Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1552 1 Novell 1 Edirectory 2025-04-03 N/A
Novell eDirectory (eDir) 8.6.2 and Netware 5.1 eDir 85.x allows users with expired passwords to gain inappropriate permissions when logging in from Remote Manager.
CVE-2004-1656 1 Comersus Open Technologies 1 Comersus Cart 2025-04-03 N/A
CRLF injection vulnerability in Comersus Shopping Cart 5.0991 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the redirecturl parameter.
CVE-2005-3326 1 Mybulletinboard 1 Mybulletinboard 2025-04-03 N/A
SQL injection vulnerability in usercp.php in MyBulletinBoard (MyBB) allows remote attackers to execute arbitrary SQL commands via the awayday parameter.
CVE-2005-3327 1 Network Appliance 1 Data Ontap 2025-04-03 N/A
Network Appliance Data ONTAP 7.0 and earlier allows iSCSI Initiators to bypass iSCSI authentication via a modified client that skips the Security (Start) mode, as required by the Login Negotiation protocol, and uses Operational mode without proving identity.
CVE-2001-0794 1 A-ftp 1 Anonymous Ftp Server 2025-04-03 N/A
Buffer overflow in A-FTP Anonymous FTP Server allows remote attackers to cause a denial of service via a long USER command.
CVE-2000-0081 1 Microsoft 1 Hotmail 2025-04-03 N/A
Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute the code by using hexadecimal codes to specify the javascript: protocol, e.g. jAvascript.
CVE-2004-2668 1 Interchange Development Group 1 Interchange 2025-04-03 N/A
SQL injection vulnerability in Interchange before 4.8.9 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2001-0809 1 Hp 1 Hp-ux 2025-04-03 N/A
Vulnerability in CIFS/9000 Server (SAMBA) A.01.06 and earlier in HP-UX 11.0 and 11.11, when configured as a print server, allows local users to overwrite arbitrary files by modifying certain resources.
CVE-2001-0837 1 Deltathree 1 Pc-to-phone 2025-04-03 N/A
DeltaThree Pc-To-Phone 3.0.3 places sensitive data in world-readable locations in the installation directory, which allows local users to read the information in (1) temp.html, (2) the log folder, and (3) the PhoneBook folder.
CVE-2001-0838 1 Network Solutions 1 Rwhoisd 2025-04-03 N/A
Format string vulnerability in Network Solutions Rwhoisd 1.5.x allows remote attackers to execute arbitrary code via format string specifiers in the -soa command.
CVE-2001-0848 1 E-zone Media 1 Fuse Talk 2025-04-03 N/A
join.cfm in e-Zone Media Fuse Talk allows a local user to execute arbitrary SQL code via a semi-colon (;) in a form variable.
CVE-2005-2308 1 Microsoft 1 Ie 2025-04-03 N/A
The JPEG decoder in Microsoft Internet Explorer allows remote attackers to cause a denial of service (CPU consumption or crash) and possibly execute arbitrary code via certain crafted JPEG images, as demonstrated using (1) mov_fencepost.jpg, (2) cmp_fencepost.jpg, (3) oom_dos.jpg, or (4) random.jpg.
CVE-2001-0853 1 Entrust 1 Getaccess 2025-04-03 N/A
Directory traversal vulnerability in Entrust GetAccess allows remote attackers to read arbitrary files via a .. (dot dot) in the locale parameter to (1) helpwin.gas.bat or (2) AboutBox.gas.bat.
CVE-2000-0085 1 Microsoft 1 Hotmail 2025-04-03 N/A
Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute code via the LOWSRC or DYNRC parameters in the IMG tag.
CVE-2005-4817 1 Tmsnc 1 Tmsnc 2025-04-03 N/A
Format string vulnerability in ui.c in Textbased MSN Client (TMSNC) before 0.2.5 allows attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors that cause format strings to be injected into the wprintw function.
CVE-2005-4819 1 Ibm 1 Lotus Domino 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in Lotus Domino versions before 6.5.4 fix pack 1 (FP1) and versions before 7.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2005-3333 1 Ebase 1 Ebaseweb 2025-04-03 N/A
SQL injection vulnerability in eBASEweb 3.0 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors.
CVE-2000-0092 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2025-04-03 N/A
The BSD make program allows local users to modify files via a symlink attack when the -j option is being used.
CVE-2001-0386 1 Analogx 1 Simpleserver Www 2025-04-03 N/A
AnalogX SimpleServer:WWW 1.08 allows remote attackers to cause a denial of service via an HTTP request to the /aux directory.
CVE-2000-0093 1 Redhat 1 Linux 2025-04-03 N/A
An installation of Red Hat uses DES password encryption with crypt() for the initial password, instead of md5.