Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0420 1 Microsoft 2 Ie, Internet Explorer 2025-04-03 N/A
The Windows Shell application in Windows 98, Windows ME, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by spoofing the type of a file via a CLSID specifier in the filename, as demonstrated using Internet Explorer 6.0.2800.1106 on Windows XP.
CVE-1999-1443 1 Micah Software 1 Full Armor 2025-04-03 N/A
Micah Software Full Armor Network Configurator and Zero Administration allow local users with physical access to bypass the desktop protection by (1) using <CTRL><ALT><DEL> and kill the process using the task manager, (2) booting the system from a separate disk, or (3) interrupting certain processes that execute while the system is booting.
CVE-2005-0149 2 Mozilla, Redhat 3 Mozilla, Thunderbird, Enterprise Linux 2025-04-03 N/A
Thunderbird 0.6 through 0.9 and Mozilla 1.7 through 1.7.3 does not obey the network.cookie.disableCookieForMailNews preference, which could allow remote attackers to bypass the user's intended privacy and security policy by using cookies in e-mail messages.
CVE-2005-1614 1 Ultimate Php Board 1 Ultimate Php Board 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 allows remote attackers to inject arbitrary web script or HTML via the postorder parameter.
CVE-1999-0206 1 Eric Allman 1 Sendmail 2025-04-03 N/A
MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access.
CVE-2002-0662 2 Dan Mueth, Redhat 2 Scrollkeeper, Linux 2025-04-03 N/A
scrollkeeper-get-cl in ScrollKeeper 0.3 to 0.3.11 allows local users to create and overwrite files via a symlink attack on the scrollkeeper-tempfile.x temporary files.
CVE-2003-0298 1 Mozilla 1 Mozilla 2025-04-03 N/A
The IMAP Client for Mozilla 1.3 and 1.4a allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large (1) literal and possibly (2) mailbox size values that cause either integer signedness errors or integer overflow errors.
CVE-2006-3963 1 Banex 1 Banex 2025-04-03 N/A
Multiple SQL injection vulnerabilities in Banex PHP MySQL Banner Exchange 2.21 allow remote attackers to execute arbitrary SQL commands via the (1) site_name parameter to (a) signup.php, and the (2) id, (3) deleteuserbanner, (4) viewmem, (5) viewmemunb, (6) viewunmem,or (7) deleteuser parameters to (b) admin.php.
CVE-2002-0293 1 Alcatel-lucent 1 Omnipcx 2025-04-03 N/A
FTP service in Alcatel OmniPCX 4400 allows the "halt" user to gain root privileges by modifying root's .profile file.
CVE-1999-0207 1 Great Circle Associates 1 Majordomo 2025-04-03 N/A
Remote attacker can execute commands through Majordomo using the Reply-To field and a "lists" command.
CVE-2001-0352 2 3com, Symbol 2 3crwe747a, 41x1 Access Point 2025-04-03 N/A
SNMP agents in 3Com AirConnect AP-4111 and Symbol 41X1 Access Point allow remote attackers to obtain the WEP encryption key by reading it from a MIB when the value should be write-only, via (1) dot11WEPDefaultKeyValue in the dot11WEPDefaultKeysTable of the IEEE 802.11b MIB, or (2) ap128bWepKeyValue in the ap128bWEPKeyTable in the Symbol MIB.
CVE-1999-1525 1 Macromedia 1 Shockwave Flash Plugin 2025-04-03 N/A
Macromedia Shockwave before 6.0 allows a malicious webmaster to read a user's mail box and possibly access internal web servers via the GetNextText command on a Shockwave movie.
CVE-1999-1458 1 Digital 1 Unix 2025-04-03 N/A
Buffer overflow in at program in Digital UNIX 4.0 allows local users to gain root privileges via a long command line argument.
CVE-1999-1463 1 Microsoft 1 Windows Nt 2025-04-03 N/A
Windows NT 4.0 before SP3 allows remote attackers to bypass firewall restrictions or cause a denial of service (crash) by sending improperly fragmented IP packets without the first fragment, which the TCP/IP stack incorrectly reassembles into a valid session.
CVE-1999-0241 3 Sgi, Sun, Xfree86 Project 4 Irix, Solaris, Sunos and 1 more 2025-04-03 N/A
Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm.
CVE-1999-0244 1 Livingston 1 Radius 2025-04-03 N/A
Livingston RADIUS code has a buffer overflow which can allow remote execution of commands as root.
CVE-1999-0248 1 Ssh 1 Ssh 2025-04-03 N/A
A race condition in the authentication agent mechanism of sshd 1.2.17 allows an attacker to steal another user's credentials.
CVE-1999-0250 1 Dan Bernstein 1 Qmail 2025-04-03 N/A
Denial of service in Qmail through long SMTP commands.
CVE-1999-1485 1 Sgi 1 Irix 2025-04-03 N/A
nsd in IRIX 6.5 through 6.5.2 exports a virtual filesystem on a UDP port, which allows remote attackers to view files and cause a possible denial of service by mounting the nsd virtual file system.
CVE-1999-1495 1 Suse 1 Suse Linux 2025-04-03 N/A
xtvscreen in SuSE Linux 6.0 allows local users to overwrite arbitrary files via a symlink attack on the pic000.pnm file.