Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0410 1 Sun 1 Sunos 2025-04-03 N/A
The cancel command in Solaris 2.6 (i386) has a buffer overflow that allows local users to obtain root access.
CVE-1999-0411 1 Sco 1 Openserver 2025-04-03 N/A
Several startup scripts in SCO OpenServer Enterprise System v 5.0.4p, including S84rpcinit, S95nis, S85tcp, and S89nfs, are vulnerable to a symlink attack, allowing a local user to gain root access.
CVE-2001-0332 1 Microsoft 1 Internet Explorer 2025-04-03 N/A
Internet Explorer 5.5 and earlier does not properly verify the domain of a frame within a browser window, which allows remote web site operators to read certain files on the client by sending information from a local frame to a frame in a different domain using MSScriptControl.ScriptControl and GetObject, aka a variant of the "Frame Domain Verification" vulnerability.
CVE-2000-0215 1 Sco 1 Unixware 2025-04-03 N/A
Vulnerability in SCO cu program in UnixWare 7.x allows local users to gain privileges.
CVE-2002-0784 1 Lysias 1 Lidik Webserver 2025-04-03 N/A
Directory traversal vulnerability in Lysias Lidik web server 0.7b allows remote attackers to list directories via an HTTP request with a ... (modified dot dot).
CVE-1999-0420 1 Netbsd 1 Umapfs 2025-04-03 N/A
umapfs allows local users to gain root privileges by changing their uid through a malicious mount_umap program.
CVE-1999-0421 1 Slackware 1 Slackware Linux 2025-04-03 N/A
During a reboot after an installation of Linux Slackware 3.6, a remote attacker can obtain root access by logging in to the root account without a password.
CVE-2002-0795 1 Freebsd 1 Freebsd 2025-04-03 N/A
The rc system startup script for FreeBSD 4 through 4.5 allows local users to delete arbitrary files via a symlink attack on X Windows lock files.
CVE-2002-1989 1 Caucho Technology 1 Resin 2025-04-03 N/A
Resin 2.1.1 allows remote attackers to cause a denial of service (thread and connection consumption) via multiple URL requests containing the DOS 'CON' device name and a registered file extension such as .jsp or .xtp.
CVE-2003-0565 2025-04-03 N/A
Multiple vulnerabilities in multiple vendor implementations of the X.400 protocol allow remote attackers to cause a denial of service and possibly execute arbitrary code via an X.400 message containing certain unexpected ASN.1 constructs, as demonstrated using the NISSC test suite.
CVE-2002-0796 1 Sun 2 Solaris, Sunos 2025-04-03 N/A
Format string vulnerability in the logging component of snmpdx for Solaris 5.6 through 8 allows remote attackers to gain root privileges.
CVE-2000-0297 1 Allaire 1 Forums 2025-04-03 N/A
Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables.
CVE-2002-2001 2 Jmcce, Mandrakesoft 2 Jmcce, Mandrake Linux 2025-04-03 N/A
jmcce 1.3.8 in Mandrake 8.1 creates log files in /tmp with predictable names, which allows local users to overwrite arbitrary files via a symlink attack.
CVE-1999-0527 2025-04-03 N/A
The permissions for system-critical data in an anonymous FTP account are inappropriate. For example, the root directory is writeable by world, a real password file is obtainable, or executable commands such as "ls" can be overwritten.
CVE-2000-0299 1 Apple 1 Webobjects 2025-04-03 N/A
Buffer overflow in WebObjects.exe in the WebObjects Developer 4.5 package allows remote attackers to cause a denial of service via an HTTP request with long headers such as Accept.
CVE-2002-2013 2 Mozilla, Netscape 3 Mozilla, Communicator, Navigator 2025-04-03 N/A
Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.
CVE-2000-0301 1 Ipswitch 1 Imail 2025-04-03 N/A
Ipswitch IMAIL server 6.02 and earlier allows remote attackers to cause a denial of service via the AUTH CRAM-MD5 command.
CVE-1999-0533 2025-04-03 N/A
A DNS server allows inverse queries.
CVE-1999-0534 1 Microsoft 2 Windows 2000, Windows Nt 2025-04-03 N/A
A Windows NT user has inappropriate rights or privileges, e.g. Act as System, Add Workstation, Backup, Change System Time, Create Pagefile, Create Permanent Object, Create Token Name, Debug, Generate Security Audit, Increase Priority, Increase Quota, Load Driver, Lock Memory, Profile Single Process, Remote Shutdown, Replace Process Token, Restore, System Environment, Take Ownership, or Unsolicited Input.
CVE-2000-0307 1 Sco 3 Open Desktop, Openserver, Unixware 2025-04-03 N/A
Vulnerability in xserver in SCO UnixWare 2.1.x and OpenServer 5.05 and earlier allows an attacker to cause a denial of service which prevents access to reserved port numbers below 1024.