Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0906 1 Moreover.com 1 Cached Feed.cgi Script 2025-04-03 N/A
Directory traversal vulnerability in Moreover.com cached_feed.cgi script version 4.July.00 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the category or format parameters.
CVE-2002-0937 1 Macromedia 1 Jrun 2025-04-03 N/A
The Java Server Pages (JSP) engine in JRun allows web page owners to cause a denial of service (engine crash) on the web server via a JSP page that calls WPrinterJob().pageSetup(null,null).
CVE-2002-2153 1 Oracle 1 Application Server 2025-04-03 N/A
Format string vulnerability in the administrative pages of the PL/SQL module for Oracle Application Server 4.0.8 and 4.0.8 2 allows remote attackers to execute arbitrary code.
CVE-2000-0309 1 Openbsd 1 Openbsd 2025-04-03 N/A
The i386 trace-trap handling in OpenBSD 2.4 with DDB enabled allows a local user to cause a denial of service.
CVE-2000-0907 1 Etype 1 Eserv 2025-04-03 N/A
EServ 2.92 Build 2982 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via long HELO and MAIL FROM commands.
CVE-2004-1612 1 Saleslogix Corporation 1 Saleslogix 2025-04-03 N/A
Directory traversal vulnerability in SalesLogix 6.1 allows remote attackers to upload arbitrary files via a .. (dot dot) in a ProcessQueueFile request.
CVE-2002-0940 1 Ncipher 1 Mscapi Csp 2025-04-03 N/A
domesticinstall.exe for nCipher MSCAPI CSP 5.50 and 5.54 does not use Operator Card Set protected keys when the user requests them but does not generate the Operator Card Set, which results in a lower protection level than specified by the user (module protection only).
CVE-2005-2274 1 Microsoft 1 Internet Explorer 2025-04-03 N/A
Microsoft Internet Explorer 6.0 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing Vulnerability."
CVE-2005-1972 1 Interactivephp 1 Fusionbb 2025-04-03 N/A
Multiple SQL injection vulnerabilities in InteractivePHP FusionBB .11 Beta and earlier allow remote attackers to execute arbitrary SQL commands via (1) the username, which is not properly handled by the insertUser function, or (2) the bb_session_id value in a cookie.
CVE-2000-0910 1 Horde 1 Horde 2025-04-03 N/A
Horde library 1.02 allows attackers to execute arbitrary commands via shell metacharacters in the "from" address.
CVE-1999-1044 1 Digital 1 Unix 2025-04-03 N/A
Vulnerability in Advanced File System Utility (advfs) in Digital UNIX 4.0 through 4.0d allows local users to gain privileges.
CVE-1999-1024 1 Lbl 1 Tcpdump 2025-04-03 N/A
ip_print procedure in Tcpdump 3.4a allows remote attackers to cause a denial of service via a packet with a zero length header, which causes an infinite loop and core dump when tcpdump prints the packet.
CVE-2000-0934 1 Redhat 1 Linux 2025-04-03 N/A
Glint in Red Hat Linux 5.2 allows local users to overwrite arbitrary files and cause a denial of service via a symlink attack.
CVE-2002-0961 1 Voxel 1 Cbms 2025-04-03 N/A
Vulnerabilities in Voxel Dot Net CBMS 0.7 and earlier allow remote attackers to conduct unauthorized operations as other users, e.g. by deleting clients via dltclnt.php, possibly in a SQL injection attack.
CVE-2000-0940 1 Metertek 1 Pagelog.cgi 2025-04-03 N/A
Directory traversal vulnerability in Metertek pagelog.cgi allows remote attackers to read arbitrary files via a .. (dot dot) attack on the "name" or "display" parameter.
CVE-2002-0982 1 Microsoft 1 Sql Server 2025-04-03 N/A
Microsoft SQL Server 2000 SP2, when configured as a distributor, allows attackers to execute arbitrary code via the @scriptfile parameter to the sp_MScopyscript stored procedure.
CVE-2000-0953 1 Evolvable Corporation 1 Shambala Server 2025-04-03 N/A
Shambala Server 4.5 allows remote attackers to cause a denial of service by opening then closing a connection.
CVE-2002-2165 1 Imho 1 Imho Webmail 2025-04-03 N/A
The IMHO Webmail module 0.97.3 and earlier for Roxen leaks the REFERER from the browser's previous login session in an error page, which allows local users to read another user's inbox.
CVE-2000-0956 1 Carnegie Mellon University 1 Cyrus-sasl 2025-04-03 N/A
cyrus-sasl before 1.5.24 in Red Hat Linux 7.0 does not properly verify the authorization for a local user, which could allow the users to bypass specified access restrictions.
CVE-2002-2172 1 Shana 2 Informed Designer, Informed Filler 2025-04-03 N/A
Informed (1) Designer and (2) Filler 3.05 does not zero out newly allocated disk blocks as an encrypted file grows in size, which may allow attackers to obtain sensitive information.