Search Results (363422 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-4741 1 Netbsd 1 Netbsd 2026-04-16 N/A
NetBSD 1.6, NetBSD 2.0 through 2.1, and NetBSD-current before 20051031 allows local users to gain privileges by attaching a debugger to a setuid/setgid (P_SUGID) process that performs an exec without a reset of real credentials.
CVE-1999-0602 2026-04-16 N/A
A network intrusion detection system (IDS) does not properly reassemble fragmented packets.
CVE-2000-0028 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Internet Explorer 5.0 and 5.01 allows remote attackers to bypass the cross frame security policy and read files via the external.NavigateAndFind function.
CVE-2005-0018 1 F2c Open Source Project 1 F2c Translator 2026-04-16 N/A
The f2 shell script in the f2c package 3.1 allows local users to read arbitrary files via a symlink attack on temporary files.
CVE-2005-4742 1 Pavel Kankovsky 1 Echelog 2026-04-16 N/A
Unspecified vulnerability in Echelog 0.6.2 allows attackers to "exploit function stacks on some architectures," with unknown impact and attack vectors.
CVE-2000-0040 1 Glftpd 1 Glftpd 2026-04-16 N/A
glFtpD allows local users to gain privileges via metacharacters in the SITE ZIPCHK command.
CVE-2005-0020 2 Mandrakesoft, Playmidi 3 Mandrake Linux, Mandrake Linux Corporate Server, Playmidi 2026-04-16 N/A
Buffer overflow in playmidi before 2.4 allows local users to execute arbitrary code.
CVE-2000-0062 1 Zope 1 Zope 2026-04-16 N/A
The DTML implementation in the Z Object Publishing Environment (Zope) allows remote attackers to conduct unauthorized activities.
CVE-2000-0463 1 Be 1 Beos 2026-04-16 N/A
BeOS 5.0 allows remote attackers to cause a denial of service via fragmented TCP packets.
CVE-1999-0508 2026-04-16 N/A
An account on a router, firewall, or other network device has a default, null, blank, or missing password.
CVE-1999-0507 2026-04-16 N/A
An account on a router, firewall, or other network device has a guessable password.
CVE-2004-2038 1 Neocrome 1 Land Down Under 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Land Down Under (LDU) before LDU 700 allows remote attackers to inject arbitrary web script or HTML via a BBcode img tag in (1) functions.php, (2) header.php or (3) auth.inc.php.
CVE-2004-2037 1 Mollensoft Software 1 Lightweight Ftp Server 2026-04-16 N/A
Buffer overflow in Mollensoft Lightweight FTP Server 3.6 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long CWD command, as demonstrated in one example by using the "cd" command in an interactive FTP client.
CVE-2006-4362 1 Dieselscripts 1 Diesel Paid Mail 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in getad.php in Diesel Paid Mail allows remote attackers to inject arbitrary web script or HTML via the ps parameter.
CVE-2004-2036 1 Jportal 1 Jportal Web Portal 2026-04-16 N/A
SQL injection vulnerability in the art_print function in print.inc.php in unknown versions of jPortal before 2.3.1 allows remote attackers to inject arbitrary SQL commands via the id parameter.
CVE-1999-0498 2026-04-16 N/A
TFTP is not running in a restricted directory, allowing a remote attacker to access sensitive information such as password files.
CVE-2004-2035 1 Minishare 1 Minimal Http Server 2026-04-16 N/A
MiniShare 1.3.2 allows remote attackers to cause a denial of service (crash) via a malformed HTTP GET or HEAD request without the proper number of trailing CRLF sequences.
CVE-2004-2032 1 Netgear 1 Rp114 2026-04-16 N/A
Netgear RP114 allows remote attackers to bypass the keyword based URL filtering by requesting a long URL, as demonstrated using a large number of %20 (hex-encoded space) sequences.
CVE-1999-1335 1 Redhat 1 Linux 2026-04-16 N/A
snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4.0 is configured to allow remote attackers to read and write sensitive information.
CVE-2006-4361 1 Dieselscripts 1 Diesel Job Site 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in jobseekers/forgot.php in Diesel Job Site allow remote attackers to inject arbitrary web script or HTML via the (1) uname or (2) SEmail parameters.