Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-1271 1 Macromedia 1 Dreamweaver 2026-04-16 N/A
Macromedia Dreamweaver uses weak encryption to store FTP passwords, which could allow local users to easily decrypt the passwords of other users.
CVE-2005-3796 1 Alstrasoft 1 Affiliate Network Pro 2026-04-16 N/A
Direct static code injection vulnerability in admin_options_manage.php in AlstraSoft Affiliate Network Pro 7.2 allows attackers to execute arbitrary PHP code via the number parameter. NOTE: it is not clear from the original report whether administrator privileges are required. If not, then this does not cross privilege boundaries and is not a vulnerability.
CVE-1999-1506 1 Sun 1 Sunos 2026-04-16 N/A
Vulnerability in SMI Sendmail 4.0 and earlier, on SunOS up to 4.0.3, allows remote attackers to access user bin.
CVE-2005-0990 2 Gnu, Redhat 2 Sharutils, Enterprise Linux 2026-04-16 N/A
unshar (unshar.c) in sharutils 4.2.1 allows local users to overwrite arbitrary files via a symlink attack on the unsh.X temporary file.
CVE-2005-3799 1 Phpbb Group 1 Phpbb 2026-04-16 N/A
phpBB 2.0.18 allows remote attackers to obtain sensitive information via a large SQL query, which generates an error message that reveals SQL syntax or the full installation path.
CVE-2006-2733 1 Mini-nuke 1 Mini-nuke 2026-04-16 N/A
membership.asp in Mini-Nuke 2.3 and earlier uses plaintext security codes, which allows remote attackers to register multiple times via automated scripts.
CVE-1999-1315 1 Dec 1 Dec Openvms 2026-04-16 N/A
Vulnerabilities in DECnet/OSI for OpenVMS before 5.8 on DEC Alpha AXP and VAX/VMS systems allow local users to gain privileges or cause a denial of service.
CVE-2005-1003 1 Profitcode 1 Payprocart 2026-04-16 N/A
Directory traversal vulnerability in index.php for ProfitCode PayProCart 3.0 allows remote attackers to include arbitrary PHP files via .. (dot dot) sequences in the modID parameter.
CVE-1999-1335 1 Redhat 1 Linux 2026-04-16 N/A
snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4.0 is configured to allow remote attackers to read and write sensitive information.
CVE-1999-1343 1 Xerox 1 Docucolor 4lp 2026-04-16 N/A
HTTP server for Xerox DocuColor 4 LP allows remote attackers to cause a denial of service (hang) via a long URL that contains a large number of . characters.
CVE-1999-1345 1 Auto Ftp 1 Auto Ftp 2026-04-16 N/A
Auto_FTP.pl script in Auto_FTP 0.2 uses the /tmp/ftp_tmp as a shared directory with insecure permissions, which allows local users to (1) send arbitrary files to the remote server by placing them in the directory, and (2) view files that are being transferred.
CVE-2005-1022 1 Macromedia 1 Coldfusion 2026-04-16 N/A
ColdFusion 6.1 Updater 1 places Java .class files under the web root in the /WEB-INF/cfclasses directory, which allows remote attackers to obtain sensitive information.
CVE-1999-1351 1 Kvirc 1 Irc Client 2026-04-16 N/A
Directory traversal vulnerability in KVIrc IRC client 0.9.0 with the "Listen to !nick <soundname> requests" option enabled allows remote attackers to read arbitrary files via a .. (dot dot) in a DCC GET request.
CVE-1999-1356 1 Compaq 1 Smartstart 2026-04-16 N/A
Compaq Integration Maintenance Utility as used in Compaq Insight Manager agent before SmartStart 4.50 modifies the legal notice caption (LegalNoticeCaption) and text (LegalNoticeText) in Windows NT, which could produce a legal notice that is in violation of the security policy.
CVE-2005-3807 1 Linux 1 Linux Kernel 2026-04-16 N/A
Memory leak in the VFS file lease handling in locks.c in Linux kernels 2.6.10 to 2.6.15 allows local users to cause a denial of service (memory exhaustion) via certain Samba activities that cause an fasync entry to be re-allocated by the fcntl_setlease function after the fasync queue has already been cleaned by the locks_delete_lock function.
CVE-2005-1040 1 Novell 1 Linux Desktop 2026-04-16 N/A
Multiple unknown vulnerabilities in netapplet in Novell Linux Desktop 9 allow local users to gain root privileges, related to "User input [being] passed to network scripts without verification."
CVE-2006-2739 1 Epic Designs 1 Tinybb 2026-04-16 N/A
PHP remote file inclusion vulnerability in footers.php in Epicdesigns tinyBB 0.3, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the tinybb_footers parameter.
CVE-2005-3812 1 Freeftpd 1 Freeftpd 2026-04-16 N/A
freeFTPd 1.0.10 allows remote authenticated users to cause a denial of service (null dereference and crash) via a PORT command with missing arguments.
CVE-2006-2741 1 Epic Designs 1 Tinybb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Epicdesigns tinyBB 0.3 allow remote attackers to inject arbitrary web script or HTML via the q parameter in forgot.php, which is echoed in an error message, and other unspecified vectors.
CVE-1999-1388 1 Sun 1 Sunos 2026-04-16 N/A
passwd in SunOS 4.1.x allows local users to overwrite arbitrary files via a symlink attack and the -F command line argument.