Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-4480 1 Plexcor 1 Plexcor Cms 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in Plexcor CMS 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters.
CVE-1999-0395 1 Backweb Technologies 1 Backweb Polite Agent Protocol 2025-04-03 N/A
A race condition in the BackWeb Polite Agent Protocol allows an attacker to spoof a BackWeb server.
CVE-2000-0528 1 Network Associates 1 Net Tools Pki Server 2025-04-03 N/A
Net Tools PKI Server does not properly restrict access to remote attackers when the XUDA template files do not contain absolute pathnames for other files.
CVE-1999-0407 1 Microsoft 1 Internet Information Server 2025-04-03 N/A
By default, IIS 4.0 has a virtual directory /IISADMPWD which contains files that can be used as proxies for brute force password attacks, or to identify valid users on the system.
CVE-2000-0529 1 Network Associates 1 Net Tools Pki Server 2025-04-03 N/A
Net Tools PKI Server allows remote attackers to cause a denial of service via a long HTTP request.
CVE-2000-0531 2 Caldera, Redhat 3 Openlinux, Openlinux Eserver, Linux 2025-04-03 N/A
Linux gpm program allows local users to cause a denial of service by flooding the /dev/gpmctl device with STREAM sockets.
CVE-2000-0532 1 Freebsd 1 Freebsd 2025-04-03 N/A
A FreeBSD patch for SSH on 2000-01-14 configures ssh to listen on port 722 as well as port 22, which might allow remote attackers to access SSH through port 722 even if port 22 is otherwise filtered.
CVE-2006-2172 1 Gene6 1 G6 Ftp Server 2025-04-03 N/A
Buffer overflow in Gene6 FTP Server 3.1.0 allows remote authenticated attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long argument to (1) MKD or (2) XMKD, as demonstrated by the Infigo FTPStress Fuzzer.
CVE-2002-0038 1 Sgi 1 Irix 2025-04-03 N/A
Vulnerability in the cache-limiting function of the unified name service daemon (nsd) in IRIX 6.5.4 through 6.5.11 allows remote attackers to cause a denial of service by forcing the cache to fill the disk.
CVE-2002-0041 1 Sgi 1 Irix 2025-04-03 N/A
Unknown vulnerability in Mail for SGI IRIX 6.5 through 6.5.15f, and possibly earlier versions, when running with the -R option, allows local and remote attackers to cause a core dump.
CVE-2002-1664 1 Yahoo 1 Messenger 2025-04-03 N/A
Yahoo! Messenger before February 2002 allows remote attackers to add arbitrary users to another user's buddy list and possibly obtain sensitive information.
CVE-2002-0077 1 Microsoft 1 Internet Explorer 2025-04-03 N/A
Microsoft Internet Explorer 5.01, 5.5 and 6.0 treats objects invoked on an HTML page with the codebase property as part of Local Computer zone, which allows remote attackers to invoke executables present on the local system through objects such as the popup object, aka the "Local Executable Invocation via Object tag" vulnerability.
CVE-2000-0565 1 Mindstorm 1 Smartftp Daemon 2025-04-03 N/A
SmartFTP Daemon 0.2 allows a local user to access arbitrary files by uploading and specifying an alternate user configuration file via a .. (dot dot) attack.
CVE-2002-1676 1 Bindview 2 Netinventory, Netrc 2025-04-03 N/A
BindView NetInventory 1.0, when used with NetRC 1.0, allows local users to read sensitive information (passwords) by deleting the HOSTCFG._NI file and forcing an audit, which rewrites the HOSTCFG._NI to HOSTCFG.INI and stores the passwords in cleartext until the audit is complete.
CVE-2000-0566 3 Caldera, Mandrakesoft, Redhat 3 Openlinux, Mandrake Linux, Linux 2025-04-03 N/A
makewhatis in Linux man package allows local users to overwrite files via a symlink attack.
CVE-2005-4545 1 Netdirect 1 Shopengine 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in search.asp in NetDirect ShopEngine allows remote attackers to inject arbitrary web script or HTML via the EXPS parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2000-0570 1 Centrinity 1 Firstclass Intranet Server 2025-04-03 N/A
FirstClass Internet Services server 5.770, and other versions before 6.1, allows remote attackers to cause a denial of service by sending an email with a long To: mail header.
CVE-2002-0001 2 Mutt, Redhat 2 Mutt, Linux 2025-04-03 N/A
Vulnerability in RFC822 address parser in mutt before 1.2.5.1 and mutt 1.3.x before 1.3.25 allows remote attackers to execute arbitrary commands via an improperly terminated comment or phrase in the address list.
CVE-2002-0002 4 Engardelinux, Mandrakesoft, Redhat and 1 more 4 Secure Linux, Mandrake Linux, Linux and 1 more 2025-04-03 N/A
Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code.
CVE-2002-0086 1 Ibm 1 Lotus Domino 2025-04-03 N/A
Buffer overflow in bindsock in Lotus Domino 5.0.4 and 5.0.7 on Linux allows local users to gain root privileges via a long (1) Notes_ExecDirectory or (2) PATH environment variable.