Search Results (362376 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-4405 1 Random Mouse Software 1 Red Queen 2026-04-16 N/A
redqueen.cgi in Red Queen 1.02 and earlier allows remote attackers to obtain the full server path via invalid (1) yellowpage_id, (2) skin_id, (3) supplier_id, and (4) module parameters, which leaks the path in an error message.
CVE-1999-0441 1 Qbik 1 Wingate 2026-04-16 N/A
Remote attackers can perform a denial of service in WinGate machines using a buffer overflow in the Winsock Redirector Service.
CVE-1999-0444 1 Microsoft 3 Windows 95, Windows 98, Windows Nt 2026-04-16 N/A
Remote attackers can perform a denial of service in Windows machines using malicious ARP packets, forcing a message box display for each packet or filling up log files.
CVE-2005-4406 1 Tmc Visionpool 1 Mercury Cms 2026-04-16 N/A
SQL injection vulnerability in index.cfm in Mercury CMS 4.0 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2005-4407 1 Tmc Visionpool 1 Mercury Cms 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.cfm in Mercury CMS 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) content and (2) criteria parameters.
CVE-1999-0465 2026-04-16 N/A
Remote attackers can crash Lynx and Internet Explorer using an IMG tag with a large width parameter.
CVE-2005-4408 1 Pc Media 1 Miraserver 2026-04-16 N/A
Multiple SQL injection vulnerabilities in Miraserver 1.0 RC4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) page parameter to index.php, (2) id parameter to newsitem.php, and (3) cat parameter to article.php.
CVE-1999-0466 1 Netbsd 1 Netbsd 2026-04-16 N/A
The SVR4 /dev/wabi special device file in NetBSD 1.3.3 and earlier allows a local user to read or write arbitrary files on the disk associated with that device.
CVE-1999-0468 1 Microsoft 1 Internet Explorer 2026-04-16 8.2 High
Internet Explorer 5.0 allows a remote server to read arbitrary files on the client's file system using the Microsoft Scriptlet Component.
CVE-1999-0472 2 Network Appliance, Snmp 2 Netcache, Snmp 2026-04-16 N/A
The SNMP default community name "public" is not properly removed in NetApps C630 Netcache, even if the administrator tries to disable it.
CVE-1999-0498 2026-04-16 N/A
TFTP is not running in a restricted directory, allowing a remote attacker to access sensitive information such as password files.
CVE-1999-0509 2026-04-16 N/A
Perl, sh, csh, or other shell interpreters are installed in the cgi-bin directory on a WWW site, which allows remote attackers to execute arbitrary commands.
CVE-2005-4418 1 Vserver 1 Util-vserver 2026-04-16 N/A
util-vserver before 0.30.208-1 with kernel-patch-vserver before 1.9.5.5 and 2.x before 2.3 for Debian GNU/Linux sets a default policy that trusts unknown capabilities, which could allow local users to conduct unauthorized activities.
CVE-2005-4421 1 Dev-editor 1 Dev-editor 2026-04-16 N/A
Dev-Editor 3.0 allows remote attackers to access any directory outside the web root whose name is a substring of the web root directory name.
CVE-2005-4422 1 Toenda Software Development 1 Toendacms 2026-04-16 N/A
Unrestricted file upload vulnerability in toendaCMS before 0.6.2 Stable allows remote authenticated administrators to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in data/images/albums.
CVE-1999-0520 2026-04-16 N/A
A system-critical NETBIOS/SMB share has inappropriate access control.
CVE-2005-4425 1 Kerio 1 Winroute Firewall 2026-04-16 N/A
Unspecified vulnerability in Kerio WinRoute Firewall before 6.1.3 allows remote attackers to cause a denial of service (crash) via certain RTSP streams.
CVE-1999-0529 2026-04-16 N/A
A router or firewall forwards packets that claim to come from IANA reserved or private addresses, e.g. 10.x.x.x, 127.x.x.x, 217.x.x.x, etc.
CVE-1999-0547 2026-04-16 N/A
An SSH server allows authentication through the .rhosts file.
CVE-2005-4426 1 Yabb 1 Yabb 2026-04-16 N/A
Interpretation conflict in YaBB before 2.1 allows remote authenticated users to inject arbitrary web script or HTML via HTML in a file with a GIF file extension, which causes the HTML to be executed by a victim who views the file in Internet Explorer as a result of CVE-2005-3312. NOTE: it could be argued that this vulnerability is due to a design flaw in Internet Explorer and the proper fix should be in that browser; if so, then this should not be treated as a vulnerability in YaBB.