Search Results (362646 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0291 1 3com 1 3cp4144 2026-04-16 N/A
3com OfficeConnect Remote 812 ADSL Router 1.1.7 does not properly clear memory from DHCP responses, which allows remote attackers to identify the contents of previous HTTP requests by sniffing DHCP packets.
CVE-2005-4801 1 Yapig 1 Yapig 2026-04-16 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in Yet Another PHP Image Gallery (YaPIG) 0.95b and earlier allow remote attackers to perform unauthorized actions as a logged-in user, as demonstrated by tricking the administrator to access a web page that performs a mod_info action in modify_gallery.php.
CVE-1999-1446 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 3 records a history of all URL's that are visited by a user in DAT files located in the Temporary Internet Files and History folders, which are not cleared when the user selects the "Clear History" option, and are not visible when the user browses the folders because of tailored displays.
CVE-1999-1449 1 Sun 1 Sunos 2026-04-16 N/A
SunOS 4.1.4 on a Sparc 20 machine allows local users to cause a denial of service (kernel panic) by reading from the /dev/tcx0 TCX device.
CVE-1999-1454 1 Macromedia 1 Matrix Screen Saver 2026-04-16 N/A
Macromedia "The Matrix" screen saver on Windows 95 with the "Password protected" option enabled allows attackers with physical access to the machine to bypass the password prompt by pressing the ESC (Escape) key.
CVE-1999-0460 1 Linux 1 Linux Kernel 2026-04-16 N/A
Buffer overflow in Linux autofs module through long directory names allows local users to perform a denial of service.
CVE-1999-1457 1 Thttpd 1 Thttpd Http Server 2026-04-16 N/A
Buffer overflow in thttpd HTTP server before 2.04-31 allows remote attackers to execute arbitrary commands via a long date string, which is not properly handled by the tdate_parse function.
CVE-2003-0295 1 Jelsoft 1 Vbulletin 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in private.php for vBulletin 3.0.0 Beta 2 allows remote attackers to inject arbitrary web script and HTML via the "Preview Message" capability.
CVE-1999-1458 1 Digital 1 Unix 2026-04-16 N/A
Buffer overflow in at program in Digital UNIX 4.0 allows local users to gain root privileges via a long command line argument.
CVE-2005-4804 1 Sun 1 Java System Application Server 2026-04-16 N/A
Unspecified vulnerability in Sun Java System Application Server Platform Edition and Enterprise Edition 8.1 2005 Q1, and Platform Edition UR1, allows remote attackers to read .jar files via unknown vectors related to deployed web applications.
CVE-1999-0674 3 Netbsd, Openbsd, Sun 4 Netbsd, Openbsd, Solaris and 1 more 2026-04-16 N/A
The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve.
CVE-2005-4806 1 Sun 1 Java System Web Proxy Server 2026-04-16 N/A
Multiple unspecified vulnerabilities in Sun Java System Web Proxy Server 3.6 SP7 and earlier allow remote attackers to cause a denial of service (unresponsive service) via unknown vectors.
CVE-1999-1467 1 Sun 1 Sunos 2026-04-16 N/A
Vulnerability in rcp on SunOS 4.0.x allows remote attackers from trusted hosts to execute arbitrary commands as root, possibly related to the configuration of the nobody user.
CVE-1999-0723 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjected to a denial of service when all worker threads are waiting for user input.
CVE-1999-1470 1 Eastman Software 1 Work Management 2026-04-16 N/A
Eastman Work Management 3.21 stores passwords in cleartext in the COMMON and LOCATOR registry keys, which could allow local users to gain privileges.
CVE-2005-4807 2 Canonical, Gnu 2 Ubuntu Linux, Binutils 2026-04-16 N/A
Stack-based buffer overflow in the as_bad function in messages.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050721 allows attackers to execute arbitrary code via a .c file with crafted inline assembly code.
CVE-2005-4810 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 7.0 Beta3 and earlier allows remote attackers to cause a denial of service (crash) via a "text/html" HTML Content-type header sent in response to an XMLHttpRequest (AJAX).
CVE-2005-4812 1 Sisco 4 Ax-s4 Iccp, Ax-s4 Mms, Iccp Toolkit For Mms-ease and 1 more 2026-04-16 N/A
The SISCO OSI stack for Windows, as used by MMS-EASE 7.10 and earlier, AX-S4 MMS 5.01 and earlier, AX-S4 ICCP 3.0103 and earlier, and the ICCP Toolkit for MMS-EASE 4.10 and earlier, allows remote attackers to cause a denial of service (process crash) via certain network traffic, as demonstrated using a Nessus scan.
CVE-1999-1479 1 Matt Wright 1 Textcounter 2026-04-16 N/A
The textcounter.pl by Matt Wright allows remote attackers to execute arbitrary commands via shell metacharacters.
CVE-1999-1480 1 Ibm 1 Aix 2026-04-16 N/A
(1) acledit and (2) aclput in AIX 4.3 allow local users to create or modify files via a symlink attack.