Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0306 1 Microsoft 1 Windows Xp 2025-04-03 N/A
Buffer overflow in EXPLORER.EXE on Windows XP allows attackers to execute arbitrary code as the XP user via a desktop.ini file with a long .ShellClassInfo parameter.
CVE-2000-1170 1 Pelesoft 1 Netsnap 2025-04-03 N/A
Buffer overflow in Netsnap webcam HTTP server before 1.2.9 allows remote attackers to execute arbitrary commands via a long GET request.
CVE-2002-1031 1 Key Focus 1 Kf Web Server 2025-04-03 N/A
KeyFocus (KF) web server 1.0.2 allows remote attackers to list directories and read restricted files via an HTTP request containing a %00 (null) character.
CVE-2003-0307 1 Poster 1 Poster 2025-04-03 N/A
Poster version.two allows remote authenticated users to gain administrative privileges by appending the "|" field separator and an "admin" value into the email address field.
CVE-1999-1273 1 National Science Foundation 1 Squid Web Proxy 2025-04-03 N/A
Squid Internet Object Cache 1.1.20 allows users to bypass access control lists (ACLs) by encoding the URL with hexadecimal escape sequences.
CVE-2001-0228 1 Goahead Software 1 Goahead Webserver 2025-04-03 N/A
Directory traversal vulnerability in GoAhead web server 2.1 and earlier allows remote attackers to read arbitrary files via a .. attack in an HTTP GET request.
CVE-1999-1274 1 Ipass 1 Roamserver 2025-04-03 N/A
iPass RoamServer 3.1 creates temporary files with world-writable permissions.
CVE-2001-0360 1 Ikonboard.com 1 Ikonboard 2025-04-03 N/A
Directory traversal vulnerability in help.cgi in Ikonboard 2.1.7b and earlier allows a remote attacker to read arbitrary files via a .. (dot dot) attack in the helpon parameter.
CVE-2001-0233 3 Debian, Matthew Smith, Redhat 4 Debian Linux, Micq, Linux and 1 more 2025-04-03 N/A
Buffer overflow in micq client 0.4.6 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long Description field.
CVE-2000-1173 1 Microsys 1 Cyberpatrol 2025-04-03 N/A
Microsys CyberPatrol uses weak encryption (trivial encoding) for credit card numbers and uses no encryption for the remainder of the information during registration, which could allow attackers to sniff network traffic and obtain this sensitive information.
CVE-2000-1176 1 Yabb 1 Yabb 2025-04-03 N/A
Directory traversal vulnerability in YaBB search.pl CGI script allows remote attackers to read arbitrary files via a .. (dot dot) attack in the "catsearch" form field.
CVE-1999-1276 2 Debian, Linux 2 Debian Linux, Linux Kernel 2025-04-03 N/A
fte-console in the fte package before 0.46b-4.1 does not drop root privileges, which allows local users to gain root access via the virtual console device.
CVE-2005-0737 1 Yahoo 1 Messenger 2025-04-03 N/A
Buffer overflow in Yahoo! Messenger allows remote attackers to execute arbitrary code via the offline mode.
CVE-2005-1327 1 Woltlab 1 Burning Board 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in pms.php for Woltlab Burning Board 2.3.1 PL2 and earlier allows remote attackers to inject arbitrary web script or HTML via the folderid parameter.
CVE-2006-4084 1 David Walker 1 Phpautomembersarea 2025-04-03 N/A
Unspecified vulnerability in phpAutoMembersArea (phpAMA) before 3.2.4 has unknown impact and attack vectors, related to "a potential security exploit which is critical."
CVE-1999-1277 1 Backweb Technologies 1 Backweb Client 2025-04-03 N/A
BackWeb client stores the username and password in cleartext for proxy authentication in the Communication registry key, which could allow other local users to gain privileges by reading the password.
CVE-2000-1179 1 Netopia 1 650-st Isdn Router 2025-04-03 N/A
Netopia ISDN Router 650-ST before 4.3.5 allows remote attackers to read system logs without authentication by directly connecting to the login screen and typing certain control characters.
CVE-2002-1033 1 Sun 1 I-runbook 2025-04-03 N/A
Directory traversal vulnerability in none.php for SunPS iRunbook 2.5.2 allows remote attackers to read arbitrary files via a "..:" sequence (dot-dot variant) in the argument.
CVE-1999-1285 1 Linux 1 Linux Kernel 2025-04-03 N/A
Linux 2.1.132 and earlier allows local users to cause a denial of service (resource exhaustion) by reading a large buffer from a random device (e.g. /dev/urandom), which cannot be interrupted until the read has completed.
CVE-2004-1892 1 Emule 1 Emule 2025-04-03 N/A
Stack-based buffer overflow in DecodeBase16 function, as used in the (1) IRC module and (2) web server in eMule 0.42d, allows remote attackers to execute arbitrary code via a long string.