Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-2489 1 Nagios 1 Nagios 2026-04-16 N/A
Integer overflow in CGI scripts in Nagios 1.x before 1.4.1 and 2.x before 2.3.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a content length (Content-Length) HTTP header. NOTE: this is a different vulnerability than CVE-2006-2162.
CVE-2005-1646 1 Fastream 1 Netfile Ftp Web Server 2026-04-16 N/A
The default installation of Fastream NETFile FTP/Web Server 7.4.6, which supports FXP, does not require that the IP address in a PORT command be the same as the IP of the logged in user, which allows remote attackers to conduct FTP Bounce attacks to bypass firewall rules or cause a denial of service.
CVE-2005-1649 1 Microsoft 2 Windows 2003 Server, Windows Xp 2026-04-16 N/A
The IPv6 support in Windows XP SP2, 2003 Server SP1, and Longhorn, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source address and port, a variant of CVE-2005-0688 and a reoccurrence of the "Land" vulnerability (CVE-1999-0016).
CVE-2005-1658 1 Myserver 1 Myserver 2026-04-16 N/A
Directory traversal vulnerability in filemanager.cpp in MyServer 0.8 allows remote attackers to list the parent directory of the web root via a URL with a "..." (triple dot).
CVE-2005-1659 1 Myserver 1 Myserver 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in filemanager.cpp in MyServer 0.8 allows remote attackers to inject arbitrary Javascript via a URL with a "..." (triple dot) followed by an onmouseover event.
CVE-2005-1665 1 Microsoft 1 Asp.net 2026-04-16 N/A
The __VIEWSTATE functionality in Microsoft ASP.NET 1.x, when not cryptographically signed, allows remote attackers to cause a denial of service (CPU consumption) via deeply nested markup.
CVE-2005-4375 1 Box Uk 1 Amaxus 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Amaxus 3 and earlier allows remote attackers to inject arbitrary web script or HTML via the change parameter. NOTE: it is possible that this is resultant from CVE-2005-4376.
CVE-2005-4376 1 Box Uk 1 Amaxus 2026-04-16 N/A
Directory traversal vulnerability in Amaxus 3 and earlier allows remote attackers to access arbitrary files via ".." sequences in the change parameter.
CVE-2005-4378 1 Nma 1 Baseline Cms 2026-04-16 N/A
SQL injection vulnerability in Page.asp in Baseline CMS 1.95 and earlier allows remote attackers to execute arbitrary SQL commands via the SiteNodeID parameter.
CVE-2005-4379 1 Bitweaver 1 Bitweaver 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Bitweaver 1.1 and 1.1.1 beta allow remote attackers to inject arbitrary web script or HTML via the (1) sort_mode parameter to (a) fisheye/list_galleries.php, (b) messages/message_box.php, and (c) users/my.php; the (2) post_id parameter to (d) blogs/view_post.php; the (3) blog_id parameter to (e) blogs/view.php; and the (4) search field to (f) users/my_groups.php.
CVE-1999-0353 1 Hp 1 Hp-ux 2026-04-16 N/A
rpc.pcnfsd in HP gives remote root access by changing the permissions on the main printer spool directory.
CVE-2005-4384 1 Citysoft 1 Community Enterprise 2026-04-16 N/A
CitySoft Community Enterprise 4.x allows remote attackers to obtain the full path of the server via an invalid (1) fuseaction parameter to index.cfm and (2) documentid parameter to document/docWindow.cfm.
CVE-1999-0360 1 Microsoft 1 Site Server 2026-04-16 N/A
MS Site Server 2.0 with IIS 4 can allow users to upload content, including ASP, to the target web site, thus allowing them to execute commands remotely.
CVE-2005-4387 1 Contenite 1 Contenite 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in home.php in contenite 0.11 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter.
CVE-1999-0363 2 Plp, Suse 2 Line Printer Control, Suse Linux 2026-04-16 N/A
SuSE 5.2 PLP lpc program has a buffer overflow that leads to root compromise.
CVE-1999-0367 1 Netbsd 1 Netbsd 2026-04-16 N/A
NetBSD netstat command allows local users to access kernel memory.
CVE-2005-4388 1 Contens 1 Contens 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in search.cfm in CONTENS 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the near parameter.
CVE-1999-0368 7 Caldera, Debian, Proftpd Project and 4 more 8 Openlinux, Debian Linux, Proftpd and 5 more 2026-04-16 N/A
Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.
CVE-2005-4390 1 Contentserv 1 Contentserv 2026-04-16 N/A
SQL injection vulnerability in index.php in ContentServ 3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the StoryID parameter.
CVE-1999-0374 1 Debian 1 Debian Linux 2026-04-16 N/A
Debian GNU/Linux cfengine package is susceptible to a symlink attack.