gl-2422ap-s, Dwl-900ap\+, Gl2422 Ap and 2 more 2026-04-16 N/A
GlobalSunTech Wireless Access Points (1) WISECOM GL2422AP-0T, and possibly OEM products such as (2) D-Link DWL-900AP+ B1 2.1 and 2.2, (3) ALLOY GL-2422AP-S, (4) EUSSO GL2422-AP, and (5) LINKSYS WAP11-V2.2, allow remote attackers to obtain sensitive information like WEP keys, the administrator password, and the MAC filter via a "getsearch" request to UDP port 27155.
CVE-2002-0632 1 Sgi 1 Irix 2026-04-16 N/A
Vulnerability in SGI BDS (Bulk Data Service) BDSPro 2.4 and earlier allows clients to read arbitrary files on a BDS server.
CVE-2002-1395 2 Debian, Redhat 3 Internet Message, Enterprise Linux, Linux 2026-04-16 N/A
Internet Message (IM) 141-18 and earlier uses predictable file and directory names, which allows local users to (1) obtain unauthorized directory permissions via a temporary directory used by impwagent, and (2) overwrite and create arbitrary files via immknmz.
CVE-1999-1481 1 National Science Foundation 1 Squid Web Proxy 2026-04-16 N/A
Squid 2.2.STABLE5 and below, when using external authentication, allows attackers to bypass access controls via a newline in the user/password pair.
CVE-1999-1489 1 Slackware 1 Slackware Linux 2026-04-16 N/A
Buffer overflow in TestChip function in XFree86 SuperProbe in Slackware Linux 3.1 allows local users to gain root privileges via a long -nopr argument.
CVE-1999-1558 1 Digital 2 Digital Openvms, Digital Openvms Axp 2026-04-16 N/A
Vulnerability in loginout in Digital OpenVMS 7.1 and earlier allows unauthorized access when external authentication is enabled.