Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-1552 1 Ibm 1 Aix 2025-04-03 N/A
dpsexec (DPS Server) when running under XDM in IBM AIX 3.2.5 and earlier does not properly check privileges, which allows local users to overwrite arbitrary files and gain privileges.
CVE-1999-1554 1 Sgi 1 Irix 2025-04-03 N/A
/usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the group ID to the group ID of the user who started Mail, which allows local users to read the mail of other users.
CVE-2002-0683 1 Pacific Software 1 Carello 2025-04-03 N/A
Directory traversal vulnerability in Carello 1.3 allows remote attackers to execute programs on the server via a .. (dot dot) in the VBEXE parameter.
CVE-1999-1555 1 Cheyenne 1 Inoculan Anti-virus Server 2025-04-03 N/A
Cheyenne InocuLAN Anti-Virus Server in Inoculan 4.0 before Service Pack 2 creates an update directory with "EVERYONE FULL CONTROL" permissions, which allows local users to cause Inoculan's antivirus update feature to install a Trojan horse dll.
CVE-1999-1559 1 Alcatel 1 Omniswitch 2025-04-03 N/A
Xylan OmniSwitch before 3.2.6 allows remote attackers to bypass the login prompt via a CTRL-D (control d) character, which locks other users out of the switch because it only supports one session at a time.
CVE-1999-1563 1 Nachuatec 2 D435, D445 2025-04-03 N/A
Nachuatec D435 and D445 printer allows remote attackers to cause a denial of service via ICMP redirect storm.
CVE-2002-1277 2 Redhat, Windowmaker 3 Enterprise Linux, Linux, Windowmaker 2025-04-03 N/A
Buffer overflow in Window Maker (wmaker) 0.80.0 and earlier may allow remote attackers to execute arbitrary code via a certain image file that is not properly handled when Window Maker uses width and height information to allocate a buffer.
CVE-1999-1566 1 Intel 1 Iparty 2025-04-03 N/A
Buffer overflow in iParty server 1.2 and earlier allows remote attackers to cause a denial of service (crash) by connecting to default port 6004 and sending repeated extended characters.
CVE-2002-0684 3 Gnu, Isc, Redhat 4 Glibc, Bind, Enterprise Linux and 1 more 2025-04-03 N/A
Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnetbyname and getnetbyaddr.
CVE-2002-1285 1 Suse 1 Suse Linux 2025-04-03 N/A
runlpr in the LPRng package allows the local lp user to gain root privileges via certain command line arguments.
CVE-2005-2038 1 Fortibus 1 Fortibus Cms 2025-04-03 N/A
Fortibus CMS 4.0.0 allows remote attackers to modify information of other users, including Admin, via the "My info" page.
CVE-2005-2068 1 Freebsd 1 Freebsd 2025-04-03 N/A
FreeBSD 4.x through 4.11 and 5.x through 5.4 allows remote attackers to modify certain TCP options via a TCP packet with the SYN flag set for an already established session.
CVE-2005-2684 1 Virtech 1 Netquery 2025-04-03 N/A
nquser.php in Virtual Edge Netquery 3.11 allows remote attackers to execute arbitrary commands via shell metacharacters in the host parameter to a dig query.
CVE-2000-0002 1 Zbsoft 1 Zbserver 2025-04-03 N/A
Buffer overflow in ZBServer Pro 1.50 allows remote attackers to execute commands via a long GET request.
CVE-2000-0008 1 1st Choice Software 1 Ftppro 2025-04-03 N/A
FTPPro allows local users to read sensitive information, which is stored in plain text.
CVE-1999-0305 3 Bsdi, Freebsd, Openbsd 3 Bsd Os, Freebsd, Openbsd 2025-04-03 N/A
The system configuration control (sysctl) facility in BSD based operating systems OpenBSD 2.2 and earlier, and FreeBSD 2.2.5 and earlier, does not properly restrict source routed packets even when the (1) dosourceroute or (2) forwarding variables are set, which allows remote attackers to spoof TCP connections.
CVE-2000-0031 1 Redhat 1 Linux 2025-04-03 N/A
The initscripts package in Red Hat Linux allows local users to gain privileges via a symlink attack.
CVE-2000-0032 1 Sun 2 Solaris, Sunos 2025-04-03 N/A
Solaris dmi_cmd allows local users to crash the dmispd daemon by adding a malformed file to the /var/dmi/db database.
CVE-2000-0033 1 Trend Micro 1 Interscan Viruswall 2025-04-03 N/A
InterScan VirusWall SMTP scanner does not properly scan messages with malformed attachments.
CVE-2000-0045 1 Oracle 1 Mysql 2025-04-03 N/A
MySQL allows local users to modify passwords for arbitrary MySQL users via the GRANT privilege.