Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0447 1 Network Associates 1 Webshield 2026-04-16 N/A
Buffer overflow in WebShield SMTP 4.5.44 allows remote attackers to execute arbitrary commands via a long configuration parameter to the WebShield remote management service.
CVE-1999-0518 1 Microsoft 1 Windows 95 2026-04-16 N/A
A NETBIOS/SMB share password is guessable.
CVE-2006-4910 1 Cisco 2 Ids Sensor Software, Ips Sensor Software 2026-04-16 N/A
The web administration interface (mainApp) to Cisco IDS before 4.1(5c), and IPS 5.0 before 5.0(6p1) and 5.1 before 5.1(2) allows remote attackers to cause a denial of service (unresponsive device) via a crafted SSLv2 Client Hello packet.
CVE-2006-1689 1 Hp 1 Hp-ux 2026-04-16 N/A
Unspecified vulnerability in su in HP HP-UX B.11.11, when using the LDAP netgroup feature, allows local users to gain unspecified access.
CVE-2006-2770 1 Pppblog 1 Pppblog 2026-04-16 N/A
Directory traversal vulnerability in randompic.php in pppBLOG 0.3.8 and earlier, when register_globals is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) sequence in an index of the "file" array parameter, as demonstrated by file[0].
CVE-1999-0693 3 Hp, Ibm, Sco 3 Hp-ux, Aix, Unixware 2026-04-16 N/A
Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges.
CVE-1999-0695 1 Sybase 1 Powerdynamo 2026-04-16 N/A
The Sybase PowerDynamo personal web server allows attackers to read arbitrary files through a .. (dot dot) attack.
CVE-1999-0749 1 Microsoft 2 Windows 95, Windows 98 2026-04-16 N/A
Buffer overflow in Microsoft Telnet client in Windows 95 and Windows 98 via a malformed Telnet argument.
CVE-1999-0758 1 Netscape 2 Enterprise Server, Fasttrack Server 2026-04-16 N/A
Netscape Enterprise 3.5.1 and FastTrack 3.01 servers allow a remote attacker to view source code to scripts by appending a %20 to the script's URL.
CVE-1999-0450 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-04-16 N/A
In IIS, an attacker could determine a real path using a request for a non-existent URL that would be interpreted by Perl (perl.exe).
CVE-1999-1249 1 Hp 1 Hp-ux 2026-04-16 N/A
movemail in HP-UX 10.20 has insecure permissions, which allows local users to gain privileges.
CVE-2005-2020 1 3com 1 3c15100d 2026-04-16 N/A
Directory traversal vulnerability in the web server for 3Com Network Supervisor 5.0.2 allows remote attackers to read arbitrary files via ".." sequences in the URL to TCP port 21700.
CVE-2005-2030 1 Ultimate Php Board 1 Ultimate Php Board 2026-04-16 N/A
Ultimate PHP Board (UPB) 1.9.6 GOLD uses weak encryption for passwords in the users.dat file, which allows attackers to easily decrypt the passwords and gain privileges, possibly after exploiting CVE-2005-2005 to obtain users.dat.
CVE-2005-2043 1 Xampp 1 Apache Distribution 2026-04-16 N/A
Directory traversal vulnerability in XAMPP before 1.4.14 allows remote attackers to inject arbitrary HTML and PHP code via lang.php.
CVE-2005-2047 1 Duware 1 Dupaypal Pro 2026-04-16 N/A
Multiple SQL injection vulnerabilities in DUware DUpaypal Pro 3.0 allow remote attackers to execute arbitrary SQL commands via the (1) iCat parameter to cat.asp, (2) iPro parameter to detail.asp, (3) iSub parameter to sub.asp, (4) iCat parameter to catEdit.asp.
CVE-1999-0798 5 Bsdi, Freebsd, Openbsd and 2 more 7 Bsd Os, Freebsd, Openbsd and 4 more 2026-04-16 N/A
Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.
CVE-1999-0801 1 Bmc 1 Patrol Agent 2026-04-16 N/A
BMC Patrol allows remote attackers to gain access to an agent by spoofing frames.
CVE-2005-2048 1 Duware 1 Duforum 2026-04-16 N/A
Multiple SQL injection vulnerabilities in DUware DUforum 3.1, and possibly other versions, allow remote attackers to execute arbitrary SQL commands via the (1) iMsg parameter to messages.asp, iFor parameter to (2) post.asp or (3) forums.asp, or (4) id parameter to userEdit.asp. NOTE: vectors 1 and 3 were later reported to affect version 3.0.
CVE-2005-2049 1 Duware 1 Duclassmate 2026-04-16 N/A
Multiple SQL injection vulnerabilities in DUware DUclassmate 1.2 allow remote attackers to execute arbitrary SQL commands via the (1) iState parameter to default.asp or (2) iPro parameter to edit.asp.
CVE-2005-2189 1 Lantronix 1 Securelinx 2026-04-16 N/A
Lantronix SecureLinx console server running firmware 2.0 and 3.0 stores /etc/ssh under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as SSH private keys.