Search Results (363866 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0253 1 Iweb Systems 1 Hyperseek 2026-04-16 N/A
Directory traversal vulnerability in hsx.cgi program in iWeb Hyperseek 2000 allows remote attackers to read arbitrary files and directories via a .. (dot dot) attack in the show parameter.
CVE-2001-0254 1 Fastream 1 Ftp\+\+ Server 2026-04-16 N/A
FaSTream FTP++ Server 2.0 allows remote attackers to obtain the real pathname of the server via the "pwd" command.
CVE-2001-0255 1 Fastream 2 Fastream Ftp\+\+ Server, Fastream Ftp Server 2026-04-16 N/A
FaSTream FTP++ Server 2.0 allows remote attackers to list arbitrary directories by using the "ls" command and including the drive letter name (e.g. C:) in the requested pathname.
CVE-2001-0257 1 I-data International 1 Easycom Safecom Print Server 2026-04-16 N/A
Buffer overflow in Easycom/Safecom Print Server Web service, version 404.590 and earlier, allows remote attackers to execute arbitrary commands via (1) a long URL or (2) a long HTTP header field such as "Host:".
CVE-2005-0293 1 Minis 1 Minis 2026-04-16 N/A
Directory traversal vulnerability in minis.php in Minis 0.2.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the month parameter.
CVE-1999-0939 1 Debian 1 Debian Linux 2026-04-16 N/A
Denial of service in Debian IRC Epic/epic4 client via a long string.
CVE-2001-0260 1 Lotus 1 Domino Mail Server 2026-04-16 N/A
Buffer overflow in Lotus Domino Mail Server 5.0.5 and earlier allows a remote attacker to crash the server or execute arbitrary code via a long "RCPT TO" command.
CVE-2001-0262 1 Netscape 1 Smartdownload 2026-04-16 N/A
Buffer overflow in Netscape SmartDownload 1.3 allows remote attackers (malicious web pages) to execute arbitrary commands via a long URL.
CVE-2005-0298 1 Oracle 1 Database Server 2026-04-16 N/A
The DIRECTORY objects in Oracle 8i through Oracle 10g contain the location of a specific operating system directory, which allows users with read privileges to a DIRECTORY object to obtain sensitive information.
CVE-2000-1060 1 Xfree86 Project 1 Xfce 2026-04-16 N/A
The default configuration of XFCE 3.5.1 bypasses the Xauthority access control mechanism with an "xhost + localhost" command in the xinitrc program, which allows local users to sniff X Windows traffic and gain privileges.
CVE-2006-4473 1 Joomla 1 Joomla 2026-04-16 N/A
Unspecified vulnerability in com_content in Joomla! before 1.0.11, when $mosConfig_hideEmail is set, allows attackers to perform the emailform and emailsend tasks.
CVE-2005-0227 2 Postgresql, Redhat 2 Postgresql, Enterprise Linux 2026-04-16 N/A
PostgreSQL (pgsql) 7.4.x, 7.2.x, and other versions allows local users to load arbitrary shared libraries and execute code via the LOAD extension.
CVE-1999-0761 1 Freebsd 1 Freebsd 2026-04-16 N/A
Buffer overflow in FreeBSD fts library routines allows local user to modify arbitrary files via the periodic program.
CVE-2000-0642 1 Itafrica 1 Webactive 2026-04-16 N/A
The default configuration of WebActive HTTP Server 1.00 stores the web access log active.log in the document root, which allows remote attackers to view the logs by directly requesting the page.
CVE-2005-4765 1 Bea 1 Weblogic Server 2026-04-16 N/A
BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier and 7.0 SP6 and earlier, when using the weblogic.Deployer command with the t3 protocol, does not use the secure t3s protocol even when an Administration port is enabled on the Administration server, which might allow remote attackers to sniff the connection.
CVE-1999-0762 1 Netscape 2 Communicator, Navigator 2026-04-16 N/A
When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the "about" protocol to gain access to browser information.
CVE-2005-0195 1 Cisco 1 Ios 2026-04-16 N/A
Cisco IOS 12.0S through 12.3YH allows remote attackers to cause a denial of service (device restart) via a crafted IPv6 packet.
CVE-2005-4766 1 Bea 1 Weblogic Server 2026-04-16 N/A
BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 SP5 and earlier, do not encrypt multicast traffic, which might allow remote attackers to read sensitive cluster synchronization messages by sniffing the multicast traffic.
CVE-1999-0763 1 Netbsd 1 Netbsd 2026-04-16 N/A
NetBSD on a multi-homed host allows ARP packets on one network to modify ARP entries on another connected network.
CVE-2005-0196 1 Cisco 1 Ios 2026-04-16 N/A
Cisco IOS 12.0 through 12.3YL, with BGP enabled and running the bgp log-neighbor-changes command, allows remote attackers to cause a denial of service (device reload) via a malformed BGP packet.