Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-1224 1 University Of Washington 1 Imapd 2025-04-03 N/A
IMAP 4.1 BETA, and possibly other versions, does not properly handle the SIGABRT (abort) signal, which allows local users to crash the server (imapd) via certain sequences of commands, which causes a core dump that may contain sensitive password information.
CVE-1999-1227 1 Ethereal Group 1 Ethereal 2025-04-03 N/A
Ethereal allows local users to overwrite arbitrary files via a symlink attack on the packet capture file.
CVE-1999-1228 3 Diamond, Logicode, Us Robotics 3 Supra, Quicktel, Us Robotics 2025-04-03 N/A
Various modems that do not implement a guard time, or are configured with a guard time of 0, can allow remote attackers to execute arbitrary modem commands such as ATH, ATH0, etc., via a "+++" sequence that appears in ICMP packets, the subject of an e-mail message, IRC commands, and others.
CVE-2002-0857 1 Oracle 2 Database Server, Oracle8i 2025-04-03 N/A
Format string vulnerabilities in Oracle Listener Control utility (lsnrctl) for Oracle 9.2 and 9.0, 8.1, and 7.3.4, allow remote attackers to execute arbitrary code on the Oracle DBA system by placing format strings into certain entries in the listener.ora configuration file.
CVE-1999-1229 1 Id Software 1 Quake 2 Server 2025-04-03 N/A
Quake 2 server 3.13 on Linux does not properly check file permissions for the config.cfg configuration file, which allows local users to read arbitrary files via a symlink from config.cfg to the target file.
CVE-2005-4809 1 Mozilla 3 Firefox, Mozilla, Thunderbird 2025-04-03 N/A
Mozilla Firefox 1.0.1 and possibly other versions, including Mozilla and Thunderbird, allows remote attackers to spoof the URL in the Status Bar via an A HREF tag that contains a TABLE tag that contains another A tag.
CVE-1999-1230 1 Id Software 1 Quake 2 2025-04-03 N/A
Quake 2 server allows remote attackers to cause a denial of service via a spoofed UDP packet with a source address of 127.0.0.1, which causes the server to attempt to connect to itself.
CVE-2000-1202 1 Ibm 1 Http Server Ssl Module Common 2025-04-03 N/A
ikeyman in IBM IBMHSSSB 1.0 sets the CLASSPATH environmental variable to include the user's own CLASSPATH directories before the system's directories, which allows a malicious local user to execute arbitrary code as root via a Trojan horse Ikeyman class.
CVE-2002-1917 1 Geeklog 1 Geeklog 2025-04-03 N/A
CRLF injection vulnerability in the "User Profile: Send Email" feature in Geeklog 1.35 and 1.3.5sr1 allows remote attackers to obtain e-mail addresses by injecting a CRLF into the Subject field and adding a BCC mail header.
CVE-2004-0623 1 Gnu 1 Gnats 2025-04-03 N/A
Format string vulnerability in misc.c in GNU GNATS 4.00 may allow remote attackers to execute arbitrary code via format string specifiers in a string that gets logged by syslog.
CVE-2002-1918 1 Microsoft 1 Data Access Components 2025-04-03 N/A
Buffer overflow in Microsoft Active Data Objects (ADO) in Microsoft MDAC 2.5 through 2.7 allows remote attackers to have unknown impact with unknown attack vectors. NOTE: due to the lack of details available regarding this issue, perhaps it should be REJECTED.
CVE-2001-0300 1 Oracle 1 Internet Directory 2025-04-03 N/A
oidldapd 2.1.1.1 in Oracle 8.1.7 records log files in a directory (ldaplog) that has world-writable permissions, which may allow local users to delete logs and/or overwrite other files via a symlink attack.
CVE-2001-0304 1 Caucho Technology 1 Resin 2025-04-03 N/A
Directory traversal vulnerability in Caucho Resin 1.2.2 allows remote attackers to read arbitrary files via a "\.." (dot dot) in a URL request.
CVE-1999-1239 1 Hp 1 Hp-ux 2025-04-03 N/A
HP-UX 9.x does not properly enable the Xauthority mechanism in certain conditions, which could allow local users to access the X display even when they have not explicitly been authorized to do so.
CVE-1999-1240 1 Gracenote 1 Cddbd 2025-04-03 N/A
Buffer overflow in cddbd CD database server allows remote attackers to execute arbitrary commands via a long log message.
CVE-1999-1243 1 Sgi 1 Irix 2025-04-03 N/A
SGI Desktop Permissions Tool in IRIX 6.0.1 and earlier allows local users to modify permissions for arbitrary files and gain privileges.
CVE-1999-1244 1 Darren Reed 1 Ipfilter 2025-04-03 N/A
IPFilter 3.2.3 through 3.2.10 allows local users to modify arbitrary files via a symlink attack on the saved output file.
CVE-1999-1247 1 Hp 1 Hp-ux 2025-04-03 N/A
Vulnerability in HP Camera component of HP DCE/9000 in HP-UX 9.x allows attackers to gain root privileges.
CVE-2004-0695 1 4d 1 Webstar 2025-04-03 N/A
Stack-based buffer overflow in the FTP service for 4D WebSTAR 5.3.2 and earlier allows remote attackers to execute arbitrary code via a long FTP command.
CVE-2005-4844 1 Microsoft 1 Internet Explorer 2025-04-03 N/A
The CLSID_ApprenticeICW control allows remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer.