Search Results (363538 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-2011 1 Jon Howell 1 Faq-o-matic 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the fom CGI program (fom.cgi) in Faq-O-Matic 2.711 and 2.712 allows remote attackers to inject arbitrary web script or HTML via the file parameter.
CVE-2002-1513 1 Compaq 1 Tcp-ip Services 2026-04-16 N/A
The UCX POP server in HP TCP/IP services for OpenVMS 4.2 through 5.3 allows local users to truncate arbitrary files via the -logfile command line option, which overrides file system permissions because the server runs with the SYSPRV and BYPASS privileges.
CVE-2002-1471 1 Ximian 1 Evolution 2026-04-16 N/A
The camel component for Ximian Evolution 1.0.x and earlier does not verify certificates when it establishes a new SSL connection after previously verifying a certificate, which could allow remote attackers to monitor or modify sessions via a man-in-the-middle attack.
CVE-1999-0496 1 Microsoft 1 Windows Nt 2026-04-16 N/A
A Windows NT 4.0 user can gain administrative rights by forcing NtOpenProcessToken to succeed regardless of the user's permissions, aka GetAdmin.
CVE-2001-1306 1 Sun 1 Iplanet Directory Server 2026-04-16 N/A
iPlanet Directory Server 4.1.4 and earlier (LDAP) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via invalid BER length of length fields, as demonstrated by the PROTOS LDAPv3 test suite.
CVE-1999-0497 2026-04-16 N/A
Anonymous FTP is enabled.
CVE-2002-0047 2 Olaf Titz, Redhat 2 Cipe, Linux 2026-04-16 N/A
CIPE VPN package before 1.3.0-3 allows remote attackers to cause a denial of service (crash) via a short malformed packet.
CVE-2002-0820 1 Freebsd 1 Freebsd 2026-04-16 N/A
FreeBSD kernel 4.6 and earlier closes the file descriptors 0, 1, and 2 after they have already been assigned to /dev/null when the descriptors reference procfs or linprocfs, which could allow local users to reuse the file descriptors in a setuid or setgid program to modify critical data and gain privileges.
CVE-1999-0522 2026-04-16 N/A
The permissions for a system-critical NIS+ table (e.g. passwd) are inappropriate.
CVE-2002-0833 1 Qualcomm 1 Eudora 2026-04-16 N/A
Buffer overflow in Eudora 5.1.1 and 5.0-J for Windows, and possibly other versions, allows remote attackers to execute arbitrary code via a multi-part message with a long boundary string.
CVE-2001-1311 1 Ibm 1 Lotus Domino R5 2026-04-16 N/A
Buffer overflows in Lotus Domino R5 before R5.0.7a allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.
CVE-1999-0527 2026-04-16 N/A
The permissions for system-critical data in an anonymous FTP account are inappropriate. For example, the root directory is writeable by world, a real password file is obtainable, or executable commands such as "ls" can be overwritten.
CVE-1999-0546 1 Microsoft 1 Windows Nt 2026-04-16 N/A
The Windows NT guest account is enabled.
CVE-2001-0468 1 Ftpfs 1 Ftpfs 2026-04-16 N/A
Buffer overflow in FTPFS allows local users to gain root privileges via a long user name.
CVE-2001-1313 1 Ibm 1 Lotus Domino R5 2026-04-16 N/A
Lotus Domino R5 before R5.0.7a allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via miscellaneous packets with semi-valid BER encodings, as demonstrated by the PROTOS LDAPv3 test suite.
CVE-2002-1151 2 Kde, Redhat 4 Kde, Konqueror, Enterprise Linux and 1 more 2026-04-16 N/A
The cross-site scripting protection for Konqueror in KDE 2.2.2 and 3.0 through 3.0.3 does not properly initialize the domains on sub-frames and sub-iframes, which can allow remote attackers to execute script and steal cookies from subframes that are in other domains.
CVE-1999-0579 1 Microsoft 1 Windows Nt 2026-04-16 N/A
A Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys.
CVE-1999-0583 2026-04-16 N/A
There is a one-way or two-way trust relationship between Windows NT domains.
CVE-2001-0480 1 Alex Linde 1 Alexs Ftp Server 2026-04-16 N/A
Directory traversal vulnerability in Alex's FTP Server 0.7 allows remote attackers to read arbitrary files via a ... (modified dot dot) in the (1) GET or (2) CD commands.
CVE-1999-0596 2026-04-16 N/A
A Windows NT log file has an inappropriate maximum size or retention period.