Search Results (364122 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-4506 1 Netiq 1 Identity Manager 2026-04-16 N/A
idmlib.sh in nxdrv in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors, possibly involving the " (quote) and \ (backslash) characters and eval injection.
CVE-2005-4801 1 Yapig 1 Yapig 2026-04-16 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in Yet Another PHP Image Gallery (YaPIG) 0.95b and earlier allow remote attackers to perform unauthorized actions as a logged-in user, as demonstrated by tricking the administrator to access a web page that performs a mod_info action in modify_gallery.php.
CVE-2005-0336 1 Emotion 1 Mediapartner Web Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in EMotion MediaPartner Web Server 5.0 allows remote attackers to inject arbitrary HTML or web script, as demonstrated using a URL containing .. sequences and HTML, which results in a directory browsing page that does not properly filter the HTML.
CVE-2001-0334 1 Microsoft 1 Internet Information Server 2026-04-16 7.5 High
FTP service in IIS 5.0 and earlier allows remote attackers to cause a denial of service via a wildcard sequence that generates a long string when it is expanded.
CVE-2004-0930 5 Conectiva, Gentoo, Redhat and 2 more 8 Linux, Linux, Enterprise Linux and 5 more 2026-04-16 N/A
The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters.
CVE-1999-0954 1 Matt Wright 1 Wwwboard 2026-04-16 N/A
WWWBoard has a default username and default password.
CVE-2001-0344 1 Microsoft 1 Sql Server 2026-04-16 N/A
An SQL query method in Microsoft SQL Server 2000 Gold and 7.0 using Mixed Mode allows local database users to gain privileges by reusing a cached connection of the sa administrator account.
CVE-2001-0354 1 Thenet 1 Checkbo 2026-04-16 N/A
TheNet CheckBO 1.56 allows remote attackers to cause a denial of service via a flood of characters to the TCP ports which it is listening on.
CVE-2005-0304 1 Divx 1 Divx Player 2026-04-16 N/A
Directory traversal vulnerability in DivX Player 2.6 and earlier allows remote attackers to overwrite arbitrary files via a .. (dot dot) in a filename in a ZIP file for a skin.
CVE-1999-0963 1 Freebsd 1 Freebsd 2026-04-16 N/A
FreeBSD mount_union command allows local users to gain root privileges via a symlink attack.
CVE-2001-0375 1 Cisco 2 Pix Firewall 515, Pix Firewall 520 2026-04-16 N/A
Cisco PIX Firewall 515 and 520 with 5.1.4 OS running aaa authentication to a TACACS+ server allows remote attackers to cause a denial of service via a large number of authentication requests.
CVE-2005-0305 1 Siteman 1 Siteman 2026-04-16 N/A
CRLF injection vulnerability in users.php in Siteman 1.1.10 and earlier allows remote attackers to add arbitrary users and gain privileges via the line parameter in a docreate operation.
CVE-1999-0967 1 Microsoft 3 Internet Explorer, Outlook Express, Windows Explorer 2026-04-16 N/A
Buffer overflow in the HTML library used by Internet Explorer, Outlook Express, and Windows Explorer via the res: local resource protocol.
CVE-2001-0380 1 Crosscom Olicom 1 Xlt-f 2026-04-16 N/A
Crosscom/Olicom XLT-F running XL 80 IM Version 5.5 Build Level 2 allows a remote attacker SNMP read and write access via a default, undocumented community string 'ILMI'.
CVE-2001-0381 2 Pgp, Redhat 2 Openpgp, Linux 2026-04-16 N/A
The OpenPGP PGP standard allows an attacker to determine the private signature key via a cryptanalytic attack in which the attacker alters the encrypted private key file and captures a single message signed with the signature key.
CVE-2001-0389 1 Ibm 2 Net.commerce, Websphere Application Server 2026-04-16 N/A
IBM Websphere/NetCommerce3 3.1.2 allows remote attackers to determine the real path of the server by directly calling the macro.d2w macro with a NOEXISTINGHTMLBLOCK argument.
CVE-2001-0395 1 Lightwavemo 2 Consoleserver 3200, Consoleserver 3200 Firmware 2026-04-16 9.8 Critical
Lightwave ConsoleServer 3200 does not disconnect users after unsuccessful login attempts, which could allow remote attackers to conduct brute force password guessing.
CVE-2001-0399 1 Caucho Technology 1 Resin 2026-04-16 N/A
Caucho Resin 1.3b1 and earlier allows remote attackers to read source code for Javabean files by inserting a .jsp before the WEB-INF specifier in an HTTP request.
CVE-2005-0310 1 Exponent 1 Exponent 2026-04-16 N/A
Exponent 0.95 allows remote attackers to obtain sensitive information via a direct HTTP request to (1) search.info.php, (2) permissions.info.php, (3) security.info.php, (4) formcontrol.php, or (5) file_modules.php, which reveals the path in an error message because the pathos_core_version variable is undefined.
CVE-1999-0973 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is running in verbose mode.