Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-1244 1 Broadcom 1 Inoculateit Agent For Exchange 2025-04-03 N/A
Computer Associates InoculateIT Agent for Exchange Server does not recognize an e-mail virus attachment if the SMTP header is missing the "From" field, which allows remote attackers to bypass virus protection.
CVE-2005-2178 1 Probe.cgi 1 Probe.cgi 2025-04-03 N/A
probe.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the olddat parameter. NOTE: it is unclear which product or vendor this program is associated with, if any.
CVE-2005-3005 1 Helpdesk Software 1 Hesk 2025-04-03 N/A
Helpdesk Software Hesk allows remote attackers to bypass authentication for (1) admin.php and (2) admin_main.php by modifying the PHPSESSID session ID parameter or cookie.
CVE-1999-1333 1 Redhat 1 Linux 2025-04-03 N/A
automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux 5.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the names of files that are to be downloaded.
CVE-2002-1084 1 Visualshapers 1 Ezcontents 2025-04-03 N/A
The VerifyLogin function in ezContents 1.41 and earlier does not properly halt program execution if a user fails to log in properly, which allows remote attackers to modify and view restricted information via HTTP POST requests.
CVE-2005-3012 1 Simplecdr-x 1 Simplecdr-x 2025-04-03 N/A
The MasterDataCD::createImage function in masterdatacd.cpp for SimpleCDR-X 1.3.3 creates the .temp temporary directory with insecure permissions, which allows local users to read sensitive ISO images.
CVE-2001-0125 3 Debian, Exmh, Mandrakesoft 4 Debian Linux, Exmh, Mandrake Linux and 1 more 2025-04-03 N/A
exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file.
CVE-2002-1826 1 Grsecurity 1 Grsecurity Kernel Patch 2025-04-03 N/A
grsecurity 1.9.4 for Linux kernel 2.4.18 allows local users to bypass read-only permissions by using mmap to directly map /dev/mem or /dev/kmem to kernel memory.
CVE-2001-1015 1 Snes9x.com 1 Snes9x 2025-04-03 N/A
Buffer overflow in Snes9x 1.37, when installed setuid root, allows local users to gain root privileges via a long command line argument.
CVE-2004-2107 1 Finjan Software 1 Surfingate 2025-04-03 N/A
Finjan SurfinGate 6.0 and 7.0, when running in proxy mode, does not authenticate FHTTP commands on TCP port 3141, which allows remote attackers to use the finjan-parameter-type header to (1) restart the service, (2) use the getlastmsg command to view log information, or (3) use the online command to force a policy update from the database server.
CVE-1999-1360 1 Microsoft 1 Windows Nt 2025-04-03 N/A
Windows NT 4.0 allows local users to cause a denial of service via a user mode application that closes a handle that was opened in kernel mode, which causes a crash when the kernel attempts to close the handle.
CVE-1999-1361 1 Microsoft 1 Windows Nt 2025-04-03 N/A
Windows NT 3.51 and 4.0 running WINS (Windows Internet Name Service) allows remote attackers to cause a denial of service (resource exhaustion) via a flood of malformed packets, which causes the server to slow down and fill the event logs with error messages.
CVE-2002-1112 1 Mantis 1 Mantis 2025-04-03 N/A
Mantis before 0.17.4 allows remote attackers to list project bugs without authentication by modifying the cookie that is used by the "View Bugs" page.
CVE-2003-0370 4 Apple, Kde, Redhat and 1 more 7 Safari, Kde, Konqueror Embedded and 4 more 2025-04-03 N/A
Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack.
CVE-1999-1503 1 Nfr 1 Nfr 2025-04-03 N/A
Network Flight Recorder (NFR) 1.5 and 1.6 allows remote attackers to cause a denial of service in nfrd (crash) via a TCP packet with a null header and data field.
CVE-2001-1033 1 Compaq 2 Tru64, Trucluster 2025-04-03 N/A
Compaq TruCluster 1.5 allows remote attackers to cause a denial of service via a port scan from a system that does not have a DNS PTR record, which causes the cluster to enter a "split-brain" state.
CVE-2004-2109 1 Quadcomm 1 Q-shop 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in (1) imagezoom.asp or (2) recommend.asp in Q-Shop allow remote attackers to execute arbitrary script and steal the user session ID via Javascript in a URL.
CVE-2002-1114 1 Mantis 1 Mantis 2025-04-03 N/A
config_inc2.php in Mantis before 0.17.4 allows remote attackers to execute arbitrary code or read arbitrary files via the parameters (1) g_bottom_include_page, (2) g_top_include_page, (3) g_css_include_file, (4) g_meta_include_file, or (5) a cookie.
CVE-2001-1041 1 Oracle 1 Database Server 2025-04-03 N/A
oracle program in Oracle 8.0.x, 8.1.x and 9.0.1 allows local users to overwrite arbitrary files via a symlink attack on an Oracle log trace (.trc) file that is created in an alternate home directory identified by the ORACLE_HOME environment variable.
CVE-2002-1115 1 Mantis 1 Mantis 2025-04-03 N/A
Mantis 0.17.4a and earlier allows remote attackers to view private bugs by modifying the f_id bug ID parameter to (1) bug_update_advanced_page.php, (2) bug_update_page.php, (3) view_bug_advanced_page.php, or (4) view_bug_page.php.