Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0878 1 Logisense 2 Dns Manager System, Hawk-i 2025-04-03 N/A
SQL injection vulnerability in the login form for LogiSense software including (1) Hawk-i Billing, (2) Hawk-i ASP and (3) DNS Manager allows remote attackers to bypass authentication via SQL code in the password field.
CVE-2005-2611 1 Symantec Veritas 3 Backup Exec, Backup Exec Remote Agent, Netbackup 2025-04-03 N/A
VERITAS Backup Exec for Windows Servers 8.6 through 10.0, Backup Exec for NetWare Servers 9.0 and 9.1, and NetBackup for NetWare Media Server Option 4.5 through 5.1 uses a static password during authentication from the NDMP agent to the server, which allows remote attackers to read and write arbitrary files with the backup server.
CVE-2000-1244 1 Broadcom 1 Inoculateit Agent For Exchange 2025-04-03 N/A
Computer Associates InoculateIT Agent for Exchange Server does not recognize an e-mail virus attachment if the SMTP header is missing the "From" field, which allows remote attackers to bypass virus protection.
CVE-2005-2178 1 Probe.cgi 1 Probe.cgi 2025-04-03 N/A
probe.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the olddat parameter. NOTE: it is unclear which product or vendor this program is associated with, if any.
CVE-2005-3005 1 Helpdesk Software 1 Hesk 2025-04-03 N/A
Helpdesk Software Hesk allows remote attackers to bypass authentication for (1) admin.php and (2) admin_main.php by modifying the PHPSESSID session ID parameter or cookie.
CVE-1999-1333 1 Redhat 1 Linux 2025-04-03 N/A
automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux 5.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the names of files that are to be downloaded.
CVE-2002-1084 1 Visualshapers 1 Ezcontents 2025-04-03 N/A
The VerifyLogin function in ezContents 1.41 and earlier does not properly halt program execution if a user fails to log in properly, which allows remote attackers to modify and view restricted information via HTTP POST requests.
CVE-2005-3012 1 Simplecdr-x 1 Simplecdr-x 2025-04-03 N/A
The MasterDataCD::createImage function in masterdatacd.cpp for SimpleCDR-X 1.3.3 creates the .temp temporary directory with insecure permissions, which allows local users to read sensitive ISO images.
CVE-2001-0086 1 Cgi Script Center 1 Subscribe Me Lite 2025-04-03 N/A
CGI Script Center Subscribe Me LITE 2.0 and earlier allows remote attackers to delete arbitrary mailing list users without authentication by directly calling subscribe.pl with the target address as a parameter.
CVE-2002-1092 1 Cisco 1 Vpn 3000 Concentrator Series Software 2025-04-03 N/A
Cisco VPN 3000 Concentrator 3.6(Rel) and earlier, and 2.x.x, when configured to use internal authentication with group accounts and without any user accounts, allows remote VPN clients to log in using PPTP or IPSEC user authentication.
CVE-2005-2679 1 Sysinternals 1 Process Explorer 2025-04-03 N/A
Buffer overflow in Sysinternals Process Explorer 9.23, and other versions before 9.25, allows local users to execute arbitrary code via a long CompanyName field in the VersionInfo information in a running process.
CVE-2001-0087 1 Michael Glickman 1 Itetris 2025-04-03 N/A
itetris/xitetris 1.6.2 and earlier trusts the PATH environmental variable to find and execute the gunzip program, which allows local users to gain root privileges by changing their PATH so that it points to a malicious gunzip program.
CVE-1999-1352 1 Linux 1 Linux Kernel 2025-04-03 N/A
mknod in Linux 2.2 follows symbolic links, which could allow local users to overwrite files or gain privileges.
CVE-2001-0088 1 Jason Hines 1 Phpweblog 2025-04-03 N/A
common.inc.php in phpWebLog 0.4.2 does not properly initialize the $CONF array, which inadvertently sets the password to a single character, allowing remote attackers to easily guess the SiteKey and gain administrative privileges to phpWebLog.
CVE-2002-1099 1 Cisco 2 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client 2025-04-03 N/A
Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to obtain potentially sensitive information without authentication by directly accessing certain HTML pages.
CVE-2001-0928 1 Gnome 1 Libgtop Daemon 2025-04-03 N/A
Buffer overflow in the permitted function of GNOME gtop daemon (libgtop_daemon) in libgtop 1.0.13 and earlier may allow remote attackers to execute arbitrary code via long authentication data.
CVE-2001-0090 1 Microsoft 1 Internet Explorer 2025-04-03 N/A
The Print Templates feature in Internet Explorer 5.5 executes arbitrary custom print templates without prompting the user, which could allow an attacker to execute arbitrary ActiveX controls, aka the "Browser Print Template" vulnerability.
CVE-2001-0093 1 Freebsd 1 Freebsd 2025-04-03 N/A
Vulnerability in telnetd in FreeBSD 1.5 allows local users to gain root privileges by modifying critical environmental variables that affect the behavior of telnetd.
CVE-2002-1100 1 Cisco 2 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client 2025-04-03 N/A
Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to cause a denial of service (crash) via a long (1) username or (2) password to the HTML login interface.
CVE-2001-0371 1 Freebsd 1 Freebsd 2025-04-03 N/A
Race condition in the UFS and EXT2FS file systems in FreeBSD 4.2 and earlier, and possibly other operating systems, makes deleted data available to user processes before it is zeroed out, which allows a local user to access otherwise restricted information.