Search Results (351250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-2104 1 Ganglia 1 Php Rrd Web Client 2026-04-16 N/A
graph.php in Ganglia PHP RRD Web Client 1.0.2 allows remote attackers to execute arbitrary commands via the command parameter, which is provided to the passthru function.
CVE-2002-2106 1 Wikkitikkitavi 1 Wikkitikkitavi 2026-04-16 N/A
PHP remote file inclusion vulnerability in WikkiTikkiTavi before 0.21 allows remote attackers to execute arbitrary PHP code via the TemplateDir variable, as demonstrated using conflict.php.
CVE-2002-2115 1 Hns 2 Hns, Hns-lite 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Hyper NIKKI System (HNS) Lite before 0.9 and HNS before 2.10-pl2 allows remote attackers to inject arbitrary web script or HTML.
CVE-2002-2116 1 Netgear 2 Rm356, Rt338 2026-04-16 N/A
Netgear RM-356 and RT-338 series SOHO routers allow remote attackers to cause a denial of service (crash) via a UDP port scan, as demonstrated using nmap.
CVE-2004-2410 1 Samhain Labs 1 Samhain 2026-04-16 N/A
Unknown vulnerability in sh_hash_compdata for Samhain 1.8.9 through 2.0.1 might allow attackers to cause a denial of service (null pointer dereference).
CVE-2005-2235 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in the diagTasksWebSM command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long command line arguments.
CVE-2005-2144 1 Prevx 1 Prevx Pro 2005 2026-04-16 N/A
Prevx Pro 2005 1.0 allows local users to bypass file protection and modify files by using MapViewOfFile to perform memory mapping on the file.
CVE-2005-1976 1 Novell 1 Netmail 2026-04-16 N/A
Novell NetMail 3.5.2a, 3.5.2b, and 3.5.2c, when running on Linux, sets the owner and group ID to 500 for certain files, which could allow users or groups with that ID to execute arbitrary code or cause a denial of service by modifying those files.
CVE-2004-2435 1 Peoplesoft 1 Hrms 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in PeopleSoft Human Resources Management System (HRMS) 7.0, when "web enabled" using HTML Access, allows remote attackers to inject arbitrary web script or HTML via unspecified (1) debugging or (2) utility scripts.
CVE-2002-2125 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Internet Explorer 6.0 does not warn users when an expired certificate authority (CA) certificate is submitted to the user and a newer CA certificate is in the user's local repository, which could allow remote attackers to decrypt web sessions via a man-in-the-middle (MITM) attack.
CVE-2005-2153 1 Osticket 1 Osticket Sts 2026-04-16 N/A
SQL injection vulnerability in class.ticket.php in osTicket 1.3.1 beta and earlier allows remote attackers to execute arbitrary SQL commands via the ticket variable.
CVE-2006-1757 1 Bill Shupp 1 Vegadns 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in Vegadns 0.99 allows remote attackers to inject arbitrary web script or HTML via the message parameter.
CVE-2002-2126 1 Pedestal Software 1 Integrity Protection Driver 2026-04-16 N/A
restrictEnabled in Integrity Protection Driver (IPD) 1.2 delays driver installation for 20 minutes, which allows local users to insert malicious code by setting system clock to an earlier time.
CVE-1999-0033 5 Ibm, Ncr, Sco and 2 more 7 Aix, Mp-ras, Open Desktop and 4 more 2026-04-16 N/A
Command execution in Sun systems via buffer overflow in the at program.
CVE-1999-0076 1 Washington University 1 Wu-ftpd 2026-04-16 N/A
Buffer overflow in wu-ftp from PASV command causes a core dump.
CVE-1999-0293 1 Cisco 1 Ios 2026-04-16 N/A
AAA authentication on Cisco systems allows attackers to execute commands without authorization.
CVE-1999-0306 1 Hp 1 Vvos 2026-04-16 N/A
buffer overflow in HP xlock program.
CVE-1999-0499 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
NETBIOS share information may be published through SNMP registry keys in NT.
CVE-1999-0534 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
A Windows NT user has inappropriate rights or privileges, e.g. Act as System, Add Workstation, Backup, Change System Time, Create Pagefile, Create Permanent Object, Create Token Name, Debug, Generate Security Audit, Increase Priority, Increase Quota, Load Driver, Lock Memory, Profile Single Process, Remote Shutdown, Replace Process Token, Restore, System Environment, Take Ownership, or Unsolicited Input.
CVE-1999-1125 1 Oracle 1 Http Server 2026-04-16 N/A
Oracle Webserver 2.1 and earlier runs setuid root, but the configuration file is owned by the oracle account, which allows any local or remote attacker who obtains access to the oracle account to gain privileges or modify arbitrary files by modifying the configuration file.