Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1056 3 Linux, Redhat, Ubuntu 3 Linux Kernel, Enterprise Linux, Ubuntu Linux 2026-04-16 N/A
Direct Rendering Manager (DRM) driver in Linux kernel 2.6 does not properly check the DMA lock, which could allow remote attackers or local users to cause a denial of service (X Server crash) and possibly modify the video output.
CVE-2003-1068 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges, as identified by Sun BugID 4659277, a different vulnerability than CVE-2003-1082.
CVE-2006-1872 1 Oracle 1 Database Server 2026-04-16 N/A
Unspecified vulnerability in Oracle Database Server 9.0.1.5 and 9.2.0.7 has unknown impact and attack vectors in the Oracle Enterprise Manager Intelligent Agent component, aka Vuln# DB07.
CVE-1999-1428 1 Sun 1 Solstice Adminsuite 2026-04-16 N/A
Solaris Solstice AdminSuite (AdminSuite) 2.1 and 2.2 allows local users to gain privileges via the save option in the Database Manager, which is running with setgid bin privileges.
CVE-1999-0751 1 Netscape 1 Enterprise Server 2026-04-16 N/A
Buffer overflow in Accept command in Netscape Enterprise Server 3.6 with the SSL Handshake Patch.
CVE-2004-1058 3 Linux, Redhat, Ubuntu 3 Linux Kernel, Enterprise Linux, Ubuntu Linux 2026-04-16 N/A
Race condition in Linux kernel 2.6 allows local users to read the environment variables of another process that is still spawning via /proc/.../cmdline.
CVE-2003-1105 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Unknown vulnerability in Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to cause a denial of service (browser or Outlook Express crash) via HTML with certain input tags that are not properly rendered.
CVE-2003-1125 1 Sun 1 One Directory Server 2026-04-16 N/A
Unknown vulnerability in ns-ldapd for Sun ONE Directory Server 4.16, 5.0, and 5.1 allows LDAP clients to cause a denial of service (service halt).
CVE-1999-0756 1 Allaire 1 Coldfusion Server 2026-04-16 N/A
ColdFusion Administrator with Advanced Security enabled allows remote users to stop the ColdFusion server via the Start/Stop utility.
CVE-1999-0769 4 Caldera, Debian, Paul Vixie and 1 more 4 Openlinux, Debian Linux, Vixie Cron and 1 more 2026-04-16 N/A
Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable.
CVE-2006-1891 1 Betaboard 1 Betaboard 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Martin Scheffler betaboard 0.1 allows remote attackers to inject arbitrary web script or HTML via a user's profile, possibly using the FormVal_profile parameter. NOTE: it is not clear whether this is a distributable product or a site-specific vulnerability. If it is site-specific, then it should not be included in CVE.
CVE-2003-1282 1 Ibm 1 Net.data 2026-04-16 N/A
IBM Net.Data allows remote attackers to obtain sensitive information such as path names, server names and possibly user names and passwords by causing the (1) $(DTW_CURRENT_FILENAME), (2) $(DATABASE), (3) $(LOGIN), (4) $(PASSWORD), and possibly other predefined variables that can be echoed back to the user via a web form.
CVE-2006-4416 1 Ibm 1 Aix 2026-04-16 N/A
Untrusted search path vulnerability in the mkvg command in IBM AIX 5.2 and 5.3 allows local users to gain privileges by modifying the path to point to a malicious (1) chdev, (2) mkboot, (3) varyonvg, or (4) varyoffvg program.
CVE-2001-0430 1 Debian 1 Debian Linux 2026-04-16 N/A
Vulnerability in exuberant-ctags before 3.2.4-0.1 insecurely creates temporary files.
CVE-1999-0829 1 Hp 1 Secure Web Console 2026-04-16 N/A
HP Secure Web Console uses weak encryption.
CVE-2001-0434 1 Compaq 1 Presario 2026-04-16 N/A
The LogDataListToFile ActiveX function used in (1) Knowledge Center and (2) Back web components of Compaq Presario computers allows remote attackers to modify arbitrary files and cause a denial of service.
CVE-1999-0830 1 Sco 1 Unixware 2026-04-16 N/A
Buffer overflow in SCO UnixWare Xsco command via a long argument.
CVE-2006-1899 1 Dev 1 Neuron Blog 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in dev Neuron Blog 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) name and (2) website parameters.
CVE-2006-1903 1 Userland 1 Manila 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in UserLand Manila allow remote attackers to inject arbitrary web script or HTML (1) via the referer parameter in sendMail, and via attributes of (2) the A element and certain other HTML elements in web pages edited with the editInBrowser module. NOTE: the msgReader$1 mode attack vector is already covered by CVE-2006-1769.
CVE-2006-1909 1 Coppermine 1 Coppermine Photo Gallery 2026-04-16 N/A
Directory traversal vulnerability in index.php in Coppermine 1.4.4 allows remote attackers to read arbitrary files via a .//./ (modified dot dot slash) in the file parameter, which causes a regular expression to collapse the sequences into standard "../" sequences.