Search Results (363401 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-1451 1 Microsoft 2 Internet Information Server, Site Server 2026-04-16 N/A
The Winmsdp.exe sample file in IIS 4.0 and Site Server 3.0 allows remote attackers to read arbitrary files.
CVE-2004-2073 1 Vserver 1 Linux-vserver 2026-04-16 N/A
Linux-VServer 1.24 allows local users with root privileges on a virtual server to gain access to the filesystem outside the virtual server via a modified chroot-again exploit using the chmod command.
CVE-2004-2079 1 Red-m 1 Red-alert 2026-04-16 N/A
Red-M Red-Alert 2.7.5 with software 3.1 build 24 binds authentication to IP addresses, which allows remote attackers to bypass authentication by connecting from the same IP address as an active authenticated user.
CVE-2004-2082 1 Karjasoft 1 Sami Ftp Server 2026-04-16 N/A
The samiftp.dll library in Sami FTP Server 1.1.3 allows remote authenticated users to cause a denial of service (pmsystem.exe crash) via a GET request wit a large number of leading "/" (slash) characters.
CVE-2004-2090 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 5.0.1 through 6.0 allows remote attackers to determine the existence of arbitrary files via the VBScript LoadPicture method, which returns an error code if the file does not exist.
CVE-2004-2122 1 Intra Forum 1 Intra Forum 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in intraforum_db.cgi in Intra Forum allows remote attackers to inject arbitrary web script or HTML via the (1) use_last_read or (2) forum parameters.
CVE-2004-2083 1 Opera 1 Opera Browser 2026-04-16 N/A
Opera Web Browser 7.0 through 7.23 allows remote attackers to trick users into executing a malicious file by embedding a CLSID in the file name, which causes the malicious file to appear as a trusted file type, aka "File Download Extension Spoofing."
CVE-2004-2091 1 Microsoft 1 Baseline Security Analyzer 2026-04-16 N/A
Microsoft Baseline Security Analyzer (MBSA) 1.2 does not correctly identify systems that have been patched but remain vulnerable to exploit until the system is rebooted, possibly giving the administrator a false sense of security.
CVE-2004-2131 1 Ibm 2 Informix Dynamic Server, Informix Extended Parallel Server 2026-04-16 N/A
Stack-based buffer overflow in ontape for IBM Informix Dynamic Server (IDS) 9.40.xC3 and earlier allows local users, with DSA privileges, to execute arbitrary code via a long ONCONFIG environment variable.
CVE-1999-1469 1 Hughes Technologies 1 W3-auth 2026-04-16 N/A
Buffer overflow in w3-auth CGI program in miniSQL package allows remote attackers to execute arbitrary commands via an HTTP request with (1) a long URL, or (2) a long User-Agent MIME header.
CVE-2004-2084 1 Jshop E-commerce 2 Jshop Professional, Jshop Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in search.php in JShop E-Commerce Server allows remote attackers to inject arbitrary web script or HTML via the xSearch parameter.
CVE-2004-2135 1 Linux 1 Linux Kernel 2026-04-16 N/A
cryptoloop on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryption.
CVE-2005-4729 1 Vbzoom 1 Vbzoom 2026-04-16 N/A
SQL injection vulnerability in show.php in VBZooM Forum allows remote attackers to execute arbitrary SQL commands via the SubjectID parameter.
CVE-2006-4365 1 Vistabb 1 Vistabb 2026-04-16 N/A
Multiple PHP remote file inclusion vulnerabilities in VistaBB 2.0.33 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) includes/functions_mod_user.php or (2) includes/functions_portal.php.
CVE-1999-1482 1 Svgalib 1 Zgv 2026-04-16 N/A
SVGAlib zgv 3.0-7 and earlier allows local users to gain root access via a privilege leak of the iopl(3) privileges to child processes.
CVE-2004-2086 1 Sambar 1 Sambar Server 2026-04-16 N/A
Stack-based buffer overflow in results.stm for Sambar Server before the 6.0 production release allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP POST request with a long query parameter.
CVE-2004-2136 1 Linux 1 Linux Kernel 2026-04-16 N/A
dm-crypt on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryption.
CVE-2004-2087 1 Sandsurfer 1 Sandsurfer 2026-04-16 N/A
Unknown vulnerability in SandSurfer before 1.7.0 allows remote attackers to gain access as a logged-in user.
CVE-1999-0559 2026-04-16 N/A
A system-critical Unix file or directory has inappropriate permissions.
CVE-2004-2089 1 Matrix 1 Matrix Ftp Server 2026-04-16 N/A
Matrix FTP Server allows remote attackers to cause a denial of service (crash) by logging in using four spaces as the username and password and then issuing a LIST command.