Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-1187 1 Netscape 2 Communicator, Navigator 2025-04-03 N/A
Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password value in a form field.
CVE-1999-1289 1 Mirabilis 1 Icq 2025-04-03 N/A
ICQ 98 beta on Windows NT leaks the internal IP address of a client in the TCP data segment of an ICQ packet instead of the public address (e.g. through NAT), which provides remote attackers with potentially sensitive information about the client or the internal network configuration.
CVE-2005-2963 1 Mod Auth Shadow 1 Mod Auth Shadow 2025-04-03 N/A
The mod_auth_shadow module 1.0 through 1.5 and 2.0 for Apache with AuthShadow enabled uses shadow authentication for all locations that use the require group directive, even when other authentication mechanisms are specified, which might allow remote authenticated users to bypass security restrictions.
CVE-1999-1296 1 Mit 1 Kerberos 5 2025-04-03 N/A
Buffer overflow in Kerberos IV compatibility libraries as used in Kerberos V allows local users to gain root privileges via a long line in a kerberos configuration file, which can be specified via the KRB_CONF environmental variable.
CVE-2001-0271 1 Mailnews.cgi 1 Mailnews.cgi 2025-04-03 N/A
mailnews.cgi 1.3 and earlier allows remote attackers to execute arbitrary commands via a user name that contains shell metacharacters.
CVE-1999-1328 1 Redhat 1 Linux 2025-04-03 N/A
linuxconf before 1.11.r11-rh3 on Red Hat Linux 5.1 allows local users to overwrite arbitrary files and gain root access via a symlink attack.
CVE-2000-1238 1 Bea 1 Weblogic Server 2025-04-03 N/A
BEA Systems WebLogic Express and WebLogic Server 5.1 SP1-SP6 allows remote attackers to bypass access controls for restricted JSP or servlet pages via a URL with multiple / (forward slash) characters before the restricted pages.
CVE-2002-1082 1 Visualshapers 1 Ezcontents 2025-04-03 N/A
The Image Upload capability for ezContents 1.40 and earlier allows remote attackers to cause ezContents to perform operations on local files as if they were uploaded.
CVE-2004-1983 2 Gentoo, The Pax Team 2 Linux, Pax Linux 2025-04-03 N/A
The arch_get_unmapped_area function in mmap.c in the PaX patches for Linux kernel 2.6, when Address Space Layout Randomization (ASLR) is enabled, allows local users to cause a denial of service (infinite loop) via unknown attack vectors.
CVE-2005-2996 1 Symantec Veritas 2 Storage Exec, Storagecentral 2025-04-03 N/A
Multiple heap-based and stack-based buffer overflows in certain DCOM server components in VERITAS Storage Exec Storage Exec 5.3 before Hotfix 9 and StorageCentral 5.2 before Hot Fix 2 allow remote attackers to execute arbitrary code via certain ActiveX controls.
CVE-2003-0327 1 Sybase 1 Adaptive Server Enterprise 2025-04-03 N/A
Sybase Adaptive Server Enterprise (ASE) 12.5 allows remote attackers to cause a denial of service (hang) via a remote password array with an invalid length, which triggers a heap-based buffer overflow.
CVE-2000-1239 1 Ibm 1 Tivoli Management Framework 2025-04-03 N/A
The HTTP interface of Tivoli Lightweight Client Framework (LCF) in IBM Tivoli Management Framework 3.7.1 sets http_disable to zero at install time, which allows remote authenticated users to bypass file permissions on Tivoli Endpoint Configuration data files via an unspecified manipulation of log files.
CVE-2002-1083 1 Visualshapers 1 Ezcontents 2025-04-03 N/A
Directory traversal vulnerabilities in ezContents 1.41 and earlier allow remote attackers to cause ezContents to (1) create directories using the Maintain Images:Add New:Create Subdirectory item, or (2) list directories using the Maintain Images file listing, via .. (dot dot) sequences.
CVE-2000-1240 1 Anyportal Php 1 Anyportal Php 2025-04-03 N/A
Unspecified vulnerability in siteman.php3 in AnyPortal(php) before 22 APR 00 allows remote attackers to obtain sensitive information via unknown attack vectors, which reveal the absolute path. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
CVE-2004-1997 2 Kolab, Openpkg 2 Kolab Groupware Server, Openpkg 2025-04-03 N/A
Kolab stores OpenLDAP passwords in plaintext in the slapd.conf file, which may be installed world-readable, which allows local users to gain privileges.
CVE-2005-3004 1 Interakt 1 Mx Shop 2025-04-03 N/A
SQL injection vulnerability in Interakt MX Shop 3.2.0 allows remote attackers to execute arbitrary SQL commands via the (1) idp, (2) id_ctg, or (3) id_prd parameters to the pages module in index.php.
CVE-2000-1244 1 Broadcom 1 Inoculateit Agent For Exchange 2025-04-03 N/A
Computer Associates InoculateIT Agent for Exchange Server does not recognize an e-mail virus attachment if the SMTP header is missing the "From" field, which allows remote attackers to bypass virus protection.
CVE-2005-2178 1 Probe.cgi 1 Probe.cgi 2025-04-03 N/A
probe.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the olddat parameter. NOTE: it is unclear which product or vendor this program is associated with, if any.
CVE-2005-3005 1 Helpdesk Software 1 Hesk 2025-04-03 N/A
Helpdesk Software Hesk allows remote attackers to bypass authentication for (1) admin.php and (2) admin_main.php by modifying the PHPSESSID session ID parameter or cookie.
CVE-1999-1333 1 Redhat 1 Linux 2025-04-03 N/A
automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux 5.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the names of files that are to be downloaded.