Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0703 1 Larry Wall 1 Perl 2025-04-03 N/A
suidperl (aka sperl) does not properly cleanse the escape sequence "~!" before calling /bin/mail to send an error report, which allows local users to gain privileges by setting the "interactive" environmental variable and calling suidperl with a filename that contains the escape sequence.
CVE-2000-0789 1 Bardon Data Systems 1 Winu 2025-04-03 N/A
WinU 5.x and earlier uses weak encryption to store its configuration password, which allows local users to decrypt the password and gain privileges.
CVE-2005-0340 1 Apple 1 Afp Server 2025-04-03 N/A
Integer signedness error in Apple File Service (AFP Server) allows remote attackers to cause a denial of service (application crash) via a negative UAM string length in a FPLoginExt packet.
CVE-2006-0302 1 Zyxel 1 P2000w Version 2 Voip Wifi Phone 2025-04-03 N/A
ZyXel P2000W VoIP 802.11b Wireless Phone running firmware WV.00.02 allows remote attackers to obtain sensitive information, such as MAC address and software version, by directly accessing UDP port 9090.
CVE-1999-0246 1 Hp 1 Hp-ux 2025-04-03 N/A
HP Remote Watch allows a remote user to gain root access.
CVE-2000-0836 1 Broadgun Software 1 Camshot Webcam 2025-04-03 N/A
Buffer overflow in CamShot WebCam Trial2.6 allows remote attackers to execute arbitrary commands via a long Authorization header.
CVE-2002-0302 1 Symantec 1 Enterprise Firewall 2025-04-03 N/A
The Notify daemon for Symantec Enterprise Firewall (SEF) 6.5.x drops large alerts when SNMP is used as the transport, which could prevent some alerts from being sent in the event of an attack.
CVE-2002-1791 1 Sgi 1 Irix 2025-04-03 N/A
SGI IRIX 6.5 through 6.5.17 creates temporary desktop files with world-writable permissions, which allows local users to overwrite or corrupt those files.
CVE-2000-0837 1 Deerfield 1 Ftp Serv-u 2025-04-03 N/A
FTP Serv-U 2.5e allows remote attackers to cause a denial of service by sending a large number of null bytes.
CVE-2002-1732 1 Actinic 1 Actinic Catalog 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Actinic Catalog 4.7.0 allow remote attackers to inject arbitrary web script or HTML via (1) the query string argument to certain .pl files, (2) the REFPAGE parameter to ca000007.pl, (3) PRODREF parameter to ss000007.pl, or (4) hop parameter to ca000001.pl.
CVE-2002-0304 1 Summit Computer Networks 1 Lil Http Server 2025-04-03 N/A
Lil HTTP Server 2.1 allows remote attackers to read password-protected files via a /./ in the HTTP request.
CVE-1999-0249 1 Microsoft 2 Windows 2000, Windows Nt 2025-04-03 N/A
Windows NT RSHSVC program allows remote users to execute arbitrary commands.
CVE-1999-0261 2025-04-03 N/A
Netmanager Chameleon SMTPd has several buffer overflows that cause a crash.
CVE-2002-1797 1 Hp 1 Chaivm 2025-04-03 N/A
ChaiVM for HP color LaserJet 4500 and 4550 or HP LaserJet 4100 and 8150 does not properly enforce access control restrictions, which could allow local users to add, delete, or modify any services hosted by the ChaiServer.
CVE-2005-0499 1 Gigafast Ethernet 1 Gigafast Router 2025-04-03 N/A
Gigafast router (aka CompUSA router) with the DNS proxy option enabled allows remote attackers to cause a denial of service via malformed DNS queries.
CVE-2005-3676 1 Phpwebthings 1 Phpwebthings 2025-04-03 N/A
SQL injection vulnerability in download.php in PhpWebThings 1.4.4 allows remote attackers to execute arbitrary SQL commands via the file parameter.
CVE-1999-0264 1 Miva 1 Htmlscript 2025-04-03 N/A
htmlscript CGI program allows remote read access to files.
CVE-2000-0842 1 Sco 1 Unixware 2025-04-03 N/A
The search97cgi/vtopic" in the UnixWare 7 scohelphttp webserver allows remote attackers to read arbitrary files via a .. (dot dot) attack.
CVE-2006-2806 1 Apache 1 James 2025-04-03 N/A
The SMTP server in Apache Java Mail Enterprise Server (aka Apache James) 2.2.0 allows remote attackers to cause a denial of service (CPU consumption) via a long argument to the MAIL command.
CVE-2006-2807 1 Aspwebsoft 1 Speedy Asp Discussion Forum 2025-04-03 N/A
ASPwebSoft Speedy Asp Discussion Forum allows remote attackers to change the password of any account via a modified account id and possibly arbitrary values of the name, email, country, password, and passwordre parameters to profileupdate.asp.