Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0824 1 Microsoft 1 Windows Nt 2026-04-16 N/A
A Windows NT user can use SUBST to map a drive letter to a folder, which is not unmapped after the user logs off, potentially allowing that user to modify the location of folders accessed by later users.
CVE-2002-0758 1 Suse 1 Suse Linux 2026-04-16 N/A
ifup-dhcp script in the sysconfig package for SuSE 8.0 allows remote attackers to execute arbitrary commands via spoofed DHCP responses, which are stored and executed in a file.
CVE-1999-0968 1 James Seter 1 Bnc Irc 2026-04-16 N/A
Buffer overflow in BNC IRC proxy allows remote attackers to gain privileges.
CVE-1999-0971 1 University Of Cambridge 1 Exim 2026-04-16 N/A
Buffer overflow in Exim allows local users to gain root privileges via a long :include: option in a .forward file.
CVE-2001-1396 2 Linux, Redhat 2 Linux Kernel, Linux 2026-04-16 N/A
Unknown vulnerabilities in strnlen_user for Linux kernel before 2.2.19, with unknown impact.
CVE-2002-0760 1 Bzip 1 Bzip2 2026-04-16 N/A
Race condition in bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly other operating systems, decompresses files with world-readable permissions before setting the permissions to what is specified in the bzip2 archive, which could allow local users to read the files as they are being decompressed.
CVE-2001-1400 2 Linux, Redhat 2 Linux Kernel, Linux 2026-04-16 N/A
Unknown vulnerabilities in the UDP port allocation for Linux kernel before 2.2.19 could allow local users to cause a denial of service (deadlock).
CVE-2006-1124 1 Revilloc Solutions 1 Revilloc Mailserver 2026-04-16 N/A
Buffer overflow in RevilloC MailServer and Proxy 1.21 allows remote attackers to execute arbitrary code via a long USER command.
CVE-2006-1157 1 Adp 1 Adp Forum 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Vz Scripts ADP Forum 2.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the Subject field (possibly messaggio parameter) when posting a new message in post.php.
CVE-1999-1261 1 Metamail Corporation 1 Metamail 2026-04-16 N/A
Buffer overflow in Rainbow Six Multiplayer allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long nickname (nick) command.
CVE-2006-1186 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via by instantiating the (1) Mdt2gddr.dll, (2) Mdt2dd.dll, and (3) Mdt2gddo.dll COM objects as ActiveX controls, which leads to memory corruption.
CVE-2006-3488 1 Virtuastore 1 Virtuastore 2026-04-16 N/A
Absolute path traversal vulnerability in administrador.asp in VirtuaStore 2.0 allows remote attackers to possibly read arbitrary directories or files via an absolute path with Windows drive letter in the Pasta parameter when link=util, acao=ftp, and acaba=sim.
CVE-2006-1195 1 Enet 1 Enet Library 2026-04-16 N/A
The enet_protocol_handle_send_fragment function in protocol.c for ENet library CVS version Jul 2005 and earlier, as used in products including (1) Cube, (2) Sauerbraten, and (3) Duke3d_w32, allows remote attackers to cause a denial of service (application crash) via a packet fragment with a large total data size, which triggers an application abort when memory allocation fails.
CVE-2001-1435 1 Compaq 1 Tru64 2026-04-16 N/A
inetd in Compaq Tru64 UNIX 5.1 allows attackers to cause a denial of service (network connection loss) by causing one of the services handled by inetd to core dump during startup, which causes inetd to stop accepting connections to all of its services.
CVE-2006-1197 1 Macrovision 1 Safedisc 2026-04-16 N/A
SafeDisc installs the driver service for the secdrv.sys driver with insecure permissions, which allows local users to gain privileges by changing the configuration to reference a malicious program.
CVE-1999-1540 1 Cactus Software 1 Shell-lock 2026-04-16 N/A
shell-lock in Cactus Software Shell Lock uses weak encryption (trivial encoding) which allows attackers to easily decrypt and obtain the source code.
CVE-2003-0931 1 Sygate Technologies 1 Enforcer 2026-04-16 N/A
Sygate Enforcer 4.0 earlier allows remote attackers to cause a denial of service (service hang) by replaying a malformed discovery packet to UDP port 39999.
CVE-2006-1573 1 Mediaslash.com 1 Mediaslash Gallery 2026-04-16 N/A
PHP remote file inclusion vulnerability in index.php in MediaSlash Gallery allows remote attackers to execute arbitrary PHP code via a URL in the rub parameter (part of the $page_menu variable).
CVE-2006-1583 1 Juliusz Julas Gonera 1 Warcraft Iii Replay Parser Php 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in Warcraft III Replay Parser for PHP 1.8c allows remote attackers to inject arbitrary web script or HTML via the page parameter. NOTE: post-disclosure analysis by CVE suggests that the "page" parameter is not used in this product, and "id" might be the affected parameter.
CVE-2003-0866 1 Apache 1 Tomcat 2026-04-16 N/A
The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service via several requests that do not follow the HTTP protocol, which causes Tomcat to reject later requests.