Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0529 1 Network Associates 1 Net Tools Pki Server 2025-04-03 N/A
Net Tools PKI Server allows remote attackers to cause a denial of service via a long HTTP request.
CVE-2000-0531 2 Caldera, Redhat 3 Openlinux, Openlinux Eserver, Linux 2025-04-03 N/A
Linux gpm program allows local users to cause a denial of service by flooding the /dev/gpmctl device with STREAM sockets.
CVE-2000-0532 1 Freebsd 1 Freebsd 2025-04-03 N/A
A FreeBSD patch for SSH on 2000-01-14 configures ssh to listen on port 722 as well as port 22, which might allow remote attackers to access SSH through port 722 even if port 22 is otherwise filtered.
CVE-2006-2172 1 Gene6 1 G6 Ftp Server 2025-04-03 N/A
Buffer overflow in Gene6 FTP Server 3.1.0 allows remote authenticated attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long argument to (1) MKD or (2) XMKD, as demonstrated by the Infigo FTPStress Fuzzer.
CVE-2002-0038 1 Sgi 1 Irix 2025-04-03 N/A
Vulnerability in the cache-limiting function of the unified name service daemon (nsd) in IRIX 6.5.4 through 6.5.11 allows remote attackers to cause a denial of service by forcing the cache to fill the disk.
CVE-2002-0041 1 Sgi 1 Irix 2025-04-03 N/A
Unknown vulnerability in Mail for SGI IRIX 6.5 through 6.5.15f, and possibly earlier versions, when running with the -R option, allows local and remote attackers to cause a core dump.
CVE-2002-1664 1 Yahoo 1 Messenger 2025-04-03 N/A
Yahoo! Messenger before February 2002 allows remote attackers to add arbitrary users to another user's buddy list and possibly obtain sensitive information.
CVE-2000-0596 1 Microsoft 1 Internet Explorer 2025-04-03 N/A
Internet Explorer 5.x does not warn a user before opening a Microsoft Access database file that is referenced within ActiveX OBJECT tags in an HTML document, which could allow remote attackers to execute arbitrary commands, aka the "IE Script" vulnerability.
CVE-2004-2187 1 Mediawiki 1 Mediawiki 2025-04-03 N/A
Unknown vulnerability in ImagePage for MediaWiki 1.3.5, related to "filename validation," has unknown impact and attack vectors.
CVE-2000-0597 1 Microsoft 2 Excel, Powerpoint 2025-04-03 N/A
Microsoft Office 2000 (Excel and PowerPoint) and PowerPoint 97 are marked as safe for scripting, which allows remote attackers to force Internet Explorer or some email clients to save files to arbitrary locations via the Visual Basic for Applications (VBA) SaveAs function, aka the "Office HTML Script" vulnerability.
CVE-2002-0114 1 Emc 1 Networker 2025-04-03 N/A
EMC NetWorker (formerly Legato NetWorker) before 7.0 stores passwords in plaintext in the daemon.log file, which allows local users to gain privileges by reading the password from the file. NOTE: this was originally reported for Legato NetWorker 6.1 on the Solaris 7 platform.
CVE-2006-2295 1 Timobraun 1 Dynamic Galerie 2025-04-03 N/A
Directory traversal vulnerability in Dynamic Galerie 1.0 allows remote attackers to access arbitrary files via an absolute path in the pfad parameter to (1) index.php and (2) galerie.php.
CVE-2003-0066 2 Redhat, Rxvt 3 Enterprise Linux, Linux, Rxvt 2025-04-03 N/A
The rxvt terminal emulator 2.7.8 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.
CVE-2002-0122 1 Siemens 1 3568i Wap 2025-04-03 N/A
Siemens 3568i WAP mobile phones allows remote attackers to cause a denial of service (crash) via an SMS message containing unusual characters.
CVE-2002-1702 1 Deltascripts 1 Php Classifieds 2025-04-03 N/A
Cross-site scripting vulnerability (XSS) in DeltaScripts PHP Classifieds 6.0.5 allows remote attackers to execute arbitrary script as other users via the URL parameter.
CVE-2003-0072 2 Mit, Redhat 4 Kerberos, Kerberos 5, Enterprise Linux and 1 more 2025-04-03 N/A
The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes an out-of-bounds read of an array (aka "array overrun").
CVE-2002-0067 2 Redhat, Squid 2 Linux, Squid 2025-04-03 N/A
Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even when "htcp_port 0" is specified in squid.conf, which could allow remote attackers to bypass intended access restrictions.
CVE-2004-2234 1 Moodle 1 Moodle 2025-04-03 N/A
Unknown vulnerability in Moodle before 1.2 allows teachers to log in as administrators.
CVE-2002-0135 1 Netopia 1 Timbuktu Pro 2025-04-03 N/A
Netopia Timbuktu Pro 6.0.1 and earlier allows remote attackers to cause a denial of service (crash) via a series of connections to one of the ports (1417 - 1420).
CVE-2002-1703 1 Mewsoft 1 Netauction 2025-04-03 N/A
Cross-site scripting vulnerability (XSS) in auction.cgi for Mewsoft NetAuction 3.0 allows remote attackers to execute arbitrary script as other users via the Term parameter.