Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1976 1 Smc Networks 1 Smc7004vbr 2025-04-03 N/A
SMC Barricade broadband router 7008ABR and 7004VBR enable remote administration by default, which allows remote attackers to gain access by connecting to port 1900.
CVE-2002-0060 2 Linux, Redhat 2 Linux Kernel, Linux 2025-04-03 N/A
IRC connection tracking helper module in the netfilter subsystem for Linux 2.4.18-pre9 and earlier does not properly set the mask for conntrack expectations for incoming DCC connections, which could allow remote attackers to bypass intended firewall restrictions.
CVE-2006-3471 1 Microsoft 1 Ie 2025-04-03 N/A
Microsoft Internet Explorer 6 on Windows XP allows remote attackers to cause a denial of service (crash) via a table with a frameset as a child, which triggers a null dereference, as demonstrated using the appendChild method.
CVE-2000-0539 1 Macromedia 1 Jrun 2025-04-03 N/A
Servlet examples in Allaire JRun 2.3.x allow remote attackers to obtain sensitive information, e.g. listing HttpSession ID's via the SessionServlet servlet.
CVE-2006-3483 1 Phpmaillist 1 Phpmaillist 2025-04-03 N/A
PHPMailList 1.8.0 stores sensitive information under the web document root iwth insufficient access control, which allows remote attackers to obtain email addresses of subscribers, configuration information, and the admin username and password via direct requests to (1) list.dat or (2) ml_config.dat.
CVE-2000-0543 1 Pgp 1 Certificate Server 2025-04-03 N/A
The command port for PGP Certificate Server 2.5.0 and 2.5.1 allows remote attackers to cause a denial of service if their hostname does not have a reverse DNS entry and they connect to port 4000.
CVE-2002-1666 1 Oracle 1 E-business Suite 2025-04-03 N/A
Unknown vulnerability in Oracle E-Business Suite 11i.1 through 11i.6 allows remote attackers to execute unauthorized PL/SQL procedures by modifying the Oracle Applications URL.
CVE-2003-0546 1 Redhat 2 Linux, Up2date 2025-04-03 N/A
up2date 3.0.7 and 3.1.23 does not properly verify RPM GPG signatures, which could allow remote attackers to cause unsigned packages to be installed from the Red Hat Network, if that network is compromised.
CVE-2006-2228 1 W-agora 1 W-agora 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in w-Agora (aka Web-Agora) 4.2.0 allows remote attackers to inject arbitrary web script or HTML via a post with a BBCode tag that contains a JavaScript event name followed by whitespace before the '=' (equals) character, which bypasses a restrictive regular expression that attempts to remove onmouseover and other events.
CVE-2000-0623 1 Oreilly 1 Website Professional 2025-04-03 N/A
Buffer overflow in O'Reilly WebSite Professional web server 2.4 and earlier allows remote attackers to execute arbitrary commands via a long GET request or Referrer header.
CVE-2002-0213 2 Sgi, Xinet 2 Irix, K-ashare 2025-04-03 N/A
xkas in Xinet K-AShare 0.011.01 for IRIX allows local users to read arbitrary files via a symlink attack on the VOLICON file, which is copied to the .HSicon file in a shared directory.
CVE-2002-0214 1 Intel 1 Intel Pro Wireless 2011b Lan Usb Device Driver 2025-04-03 N/A
Compaq Intel PRO/Wireless 2011B LAN USB Device Driver 1.5.16.0 through 1.5.18.0 stores the 128-bit WEP (Wired Equivalent Privacy) key in plaintext in a registry key with weak permissions, which allows local users to decrypt network traffic by reading the WEP key from the registry key.
CVE-2004-2463 1 Ada 1 Imgsvr 2025-04-03 N/A
Buffer overflow in ADA Image Server (ImgSvr) 0.4 allows remote attackers to cause a denial of service (web server crash) or execute arbitrary code via a long GET request.
CVE-2002-0217 1 Xoops 1 Xoops 2025-04-03 N/A
Cross-site scripting (CSS) vulnerabilities in the Private Message System for XOOPS 1.0 RC1 allow remote attackers to execute Javascript on other web clients via (1) the Title field or a Private Message Box or (2) the image field parameter in pmlite.php.
CVE-2003-0137 1 Nokia 1 Sgsn Dx200 2025-04-03 N/A
SNMP daemon in the DX200 based network element for Nokia Serving GPRS support node (SGSN) allows remote attackers to read SNMP options via arbitrary community strings.
CVE-2005-4842 1 Microsoft 1 Internet Explorer 2025-04-03 N/A
The System Monitor Source Properties control allows remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer.
CVE-2006-2393 1 Empire Server 1 Empire Server 2025-04-03 N/A
The client_cmd function in Empire 4.3.2 and earlier allows remote attackers to cause a denial of service (application crash) by causing long text strings to be appended to the player->client buffer, which causes an invalid memory access.
CVE-1999-1294 1 Microsoft 1 Windows Nt 2025-04-03 N/A
Office Shortcut Bar (OSB) in Windows 3.51 enables backup and restore permissions, which are inherited by programs such as File Manager that are started from the Shortcut Bar, which could allow local users to read folders for which they do not have permission.
CVE-2000-0627 1 Blackboard 1 Courseinfo 2025-04-03 N/A
BlackBoard CourseInfo 4.0 does not properly authenticate users, which allows local users to modify CourseInfo database information and gain privileges by directly calling the supporting CGI programs such as user_update_passwd.pl and user_update_admin.pl.
CVE-1999-1299 2 Redhat, Slackware 2 Linux, Slackware Linux 2025-04-03 N/A
rcp on various Linux systems including Red Hat 4.0 allows a "nobody" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file.