Search Results (363434 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-2004 1 Suse 1 Suse Linux 2026-04-16 N/A
The Live CD in SUSE LINUX 9.1 Personal edition is configured without a password for root, which allows remote attackers to gain privileges via SSH.
CVE-1999-0487 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
The DHTML Edit ActiveX control in Internet Explorer allows remote attackers to read arbitrary files.
CVE-2006-4359 1 Trident Software 1 Powerzip 2026-04-16 N/A
Stack-based buffer overflow in Trident Software PowerZip 7.06 Build 3895 on Windows 2000 allows remote attackers to execute arbitrary code via a ZIP archive containing a long filename.
CVE-2006-4344 1 Cgi-rescue 1 Mail F W System 2026-04-16 N/A
CRLF injection vulnerability in CGI-Rescue Mail F/W System (formd) before 8.3 allows remote attackers to spoof e-mails and inject e-mail headers via unspecified vectors in (1) mail.cgi and (2) query.cgi.
CVE-2004-2002 1 Sgi 1 Irix 2026-04-16 N/A
Unknown vulnerability in SGI IRIX 6.5 through 6.5.22m allows remote attackers to cause a denial of service via a certain UDP packet.
CVE-1999-0485 1 Openbsd 1 Openbsd 2026-04-16 N/A
Remote attackers can cause a system crash through ipintr() in ipq in OpenBSD.
CVE-2005-4712 1 Php Handicapper 1 Php Handicapper 2026-04-16 N/A
CRLF injection vulnerability in process_signup.php in PHP Handicapper allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in the login parameter. NOTE: the vendor has disputed CVE-2005-3497, and it is possible that the dispute was intended to include this issue as well.
CVE-2005-1900 1 Sawmill 1 Sawmill 2026-04-16 N/A
Sawmill before 7.1.6 allows remote attackers to bypass authentication and (1) gain administrative privileges or (2) add a license.
CVE-2004-2001 1 Sgi 1 Irix 2026-04-16 N/A
ifconfig "-arp" in SGI IRIX 6.5 through 6.5.22m does not properly disable ARP requests from being sent or received.
CVE-2004-1986 2 Coppermine, Francisco Burzi 2 Coppermine Photo Gallery, Php-nuke 2026-04-16 N/A
Directory traversal vulnerability in modules.php in Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers with administrative privileges to read arbitrary files via a .. (dot dot) in the startdir parameter.
CVE-1999-1257 1 Xyplex 1 Maxserver Xyplex Terminal Server 2026-04-16 N/A
Xyplex terminal server 6.0.1S1, and possibly other versions, allows remote attackers to bypass the password prompt by entering (1) a CTRL-Z character, or (2) a ? (question mark).
CVE-2006-4358 1 Dieselscripts 1 Diesel Pay 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in Diesel Pay allows remote attackers to inject arbitrary web script or HTML via the read parameter.
CVE-2004-1997 2 Kolab, Openpkg 2 Kolab Groupware Server, Openpkg 2026-04-16 N/A
Kolab stores OpenLDAP passwords in plaintext in the slapd.conf file, which may be installed world-readable, which allows local users to gain privileges.
CVE-1999-1236 1 True North 1 Internet Anywhere Mail Server 2026-04-16 N/A
Internet Anywhere Mail Server 2.3.1 stores passwords in plaintext in the msgboxes.dbf file, which could allow local users to gain privileges by extracting the passwords from msgboxes.dbf.
CVE-2004-1983 2 Gentoo, The Pax Team 2 Linux, Pax Linux 2026-04-16 N/A
The arch_get_unmapped_area function in mmap.c in the PaX patches for Linux kernel 2.6, when Address Space Layout Randomization (ASLR) is enabled, allows local users to cause a denial of service (infinite loop) via unknown attack vectors.
CVE-2004-1980 1 Props 1 Props 2026-04-16 N/A
Directory traversal vulnerability in glossary.php in PROPS 0.6.1 allows remote attackers to view arbitrary files via a .. (dot dot) in (1) module or (2) format variables.
CVE-1999-0474 1 Mirabilis 1 Icq 2026-04-16 N/A
The ICQ Webserver allows remote attackers to use .. to access arbitrary files outside of the user's personal directory.
CVE-2006-4356 1 Drupal 1 Drupal Easylinks Module 2026-04-16 N/A
SQL injection vulnerability in Drupal Easylinks Module (easylinks.module) 4.7 before 1.5.2.1 2006/08/19 12:02:27 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2005-4711 1 Neocrome 1 Land Down Under 2026-04-16 N/A
SQL injection vulnerability in Neocrome Land Down Under (LDU) 801 allows remote attackers to execute arbitrary SQL commands via an HTTP Referer header. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2004-1996 1 Simple Machines 1 Smf 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Simple Machines Forum (SMF) 1.0 allows remote attackers to inject arbitrary web script via the size tag.