Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0351 1 Microsoft 1 Windows 2000 2025-04-03 N/A
Microsoft Windows 2000 telnet service allows a local user to make a certain system call that allows the user to terminate a Telnet session and cause a denial of service.
CVE-2001-0440 4 Conectiva, Licq, Mandrakesoft and 1 more 5 Linux, Licq, Mandrake Linux and 2 more 2025-04-03 N/A
Buffer overflow in logging functions of licq before 1.0.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands.
CVE-2001-0489 2 Gftp, Redhat 2 Gftp, Linux 2025-04-03 N/A
Format string vulnerability in gftp prior to 2.0.8 allows remote malicious FTP servers to execute arbitrary commands.
CVE-2003-0755 1 Gtkftpd 1 Gtkftp 2025-04-03 N/A
Buffer overflow in sys_cmd.c for gtkftpd 1.0.4 and earlier allows remote attackers to execute arbitrary code by creating long directory names and listing them with a LIST command.
CVE-2004-0554 6 Avaya, Conectiva, Gentoo and 3 more 18 Converged Communications Server, Intuity Audix, Modular Messaging Message Storage Server and 15 more 2025-04-03 N/A
Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.
CVE-2004-0235 8 Clearswift, F-secure, Rarlab and 5 more 15 Mailsweeper, F-secure Anti-virus, F-secure For Firewalls and 12 more 2025-04-03 N/A
Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path").
CVE-2004-0919 1 Freebsd 1 Freebsd 2025-04-03 N/A
The syscons CONS_SCRSHOT ioctl in FreeBSD 5.x allows local users to read arbitrary kernel memory via (1) negative coordinates or (2) large coordinates.
CVE-2004-1437 1 Pavuk 1 Pavuk 2025-04-03 N/A
Multiple buffer overflows in the digest authentication functionality in Pavuk 0.9.28-r2 and earlier allow remote attackers to execute arbitrary code.
CVE-2004-0381 3 Mysql, Oracle, Redhat 3 Mysql, Mysql, Enterprise Linux 2025-04-03 N/A
mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file.
CVE-2004-1461 1 Cisco 2 Secure Access Control Server, Secure Acs Solution Engine 2025-04-03 N/A
Cisco Secure Access Control Server (ACS) 3.2(3) and earlier spawns a separate unauthenticated TCP connection on a random port when a user authenticates to the ACS GUI, which allows remote attackers to bypass authentication by connecting to that port from the same IP address.
CVE-2004-0371 1 Kth 1 Heimdal 2025-04-03 N/A
Heimdal 0.6.x before 0.6.1 and 0.5.x before 0.5.3 does not properly perform certain consistency checks for cross-realm requests, which allows remote attackers with control of a realm to impersonate others in the cross-realm trust path.
CVE-2005-1611 1 Web Crossing Inc 1 Web Crossing 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in WebX in Web Crossing 5.x allows remote attackers to inject arbitrary web script or HTML via a URL with an "@" followed by the desired script.
CVE-2005-3577 1 Walla Telesite 1 Walla Telesite 2025-04-03 N/A
Cross-site scripting vulnerability (XSS) in ts.exe (aka ts.cgi) in Walla TeleSite 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the sug parameter.
CVE-2006-0012 1 Microsoft 6 Windows 2000, Windows 2003 Server, Windows 98 and 3 more 2025-04-03 N/A
Unspecified vulnerability in Windows Explorer in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via attack vectors involving COM objects and "crafted files and directories," aka the "Windows Shell Vulnerability."
CVE-2006-1414 1 Toast Forums 1 Toast Forums 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in toast.asp in Toast Forums 1.6 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) author, (2) subject, (3) message, or (4) dayprune parameter.
CVE-2006-2542 1 Ti Kan 1 Xmcd 2025-04-03 N/A
xmcdconfig in xmcd for Debian GNU/Linux 2.6-17.1 creates /var/lib/cddb and /var/lib/xmcd/discog with world writable permissions, which allows local users to cause a denial of service (disk consumption).
CVE-2006-4989 1 Patrick Michaelis 1 Wili-cms 2025-04-03 N/A
Patrick Michaelis Wili-CMS allows remote attackers to obtain sensitive information via a direct request for (1) thumbnail.php, (2) functions/admin/all.php, (3) functions/admin/init_session.php, (4) functions/all.php, and (5) certain files in example-view/admin_templates/, which reveals the path in various error messages.
CVE-2001-0333 1 Microsoft 1 Internet Information Server 2025-04-03 N/A
Directory traversal vulnerability in IIS 5.0 and earlier allows remote attackers to execute arbitrary commands by encoding .. (dot dot) and "\" characters twice.
CVE-2002-0790 1 Ibm 1 Aix 2025-04-03 N/A
clchkspuser and clpasswdremote in AIX expose an encrypted password in the cspoc.log file, which could allow local users to gain privileges.
CVE-2002-1428 1 Dotproject 1 Dotproject 2025-04-03 N/A
index.php in dotProject 0.2.1.5 allows remote attackers to bypass authentication via a cookie or URL with the user_cookie parameter set to 1.