Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-1487 1 Ibm 1 Aix 2025-04-03 N/A
Vulnerability in digest in AIX 4.3 allows printq users to gain root privileges by creating and/or modifing any file on the system.
CVE-1999-1558 1 Digital 2 Digital Openvms, Digital Openvms Axp 2025-04-03 N/A
Vulnerability in loginout in Digital OpenVMS 7.1 and earlier allows unauthorized access when external authentication is enabled.
CVE-1999-1580 2 Sendmail, Sun 2 Sendmail, Sunos 2025-04-03 N/A
SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable and passing crafted values to the -oR option.
CVE-2006-3224 1 Apple 1 Safari 2025-04-03 N/A
Apple Safari 2.0.3 (417.9.3) on Mac OS X 10.4.6 allows remote attackers to cause a denial of service (CPU consumption) via Javascript with an infinite for loop. NOTE: it could be argued that this is not a vulnerability, unless it interferes with the operation of the system outside of the scope of Safari itself.
CVE-2003-0935 2 Net-snmp, Redhat 3 Net-snmp, Enterprise Linux, Linux 2025-04-03 N/A
Net-SNMP before 5.0.9 allows a user or community to access data in MIB objects, even if that data is not allowed to be viewed.
CVE-2006-3228 1 Nullsoft 1 Winamp 2025-04-03 N/A
Buffer overflow in in_midi.dll for WinAmp 2.90 up to 5.23, including 5.21, allows remote attackers to execute arbitrary code via a crafted .mid (MIDI) file.
CVE-2006-3168 1 Comscripts 1 Cs-forum 2025-04-03 N/A
SQL injection vulnerability in CS-Forum before 0.82 allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) debut parameters in (a) read.php, and the (3) search and (4) debut parameters in (b) index.php.
CVE-2006-3381 1 Sturgeon Upload 1 Sturgeon Upload 2025-04-03 N/A
SturGeoN Upload allows remote attackers to execute arbitrary PHP code by uploading a file with a .php extension, then directly accessing the file. NOTE: It is uncertain whether this is a vulnerability or a feature of the product.
CVE-2004-1494 1 Kingsoft 1 Xdict 2025-04-03 N/A
Buffer overflow in the Screen Fetch option in XDICT 2002 through 2005 allows remote attackers to cause a denial of service ( CPU consumption or application exit) and possibly execute arbitrary code via a long string.
CVE-2006-3402 1 Virtuastore 1 Virtuastore 2025-04-03 N/A
SQL injection vulnerability in VirtuaStore 2.0 allows remote attackers to execute arbitrary SQL commands via the password parameter when logging in.
CVE-2006-3403 2 Redhat, Samba 2 Enterprise Linux, Samba 2025-04-03 N/A
The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of share connection requests.
CVE-2006-3409 1 Tor 1 Tor 2025-04-03 N/A
Integer overflow in Tor before 0.1.1.20 allows remote attackers to execute arbitrary code via crafted large inputs, which result in a buffer overflow when elements are added to smartlists.
CVE-2006-3412 1 Tor 1 Tor 2025-04-03 N/A
Tor before 0.1.1.20 does not sufficiently obey certain firewall options, which allows remote attackers to bypass intended access restrictions for dirservers, direct connections, or proxy servers.
CVE-2006-3473 1 Drupal 1 Form Mail Module 2025-04-03 N/A
CRLF injection vulnerability in form_mail Drupal Module before 1.8.2.2 allows remote attackers to inject e-mail headers, which facilitates sending spam messages, a different issue than CVE-2006-1225.
CVE-2000-1235 1 Oracle 1 Application Server 2025-04-03 N/A
The default configurations of (1) the port listener and (2) modplsql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allow remote attackers to view privileged database information via HTTP requests for Database Access Descriptor (DAD) files.
CVE-2001-0467 1 Robtex 1 Viking Server 2025-04-03 N/A
Directory traversal vulnerability in RobTex Viking Web server before 1.07-381 allows remote attackers to read arbitrary files via a \... (modified dot dot) in an HTTP URL request.
CVE-2001-0844 1 Seth Leonard 2 Book Of Guests, Post It 2025-04-03 N/A
Vulnerability in (1) Book of guests and (2) Post it! allows remote attackers to execute arbitrary code via shell metacharacters in the email parameter.
CVE-2002-1309 1 Macromedia 1 Coldfusion 2025-04-03 N/A
Heap-based buffer overflow in the error-handling mechanism for the IIS ISAPI handler in Macromedia ColdFusion 6.0 allows remote attackers to execute arbitrary via an HTTP GET request with a long .cfm file name.
CVE-2002-0177 2 Icecast, Redhat 2 Icecast, Powertools 2025-04-03 N/A
Buffer overflows in icecast 1.3.11 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request from an MP3 client.
CVE-2002-0211 1 Tarantella 1 Tarantella Enterprise 2025-04-03 N/A
Race condition in the installation script for Tarantella Enterprise 3 3.01 through 3.20 creates a world-writeable temporary "gunzip" program before executing it, which could allow local users to execute arbitrary commands by modifying the program before it is executed.