Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0680 1 Zoom 1 Model 5560 X3 Ethernet Adsl Modem 2025-04-03 N/A
Zoom X3 ADSL modem has a terminal running on port 254 that can be accessed using the default HTML management password, even if the password has been changed for the HTTP interface, which could allow remote attackers to gain unauthorized access.
CVE-2001-0692 1 Watchguard 2 Firebox 2500, Firebox 4500 2025-04-03 N/A
SMTP proxy in WatchGuard Firebox (2500 and 4500) 4.5 and 4.6 allows a remote attacker to bypass firewall filtering via a base64 MIME encoded email attachment whose boundary name ends in two dashes.
CVE-2001-0694 1 Texas Imperial Software 1 Wftpd 2025-04-03 N/A
Directory traversal vulnerability in WFTPD 3.00 R5 allows a remote attacker to view arbitrary files via a dot dot attack in the CD command.
CVE-2001-0698 1 Netwin 1 Surgeftp 2025-04-03 N/A
Directory traversal vulnerability in NetWin SurgeFTP 2.0a and 1.0b allows a remote attacker to list arbitrary files and directories via the 'nlist ...' command.
CVE-2002-0807 2 Mozilla, Redhat 2 Bugzilla, Powertools 2025-04-03 N/A
Cross-site scripting vulnerabilities in Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, could allow remote attackers to execute script as other Bugzilla users via the full name (real name) field, which is not properly quoted by editusers.cgi.
CVE-2001-0702 1 Grant Averett 1 Ceberus Ftp Server 2025-04-03 N/A
Cerberus FTP 1.5 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long (1) username, (2) password, or (3) PASV command.
CVE-2001-0703 1 Arcadia 1 Arcadia Internet Store 2025-04-03 N/A
tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to cause a denial of service via a URL request with an MS-DOS device name in the template parameter.
CVE-2002-1369 3 Apple, Easy Software Products, Redhat 3 Mac Os X, Cups, Linux 2025-04-03 N/A
jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly use the strncat function call when processing the options string, which allows remote attackers to execute arbitrary code via a buffer overflow attack.
CVE-2003-0983 1 Cisco 2 80-7111-01 For The Unity-svrx255-1a, 80-7112-01 For The Unity-svrx255-2a 2025-04-03 N/A
Cisco Unity on IBM servers is shipped with default settings that should have been disabled by the manufacturer, which allows local or remote attackers to conduct unauthorized activities via (1) a "bubba" local user account, (2) an open TCP port 34571, or (3) when a local DHCP server is unavailable, a DHCP server on the manufacturer's test network.
CVE-2006-2588 1 Russcom Network 1 Phpimages 2025-04-03 N/A
Russcom PHPImages allows remote attackers to upload files of arbitrary types by uploading a file with a .gif extension. NOTE: due to lack of specific information about attack vectors do not depend on the existence of another vulnerability, it is not clear whether this is a vulnerability.
CVE-2003-1004 1 Cisco 2 Pix Firewall, Pix Firewall Software 2025-04-03 N/A
Cisco PIX firewall 6.2.x through 6.2.3, when configured as a VPN Client, allows remote attackers to cause a denial of service (dropped IPSec tunnel connection) via an IKE Phase I negotiation request to the outside interface of the firewall.
CVE-2003-1009 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-03 N/A
Directory Services in Apple Mac OS X 10.0.2, 10.0.3, 10.2.8, 10.3.2 and Apple Mac OS X Server 10.2 through 10.3.2 accepts authentication server information from unknown LDAP or NetInfo sources as provided by a malicious DHCP server, which allows remote attackers to gain privileges.
CVE-2004-0888 11 Debian, Easy Software Products, Gentoo and 8 more 16 Debian Linux, Cups, Linux and 13 more 2025-04-03 N/A
Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889.
CVE-2005-3767 1 Exponent 1 Exponent 2025-04-03 N/A
Exponent CMS 0.96.3 and later versions does not properly restrict the types of uploaded files, which allows remote attackers to upload and execute PHP files.
CVE-2002-0816 1 Compaq 1 Tru64 2025-04-03 N/A
Buffer overflow in su in Tru64 Unix 5.x allows local users to gain root privileges via a long username and argument.
CVE-2001-0721 1 Microsoft 4 Windows 98, Windows 98se, Windows Me and 1 more 2025-04-03 N/A
Universal Plug and Play (UPnP) in Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service (memory consumption or crash) via a malformed UPnP request.
CVE-2005-3772 1 Joomla 1 Joomla 2025-04-03 N/A
Multiple SQL injection vulnerabilities in Joomla! before 1.0.4 allow remote attackers to execute arbitrary SQL commands via the (1) Itemid variable in the Polls modules and (2) multiple unspecified methods in the mosDBTable class.
CVE-2005-3782 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-03 N/A
Mac OS X 10.4.3 up to 10.4.6, when loginwindow uses the "Name and password" setting, and the "Show the Restart, Sleep, and Shut Down buttons" option is disabled, allows users with physical access to bypass login and reboot the system by entering ">restart", ">power", or ">shutdown" sequences after the username.
CVE-2001-0724 1 Microsoft 1 Internet Explorer 2025-04-03 N/A
Internet Explorer 5.5 allows remote attackers to bypass security restrictions via malformed URLs that contain dotless IP addresses, which causes Internet Explorer to process the page in the Intranet Zone, which may have fewer security restrictions, aka the "Zone Spoofing Vulnerability variant" of CVE-2001-0664.
CVE-2002-0817 1 William Deich 1 Super 2025-04-03 N/A
Format string vulnerability in super for Linux allows local users to gain root privileges via a long command line argument.