Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0090 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in AIX rcp command allows local users to obtain root access.
CVE-2004-2603 1 Ubertec 1 Help Center Live 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the Search module in UberTec Help Center Live (HCL) allows remote attackers to inject arbitrary web script or HTML via the find parameter to index.php.
CVE-2004-2606 1 Linksys 2 Befsr41 V3, Wrt54g 2026-04-16 N/A
The Web interface in Linksys WRT54G 2.02.7 and BEFSR41 version 3, with the firewall disabled, allows remote attackers to attempt to login to an administration web page, even when the configuration specifies that remote administration is disabled.
CVE-2004-2607 1 Linux 1 Linux Kernel 2026-04-16 N/A
A numeric casting discrepancy in sdla_xfer in Linux kernel 2.6.x up to 2.6.5 and 2.4 up to 2.4.29-rc1 allows local users to read portions of kernel memory via a large len argument, which is received as an int but cast to a short, which prevents a read loop from filling a buffer.
CVE-2004-2617 1 Pegasi Web Server 1 Pegasi Web Server 2026-04-16 N/A
Directory traversal vulnerability in Pegasi Web Server (PWS) 0.2.2 allows remote attackers to read files outside of the web root via a .. (dot dot) directly after the initial '/' (slash) in the URI.
CVE-1999-0091 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in AIX writesrv command allows local users to obtain root access.
CVE-1999-0092 1 Ibm 1 Aix 2026-04-16 N/A
Various vulnerabilities in the AIX portmir command allows local users to obtain root access.
CVE-2004-2620 1 Paul L Daniels 1 Ripmime 2026-04-16 N/A
The MIMEH_read_headers function in ripMIME 1.3.1.0 does not properly handle trailing "\r" and "\n" characters in headers, which leads to a buffer underflow.
CVE-1999-0094 1 Ibm 1 Aix 2026-04-16 N/A
AIX piodmgrsu command allows local users to gain additional group privileges.
CVE-2004-2621 1 Nortel 1 Contivity 2026-04-16 N/A
Nortel Contivity VPN Client 2.1.7, 3.00, 3.01, 4.91, and 5.01, when opening a VPN tunnel, does not check the gateway certificate until after a dialog box has been displayed to the user, which creates a race condition that allows remote attackers to perform a man-in-the-middle (MITM) attack.
CVE-2004-2622 1 Altiris 1 Deployment Server Extension For Ibm Director 2026-04-16 N/A
AClient.exe in Altiris Deployment Solution 6.x and 5.x does not require authentication from the first Deployment Server that it connects to, which allows remote malicious servers to gain administrator access.
CVE-2004-2624 1 Wackowiki 1 Wackowiki 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in "TextSearch" in WackoWiki 3.5 allows remote attackers to inject arbitrary web script or HTML via the "phrase" parameter.
CVE-2004-2628 1 Acme Labs 1 Thttpd 2026-04-16 N/A
Multiple directory traversal vulnerabilities in thttpd 2.07 beta 0.4, when running on Windows, allow remote attackers to read arbitrary files via a URL that contains (1) a hex-encoded backslash dot-dot sequence ("%5C..") or (2) a drive letter (such as "C:").
CVE-2004-2630 1 Phpmyadmin 1 Phpmyadmin 2026-04-16 N/A
The MIME transformation system (transformations/text_plain__external.inc.php) in phpMyAdmin 2.5.0 up to 2.6.0-pl1 allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors.
CVE-2006-3089 1 Phpmyfactures 1 Phpmyfactures 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in PhpMyFactures 1.0, and possibly 1.2 and earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) prefixe_dossier parameter in (a) /inc/header.php; (2) msg parameter in (b) /remises/ajouter_remise.php, (c) /tva/ajouter_tva.php, (d) /stocks/ajouter.php, (e) /pays/ajouter_pays.php, (f) /produits/ajouter_cat.php, (g) /produits/ajouter_produit.php and (h) /produits/modifier_cat.php; (3) tire parameter in /remises/ajouter_remise.php; (4) quantite, (5) taux and (6) date parameter in /stocks/ajouter.php; and (7) pays and (8) prefixe parameter in /pays/ajouter_pays.php.
CVE-2004-2632 1 Phpmyadmin 1 Phpmyadmin 2026-04-16 N/A
phpMyAdmin 2.5.1 up to 2.5.7 allows remote attackers to modify configuration settings and gain unauthorized access to MySQL servers via modified $cfg['Servers'] variables.
CVE-2004-2635 1 Mcafee 1 Security Installer Control System 2026-04-16 N/A
An ActiveX control for McAfee Security Installer Control System 4.0.0.81 allows remote attackers to access the Windows registry via web pages that use the control's RegQueryValue() method.
CVE-2004-2636 1 Rit Research Labs 1 Tinyweb 2026-04-16 N/A
TinyWeb 1.9 allows remote attackers to read source code of scripts via "/./" in the URL.
CVE-1999-0097 3 Hp, Ibm, Sun 4 Hp-ux, Aix, Solaris and 1 more 2026-04-16 N/A
The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character).
CVE-2004-2638 1 Oscommerce 1 Oscommerce 2026-04-16 N/A
The Admin Access With Levels plugin in osCommerce 1.5.1 allows remote attackers to access files in the "admin/" directory by modifying the in_login parameter to a non-zero value.