Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-2668 1 Interchange Development Group 1 Interchange 2025-04-03 N/A
SQL injection vulnerability in Interchange before 4.8.9 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2001-0809 1 Hp 1 Hp-ux 2025-04-03 N/A
Vulnerability in CIFS/9000 Server (SAMBA) A.01.06 and earlier in HP-UX 11.0 and 11.11, when configured as a print server, allows local users to overwrite arbitrary files by modifying certain resources.
CVE-2001-0837 1 Deltathree 1 Pc-to-phone 2025-04-03 N/A
DeltaThree Pc-To-Phone 3.0.3 places sensitive data in world-readable locations in the installation directory, which allows local users to read the information in (1) temp.html, (2) the log folder, and (3) the PhoneBook folder.
CVE-2001-0838 1 Network Solutions 1 Rwhoisd 2025-04-03 N/A
Format string vulnerability in Network Solutions Rwhoisd 1.5.x allows remote attackers to execute arbitrary code via format string specifiers in the -soa command.
CVE-2001-0848 1 E-zone Media 1 Fuse Talk 2025-04-03 N/A
join.cfm in e-Zone Media Fuse Talk allows a local user to execute arbitrary SQL code via a semi-colon (;) in a form variable.
CVE-2005-2308 1 Microsoft 1 Ie 2025-04-03 N/A
The JPEG decoder in Microsoft Internet Explorer allows remote attackers to cause a denial of service (CPU consumption or crash) and possibly execute arbitrary code via certain crafted JPEG images, as demonstrated using (1) mov_fencepost.jpg, (2) cmp_fencepost.jpg, (3) oom_dos.jpg, or (4) random.jpg.
CVE-2001-0853 1 Entrust 1 Getaccess 2025-04-03 N/A
Directory traversal vulnerability in Entrust GetAccess allows remote attackers to read arbitrary files via a .. (dot dot) in the locale parameter to (1) helpwin.gas.bat or (2) AboutBox.gas.bat.
CVE-2000-0085 1 Microsoft 1 Hotmail 2025-04-03 N/A
Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute code via the LOWSRC or DYNRC parameters in the IMG tag.
CVE-2005-4817 1 Tmsnc 1 Tmsnc 2025-04-03 N/A
Format string vulnerability in ui.c in Textbased MSN Client (TMSNC) before 0.2.5 allows attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors that cause format strings to be injected into the wprintw function.
CVE-2005-4819 1 Ibm 1 Lotus Domino 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in Lotus Domino versions before 6.5.4 fix pack 1 (FP1) and versions before 7.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2005-3333 1 Ebase 1 Ebaseweb 2025-04-03 N/A
SQL injection vulnerability in eBASEweb 3.0 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors.
CVE-2000-0092 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2025-04-03 N/A
The BSD make program allows local users to modify files via a symlink attack when the -j option is being used.
CVE-2001-0386 1 Analogx 1 Simpleserver Www 2025-04-03 N/A
AnalogX SimpleServer:WWW 1.08 allows remote attackers to cause a denial of service via an HTTP request to the /aux directory.
CVE-2000-0093 1 Redhat 1 Linux 2025-04-03 N/A
An installation of Red Hat uses DES password encryption with crypt() for the initial password, instead of md5.
CVE-2001-0854 1 Francisco Burzi 1 Php-nuke 2025-04-03 N/A
PHP-Nuke 5.2 allows remote attackers to copy and delete arbitrary files by calling case.filemanager.php with admin.php as an argument, which sets the $PHP_SELF variable and makes it appear that case.filemanager.php is being called by admin.php instead of the user.
CVE-2001-0856 1 Ibm 1 4758 2025-04-03 N/A
Common Cryptographic Architecture (CCA) in IBM 4758 allows an attacker with physical access to the system and Combine_Key_Parts permissions, to steal DES and 3DES keys by using a brute force attack to create a 3DES exporter key.
CVE-2001-0871 2 Alchemy Lab, Dek Software 2 Alchemy Eye, Alchemy Network Monitor 2025-04-03 N/A
Directory traversal vulnerability in HTTP server for Alchemy Eye and Alchemy Network Monitor allows remote attackers to execute arbitrary commands via an HTTP request containing (1) a .. in versions 2.0 through 2.6.18, or (2) a DOS device name followed by a .. in versions 2.6.19 through 3.0.10.
CVE-2000-0095 1 Hp 1 Hp-ux 2025-04-03 N/A
The PMTU discovery procedure used by HP-UX 10.30 and 11.00 for determining the optimum MTU generates large amounts of traffic in response to small packets, allowing remote attackers to cause the system to be used as a packet amplifier.
CVE-2002-1042 2 Netscape, Sun 4 Enterprise Server, Iplanet Web Server, One Application Server and 1 more 2025-04-03 N/A
Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the NS-query-pat parameter.
CVE-2005-0161 1 E-merge 1 Unace 2025-04-03 N/A
Multiple directory traversal vulnerabilities in unace 1.2b allow attackers to overwrite arbitrary files via an ACE archive containing (1) ../ sequences or (2) absolute pathnames.