Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-4988 1 Patrick Michaelis 1 Wili-cms 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Patrick Michaelis Wili-CMS allow remote attackers to inject arbitrary web script or HTML via (1) the query string to relocate.php, (2) the globals[pageid] parameter in example-view/inc/print_button.php, and other unspecified vectors.
CVE-2005-1765 1 Linux 1 Linux Kernel 2025-04-03 N/A
syscall in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 platform, when running in 32-bit compatibility mode, allows local users to cause a denial of service (kernel hang) via crafted arguments.
CVE-2006-4218 1 Zen Cart 1 Zen Cart 2025-04-03 N/A
Directory traversal vulnerability in Zen Cart 1.3.0.2 and earlier allows remote attackers to include and possibly execute arbitrary local files via directory traversal sequences in the typefilter parameter.
CVE-2000-0999 1 Openbsd 1 Openssh 2025-04-03 N/A
Format string vulnerabilities in OpenBSD ssh program (and possibly other BSD-based operating systems) allow attackers to gain root privileges.
CVE-2000-1079 1 Microsoft 4 Windows 2000, Windows 95, Windows 98 and 1 more 2025-04-03 N/A
Interactions between the CIFS Browser Protocol and NetBIOS as implemented in Microsoft Windows 95, 98, NT, and 2000 allow remote attackers to modify dynamic NetBIOS name cache entries via a spoofed Browse Frame Request in a unicast or UDP broadcast datagram.
CVE-2000-1111 1 Microsoft 1 Windows 2000 2025-04-03 N/A
Telnet Service for Windows 2000 Professional does not properly terminate incomplete connection attempts, which allows remote attackers to cause a denial of service by connecting to the server and not providing any input.
CVE-2001-0014 1 Microsoft 1 Windows 2000 2025-04-03 N/A
Remote Data Protocol (RDP) in Windows 2000 Terminal Service does not properly handle certain malformed packets, which allows remote attackers to cause a denial of service, aka the "Invalid RDP Data" vulnerability.
CVE-2001-0015 1 Microsoft 1 Windows 2000 2025-04-03 N/A
Network Dynamic Data Exchange (DDE) in Windows 2000 allows local users to gain SYSTEM privileges via a "WM_COPYDATA" message to an invisible window that is running with the privileges of the WINLOGON process.
CVE-2001-0238 1 Microsoft 6 Windows 2000, Windows 95, Windows 98 and 3 more 2025-04-03 N/A
Microsoft Data Access Component Internet Publishing Provider 8.103.2519.0 and earlier allows remote attackers to bypass Security Zone restrictions via WebDAV requests.
CVE-2001-0349 1 Microsoft 1 Windows 2000 2025-04-03 N/A
Microsoft Windows 2000 telnet service creates named pipes with predictable names and does not properly verify them, which allows local users to execute arbitrary commands by creating a named pipe with the predictable name and associating a malicious program with it, the first of two variants of this vulnerability.
CVE-2001-1552 1 Microsoft 1 Windows Me 2025-04-03 N/A
ssdpsrv.exe in Windows ME allows remote attackers to cause a denial of service by sending multiple newlines in a Simple Service Discovery Protocol (SSDP) message. NOTE: multiple replies to the original post state that the problem could not be reproduced.
CVE-2001-0653 2 Redhat, Sendmail 2 Linux, Sendmail 2025-04-03 N/A
Sendmail 8.10.0 through 8.11.5, and 8.12.0 beta, allows local users to modify process memory and possibly gain privileges via a large value in the 'category' part of debugger (-d) command line arguments, which is interpreted as a negative number.
CVE-2001-0690 4 Conectiva, Debian, Redhat and 1 more 5 Linux, Debian Linux, Linux and 2 more 2025-04-03 N/A
Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers.
CVE-2001-0715 1 Sendmail 1 Sendmail 2025-04-03 N/A
Sendmail before 8.12.1, without the RestrictQueueRun option enabled, allows local users to obtain potentially sensitive information about the mail queue by setting debugging flags to enable debug mode.
CVE-2001-0729 1 Apache 1 Http Server 2025-04-03 N/A
Apache 1.3.20 on Windows servers allows remote attackers to bypass the default index page and list directory contents via a URL with a large number of / (slash) characters.
CVE-2001-0902 1 Microsoft 1 Internet Information Services 2025-04-03 N/A
Microsoft IIS 5.0 allows remote attackers to spoof web log entries via an HTTP request that includes hex-encoded newline or form-feed characters.
CVE-2001-1186 1 Microsoft 1 Internet Information Services 2025-04-03 N/A
Microsoft IIS 5.0 allows remote attackers to cause a denial of service via an HTTP request with a content-length value that is larger than the size of the request, which prevents IIS from timing out the connection.
CVE-2005-3400 1 Fortinet 1 Fortinet 2025-04-03 N/A
Multiple interpretation error in Fortinet 2.48.0.0 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug."
CVE-2003-1260 1 Globalscape 1 Cuteftp 2025-04-03 N/A
Buffer overflow in CuteFTP 5.0 allows remote attackers to execute arbitrary code via a long response to a LIST command.
CVE-2003-0861 1 Php 1 Php 2025-04-03 N/A
Integer overflows in (1) base64_encode and (2) the GD library for PHP before 4.3.3 have unknown impact and unknown attack vectors.