Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1422 1 Ilia Alshanetsky 1 Fudforum 2025-04-03 N/A
admbrowse.php in FUDforum before 2.2.0 allows remote attackers to create or delete files via URL-encoded pathnames in the cur and dest parameters.
CVE-2001-1049 1 Paul M. Jones 1 Phorecast 2025-04-03 N/A
Phorecast PHP script before 0.40 allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.
CVE-2005-3399 1 Cat 1 Quick Heal 2025-04-03 N/A
Multiple interpretation error in CAT-QuickHeal 8.0 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug."
CVE-2001-1057 1 Wolfram Research 1 Mathematica 2025-04-03 N/A
The License Manager (mathlm) for Mathematica 4.0 and 4.1 allows remote attackers to cause a denial of service (resource exhaustion) by connecting to port 16286 and not disconnecting, which prevents users from making license requests.
CVE-2001-1059 1 Vmware 1 Workstation 2025-04-03 N/A
VMWare creates a temporary file vmware-log.USERNAME with insecure permissions, which allows local users to read or modify license information.
CVE-2003-0465 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-04-03 N/A
The kernel strncpy function in Linux 2.4 and 2.5 does not %NUL pad the buffer on architectures other than x86, as opposed to the expected behavior of strncpy as implemented in libc, which could lead to information leaks.
CVE-2001-1060 1 Phpmyadmin 1 Phpmyadmin 2025-04-03 N/A
phpMyAdmin 2.2.0rc3 and earlier allows remote attackers to execute arbitrary commands by inserting them into (1) the strCopyTableOK argument in tbl_copy.php, or (2) the strRenameTableOK argument in tbl_rename.php.
CVE-2000-0248 1 Redhat 1 Linux 2025-04-03 N/A
The web GUI for the Linux Virtual Server (LVS) software in the Red Hat Linux Piranha package has a backdoor password that allows remote attackers to execute arbitrary commands.
CVE-2001-1086 1 Xfree86 Project 1 X11r6 2025-04-03 N/A
XDM in XFree86 3.3 and 3.3.3 generates easily guessable cookies using gettimeofday() when compiled with the HasXdmXauth option, which allows remote attackers to gain unauthorized access to the X display via a brute force attack.
CVE-2002-1387 1 Ehud Gavron 1 Tracesroute 2025-04-03 N/A
The spray mode in traceroute-nanog (aka traceroute-ng) may allow local users to overwrite arbitrary memory locations via an array index overflow using the nprobes (number of probes) argument.
CVE-2004-0758 2 Mozilla, Redhat 2 Mozilla, Enterprise Linux 2025-04-03 N/A
Mozilla 1.5 through 1.7 allows a CA certificate to be imported even when their DN is the same as that of the built-in CA root certificate, which allows remote attackers to cause a denial of service to SSL pages because the malicious certificate is treated as invalid.
CVE-2005-0423 1 Aspjar 1 Aspjar Guestbook 2025-04-03 N/A
SQL injection vulnerability in login.asp in ASPjar Guestbook allows remote attackers to execute arbitrary SQL commands via the password field.
CVE-2005-3445 1 Oracle 2 Application Server, Database Server 2025-04-03 N/A
Multiple unspecified vulnerabilities in HTTP Server in Oracle Database Server 8i up to 10.1.0.4.2 and Application Server 1.0.2.2 up to 10.1.2.0 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB30 and AS03 or (2) DB31 and AS05.
CVE-2001-0648 1 Phprojekt 1 Phprojekt 2025-04-03 N/A
Directory traversal vulnerability in PHProjekt 2.1 and earlier allows a remote attacker to conduct unauthorized activities via a dot dot (..) attack on the file module.
CVE-2005-0426 1 Sun 2 Solaris, Sunos 2025-04-03 N/A
Unknown vulnerability in Solaris 8 and 9 allows remote attackers to cause a denial of service (panic) via "Heavy UDP Usage" that triggers a NULL dereference.
CVE-2000-0268 1 Cisco 12 3660 Router, 7100 Router, 7200 Router and 9 more 2025-04-03 N/A
Cisco IOS 11.x and 12.x allows remote attackers to cause a denial of service by sending the ENVIRON option to the Telnet daemon before it is ready to accept it, which causes the system to reboot.
CVE-2002-1639 1 Oracle 1 Configurator 2025-04-03 N/A
Oracle Configurator before 11.5.7.17.32 and 11.5.6.16.53 allows remote attackers to obtain sensitive information via a request to the oracle.apps.cz.servlet.UiServlet servlet with the test parameter set to "version" or "host".
CVE-2001-1093 1 Compaq 1 Tru64 2025-04-03 N/A
Buffer overflow in msgchk in Digital UNIX 4.0G and earlier allows local users to execute arbitrary code via a long command line argument.
CVE-2001-1094 1 Crosstec Corporation 1 Netop School 2025-04-03 N/A
NetOp School 1.5 allows local users to bypass access restrictions on the administration version by logging into the student version, closing the student version, then starting the administration version.
CVE-2001-1097 1 Cisco 1 Ios 2025-04-03 N/A
Cisco routers and switches running IOS 12.0 through 12.2.1 allows a remote attacker to cause a denial of service via a flood of UDP packets.