Search Results (363262 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1997 2 Kolab, Openpkg 2 Kolab Groupware Server, Openpkg 2026-04-16 N/A
Kolab stores OpenLDAP passwords in plaintext in the slapd.conf file, which may be installed world-readable, which allows local users to gain privileges.
CVE-1999-1236 1 True North 1 Internet Anywhere Mail Server 2026-04-16 N/A
Internet Anywhere Mail Server 2.3.1 stores passwords in plaintext in the msgboxes.dbf file, which could allow local users to gain privileges by extracting the passwords from msgboxes.dbf.
CVE-2004-1983 2 Gentoo, The Pax Team 2 Linux, Pax Linux 2026-04-16 N/A
The arch_get_unmapped_area function in mmap.c in the PaX patches for Linux kernel 2.6, when Address Space Layout Randomization (ASLR) is enabled, allows local users to cause a denial of service (infinite loop) via unknown attack vectors.
CVE-2004-1980 1 Props 1 Props 2026-04-16 N/A
Directory traversal vulnerability in glossary.php in PROPS 0.6.1 allows remote attackers to view arbitrary files via a .. (dot dot) in (1) module or (2) format variables.
CVE-1999-0474 1 Mirabilis 1 Icq 2026-04-16 N/A
The ICQ Webserver allows remote attackers to use .. to access arbitrary files outside of the user's personal directory.
CVE-2006-4356 1 Drupal 1 Drupal Easylinks Module 2026-04-16 N/A
SQL injection vulnerability in Drupal Easylinks Module (easylinks.module) 4.7 before 1.5.2.1 2006/08/19 12:02:27 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2005-4711 1 Neocrome 1 Land Down Under 2026-04-16 N/A
SQL injection vulnerability in Neocrome Land Down Under (LDU) 801 allows remote attackers to execute arbitrary SQL commands via an HTTP Referer header. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2004-1996 1 Simple Machines 1 Smf 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Simple Machines Forum (SMF) 1.0 allows remote attackers to inject arbitrary web script via the size tag.
CVE-2004-1979 1 Props 1 Props 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in do_search.php in PROPS 0.6.1 allows remote attackers to inject arbitrary HTML or web script via the search_string parameter.
CVE-2004-1977 1 3com 1 Webbngss3nbxnts 2026-04-16 N/A
3com NBX IP VOIP NetSet Configuration Manager allows remote attackers to cause a denial of service (crash) via a Nessus scan in safeChecks mode.
CVE-1999-1189 1 Netscape 2 Communicator, Navigator 2026-04-16 N/A
Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument after the ? character in a URL that references an .asp, .cgi, .html, or .pl file.
CVE-2006-4352 1 Cisco 1 Content Services Switch 11000 2026-04-16 N/A
The ArrowPoint cookie functionality for Cisco 11000 series Content Service Switches specifies an internal IP address if the administrator does not specify a string option, which allows remote attackers to obtain sensitive information.
CVE-2004-1976 1 Smc Networks 1 Smc7004vbr 2026-04-16 N/A
SMC Barricade broadband router 7008ABR and 7004VBR enable remote administration by default, which allows remote attackers to gain access by connecting to port 1900.
CVE-1999-1165 1 Gnu 1 Fingerd 2026-04-16 N/A
GNU fingerd 1.37 does not properly drop privileges before accessing user information, which could allow local users to (1) gain root privileges via a malicious program in the .fingerrc file, or (2) read arbitrary files via symbolic links from .plan, .forward, or .project files.
CVE-1999-0463 1 L0pht 1 L0phtcrack 2026-04-16 N/A
Remote attackers can perform a denial of service using IRIX fcagent.
CVE-2006-4338 2 Gzip, Redhat 2 Gzip, Enterprise Linux 2026-04-16 N/A
unlzh.c in the LHZ component in gzip 1.3.5 allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted GZIP archive.
CVE-2004-1975 1 Php Arena 1 Pafiledb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the category module in pafiledb.php for paFileDB 3.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter, a vulnerability that is closely related to CVE-2004-1551.
CVE-1999-0800 1 Allaire 1 Forums 2026-04-16 N/A
The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm.
CVE-2005-4686 1 Punbb 1 Punbb 2026-04-16 N/A
PunBB 1.2.9, when used alone or with F-ART BLOG:CMS, includes config.php before calling the unregister_globals function, which allows attackers to obtain unspecified sensitive information.
CVE-2006-4302 1 Sun 2 J2se, Java Web Start 2026-04-16 N/A
The Java Plug-in J2SE 1.3.0_02 through 5.0 Update 5, and Java Web Start 1.0 through 1.2 and J2SE 1.4.2 through 5.0 Update 5, allows remote attackers to exploit vulnerabilities by specifying a JRE version that contain vulnerabilities.