Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-1147 1 Microsoft 1 Internet Information Server 2025-04-03 N/A
Buffer overflow in IIS ISAPI .ASP parsing mechanism allows attackers to execute arbitrary commands via a long string to the "LANGUAGE" argument in a script tag.
CVE-2002-0708 1 Surfcontrol 2 Superscout Web Filter, Web Filter 2025-04-03 N/A
Directory traversal vulnerability in the Web Reports Server for SurfControl SuperScout WebFilter allows remote attackers to read arbitrary files via an HTTP request containing ... (triple dot) sequences.
CVE-2002-0534 1 Postboard 1 Postboard 2025-04-03 N/A
PostBoard 2.0.1 and earlier with BBcode allows remote attackers to cause a denial of service (CPU consumption) and corrupt the database via null \0 characters within [code] tags.
CVE-2002-0736 1 Microsoft 1 Backoffice 2025-04-03 N/A
Microsoft BackOffice 4.0 and 4.5, when configured to be accessible by other systems, allows remote attackers to bypass authentication and access the administrative ASP pages via an HTTP request with an authorization type (auth_type) that is not blank.
CVE-2006-0476 1 Nullsoft 1 Winamp 2025-04-03 N/A
Buffer overflow in Nullsoft Winamp 5.12 allows remote attackers to execute arbitrary code via a playlist (pls) file with a long file name (File1 field).
CVE-1999-1016 2 Microsoft, Qualcomm 4 Frontpage, Internet Explorer, Outlook Express and 1 more 2025-04-03 N/A
Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via large HTML form fields such as text inputs in a table cell.
CVE-2000-1148 1 Volano Llc 1 Volanochatpro 2025-04-03 N/A
The installation of VolanoChatPro chat server sets world-readable permissions for its configuration file and stores the server administrator passwords in plaintext, which allows local users to gain privileges on the server.
CVE-2001-0284 1 Openbsd 1 Openbsd 2025-04-03 N/A
Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed Authentication header (AH) IPv4 option.
CVE-1999-1023 1 Sun 1 Sunos 2025-04-03 N/A
useradd in Solaris 7.0 does not properly interpret certain date formats as specified in the "-e" (expiration date) argument, which could allow users to login after their accounts have expired.
CVE-1999-1029 1 Ssh 1 Ssh2 2025-04-03 N/A
SSH server (sshd2) before 2.0.12 does not properly record login attempts if the connection is closed before the maximum number of tries, allowing a remote attacker to guess the password without showing up in the audit logs.
CVE-2002-0542 1 Openbsd 1 Openbsd 2025-04-03 N/A
mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape character in a message even when it is not in interactive mode, which could allow local users to gain root privileges via calls to mail in cron.
CVE-1999-1030 1 Behold Software 1 Web Page Counter 2025-04-03 N/A
counter.exe 2.70 allows a remote attacker to cause a denial of service (hang) via an HTTP request that ends in %0A (newline), which causes a malformed entry in the counter log that produces an access violation.
CVE-1999-1033 1 Microsoft 1 Outlook Express 2025-04-03 N/A
Microsoft Outlook Express before 4.72.3612.1700 allows a malicious user to send a message that contains a .., which can inadvertently cause Outlook to re-enter POP3 command mode and cause the POP3 session to hang.
CVE-2005-4493 1 Speartek 1 Speartek 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in SpearTek 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters.
CVE-2005-1342 1 Apple 2 Mac Os X, Terminal 2025-04-03 N/A
The x-man-page: URI handler for Apple Terminal 1.4.4 in Mac OS X 10.3.9 does not cleanse terminal escape sequences, which allows remote attackers to execute arbitrary commands.
CVE-2000-1167 1 Freebsd 1 Freebsd 2025-04-03 N/A
ppp utility in FreeBSD 4.1.1 and earlier does not properly restrict access as specified by the "nat deny_incoming" command, which allows remote attackers to connect to the target system.
CVE-1999-1126 1 Cisco 1 Resource Manager 2025-04-03 N/A
Cisco Resource Manager (CRM) 1.1 and earlier creates certain files with insecure permissions that allow local users to obtain sensitive configuration information including usernames, passwords, and SNMP community strings, from (1) swim_swd.log, (2) swim_debug.log, (3) dbi_debug.log, and (4) temporary files whose names begin with "DPR_".
CVE-2002-0580 1 Workforceroi 1 Xpede 2025-04-03 N/A
WorkforceROI Xpede 4.1 allows remote attackers to obtain the database username via a request to datasource.asp, which leaks the username in a form and allows the attacker to more easily conduct brute force password guessing attacks.
CVE-2002-1913 1 Myphpnuke 1 Myphpnuke 2025-04-03 N/A
phptonuke.php in myPHPNuke 1.8.8 allows remote attackers to read arbitrary files via a full pathname in the filnavn variable.
CVE-2002-0583 1 Workforceroi 1 Xpede 2025-04-03 N/A
WorkforceROI Xpede 4.1 uses a small random namespace (5 alphanumeric characters) for temporary expense claim reports in the /reports/temp directory, which allows remote attackers to read the reports via a brute force attack.