Search Results (365487 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-1467 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2026-04-16 N/A
Unknown vulnerability in the NDPS dissector in Ethereal before 0.10.11 allows remote attackers to cause a denial of service (memory exhaustion) via unknown vectors.
CVE-1999-1068 1 Oracle 1 Http Server 2026-04-16 N/A
Oracle Webserver 2.1, when serving PL/SQL stored procedures, allows remote attackers to cause a denial of service via a long HTTP GET request.
CVE-2005-1475 1 Opera 1 Opera Browser 2026-04-16 N/A
The XMLHttpRequest object in Opera 8.0 Final Build 1095 allows remote attackers to bypass access restrictions and perform unauthorized actions on other domains via a redirect.
CVE-1999-1397 1 Microsoft 1 Index Server 2026-04-16 N/A
Index Server 2.0 on IIS 4.0 stores physical path information in the ContentIndex\Catalogs subkey of the AllowedPaths registry key, whose permissions allows local and remote users to obtain the physical paths of directories that are being indexed.
CVE-1999-1486 1 Ibm 1 Aix 2026-04-16 N/A
sadc in IBM AIX 4.1 through 4.3, when called from programs such as timex that are setgid adm, allows local users to overwrite arbitrary files via a symlink attack.
CVE-2005-1486 1 Fishnet 1 Fishcart 2026-04-16 N/A
Multiple cross-site scripting vulnerabilities in FishCart 3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) trackingnum, (2) reqagree, or (3) m parameter to upstracking.php or (4) nlst parameter to display.php. NOTE: the vendor was not able to reproduce some of the reported vectors but believes that they have been addressed. The original researcher is known to be unreliable.
CVE-1999-1537 1 Microsoft 1 Internet Information Server 2026-04-16 N/A
IIS 3.x and 4.x does not distinguish between pages requiring encryption and those that do not, which allows remote attackers to cause a denial of service (resource exhaustion) via SSL requests to the HTTPS port for normally unencrypted files, which will cause IIS to perform extra work to send the files over SSL.
CVE-2000-0121 1 Microsoft 1 Windows Nt 2026-04-16 N/A
The Recycle Bin utility in Windows NT and Windows 2000 allows local users to read or modify files by creating a subdirectory with the victim's SID in the recycler directory, aka the "Recycle Bin Creation" vulnerability.
CVE-2005-1496 1 Oracle 2 Application Server, Oracle10g 2026-04-16 N/A
The DBMS_Scheduler in Oracle 10g allows remote attackers with CREATE JOB privileges to gain additional privileges by changing SESSION_USER to the SYS user.
CVE-2005-1497 1 Mywebland 1 Mybloggie 2026-04-16 N/A
index.php in myBloggie 2.1.1 allows remote attackers to obtain sensitive information via an invalid post_id parameter, which reveals the path in an error message.
CVE-2005-1502 1 Midicart Software 1 Midicart Php Shopping Cart 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in MidiCart PHP Shopping Cart allows remote attackers to inject arbitrary web script or HTML via the (1) searchstring parameter to search_list.php or the (2) secondgroup or (3) maingroup parameters to item_list.php.
CVE-2000-0359 1 Acme Labs 1 Thttpd 2026-04-16 N/A
Buffer overflow in Trivial HTTP (THTTPd) allows remote attackers to cause a denial of service or execute arbitrary commands via a long If-Modified-Since header.
CVE-2000-0632 1 Lsoft 1 Listserv 2026-04-16 N/A
Buffer overflow in the web archive component of L-Soft Listserv 1.8d and earlier allows remote attackers to execute arbitrary commands via a long query string.
CVE-2000-0773 1 Bajie 1 Java Http Server 2026-04-16 N/A
Bajie HTTP web server 0.30a allows remote attackers to read arbitrary files via a URL that contains a "....", a variant of the dot dot directory traversal attack.
CVE-2005-1506 1 Cj 1 Ultra Plus 2026-04-16 N/A
SQL injection vulnerability in out.php in CJ Ultra (CJUltra) Plus 1.0.3 and 1.0.4 allows remote attackers to execute arbitrary SQL commands via the perm parameter.
CVE-2005-1512 1 Pwsphp 1 Pwsphp 2026-04-16 N/A
The Admin panel in PwsPHP 1.2.2 does not properly verify uploaded picture files, which allows remote attackers to upload and possibly execute arbitrary files.
CVE-2005-1515 1 Dan Bernstein 1 Qmail 2026-04-16 N/A
Integer signedness error in the qmail_put and substdio_put functions in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large number of SMTP RCPT TO commands.
CVE-2001-0902 1 Microsoft 1 Internet Information Services 2026-04-16 N/A
Microsoft IIS 5.0 allows remote attackers to spoof web log entries via an HTTP request that includes hex-encoded newline or form-feed characters.
CVE-2005-1522 1 Gnu 1 Mailutils 2026-04-16 N/A
The imap4d server for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows authenticated remote users to cause a denial of service (CPU consumption) via a large range value in the FETCH command.
CVE-2005-1523 1 Gnu 1 Mailutils 2026-04-16 N/A
Format string vulnerability in imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via format string specifiers in the command tag for IMAP commands.