Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0506 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-04-16 N/A
Buffer overflow in ssinc.dll in IIS 5.0 and 4.0 allows local users to gain system privileges via a Server-Side Includes (SSI) directive for a long filename, which triggers the overflow when the directory name is added, aka the "SSI privilege elevation" vulnerability.
CVE-2001-0516 1 Oracle 2 Oracle8i, Oracle9i 2026-04-16 N/A
Oracle listener between Oracle 9i and Oracle 8.0 allows remote attackers to cause a denial of service via a malformed connection packet that contains an incorrect requester_version value that does not match an expected offset to the data.
CVE-2001-0518 1 Oracle 1 Oracle9i 2026-04-16 N/A
Oracle listener before Oracle 9i allows attackers to cause a denial of service by repeatedly sending the first portion of a fragmented Oracle command without sending the remainder of the command, which causes the listener to hang.
CVE-2001-0519 1 Aladdin Knowledge Systems 1 Esafe Gateway 2026-04-16 N/A
Aladdin eSafe Gateway versions 2.x allows a remote attacker to circumvent HTML SCRIPT filtering via a special arrangement of HTML tags which includes SCRIPT tags embedded within other SCRIPT tags.
CVE-2001-0521 1 Aladdin Knowledge Systems 1 Esafe Gateway 2026-04-16 N/A
Aladdin eSafe Gateway versions 3.0 and earlier allows a remote attacker to circumvent HTML SCRIPT filtering via the UNICODE encoding of SCRIPT tags within the HTML document.
CVE-2001-0546 1 Microsoft 1 Isa Server 2026-04-16 N/A
Memory leak in H.323 Gatekeeper Service in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service (resource exhaustion) via a large amount of malformed H.323 data.
CVE-2001-0548 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in dtmail in Solaris 2.6 and 7 allows local users to gain privileges via the MAIL environment variable.
CVE-2001-0551 1 Hp 1 Hp-ux 2026-04-16 N/A
Buffer overflow in CDE Print Viewer (dtprintinfo) allows local users to execute arbitrary code by copying text from the clipboard into the Help window.
CVE-2001-0552 2 Hp, Ibm 2 Openview Network Node Manager, Tivoli Netview 2026-04-16 N/A
ovactiond in HP OpenView Network Node Manager (NNM) 6.1 and Tivoli Netview 5.x and 6.x allows remote attackers to execute arbitrary commands via shell metacharacters in a certain SNMP trap message.
CVE-2004-1100 1 Tips 1 Mailpost 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in mailpost.exe in MailPost 5.1.1sv, and possibly earlier versions, when debug mode is enabled, allows remote attackers to execute arbitrary web script or HTML via the append parameter.
CVE-2004-1105 1 Nortel 1 Contivity 2026-04-16 N/A
Nortel Networks Contivity VPN Client displays a different error message depending on whether the username is valid or invalid, which could allow remote attackers to gain sensitive information.
CVE-2004-1106 2 Gallery Project, Gentoo 2 Gallery, Linux 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Gallery 1.4.4-pl3 and earlier allows remote attackers to execute arbitrary web script or HTML via "specially formed URLs," possibly via the include parameter in index.php.
CVE-2005-1560 1 Neteyes 1 Nexusway 2026-04-16 N/A
The SSH module in Neteyes Nexusway allows remote attackers to execute arbitrary commands via shell metacharacters in arguments to certain commands, as demonstrated using ping and traceroute.
CVE-2004-1109 1 Kerio 1 Personal Firewall 2026-04-16 N/A
The FWDRV.SYS driver in Kerio Personal Firewall 4.1.1 and earlier allows remote attackers to cause a denial of service (CPU consumption and system freeze from infinite loop) via a (1) TCP, (2) UDP, or (3) ICMP packet with a zero length IP Option field.
CVE-2005-2439 1 Usebb 1 Usebb 2026-04-16 N/A
SQL injection vulnerability in UseBB 0.5.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the search function.
CVE-2004-1113 1 Sqlgrey 1 Sqlgrey Postfix Greylisting Service 2026-04-16 N/A
SQL injection vulnerability in SQLgrey Postfix greylisting service before 1.2.0 allows remote attackers to execute arbitrary SQL commands via the (1) sender or (2) recipient e-mail addresses.
CVE-2005-1568 1 Directtopics 1 Directtopics 2026-04-16 N/A
topic.php in DirectTopics 2.1 and 2.2 allows remote attackers to obtain sensitive information via an invalid topic parameter, which reveals the path in an error message.
CVE-2005-2440 1 Thomson Netg 1 Web Skill Vantage Manager 2026-04-16 N/A
SQL injection vulnerability in login.asp in Thomson Web Skill Vantage Manager allows remote attackers to execute arbitrary SQL commands via the svmPassword parameter.
CVE-2005-1569 1 Directtopics 1 Directtopics 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in DirectTopics 2.1 and 2.2 allows remote attackers to inject arbitrary web script via a javascript: URL in (1) a thread or (2) an IMG tag.
CVE-2005-2442 1 Spi Dynamics 1 Webinspect 2026-04-16 N/A
Cross-Application Scripting (XAS) vulnerability in SPI Dynamics WebInspect 5.0.196 allows remote attackers to inject Javascript from one application into another.