Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-2770 1 Pppblog 1 Pppblog 2026-04-16 N/A
Directory traversal vulnerability in randompic.php in pppBLOG 0.3.8 and earlier, when register_globals is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) sequence in an index of the "file" array parameter, as demonstrated by file[0].
CVE-2005-3868 1 Turn-k 1 K-search 2026-04-16 N/A
Multiple SQL injection vulnerabilities in K-Search 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) term, (2) id, (3) stat, and (4) source parameters to index.php, and (5) through the image parameters with an add request.
CVE-2006-2773 1 Hogstorps 1 Hogstorp Guestbook 2026-04-16 N/A
admin/redigera/redigera2.asp in Hogstorps hogstorp Guestbook 2.0 does not verify user credentials, which allows remote attackers to edit arbitrary posts via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-1999-1531 1 Ibm 1 Homepageprint 2026-04-16 N/A
Buffer overflow in IBM HomePagePrint 1.0.7 for Windows98J allows a malicious Web site to execute arbitrary code on a viewer's system via a long IMG_SRC HTML tag.
CVE-1999-1534 1 Knox Software 1 Arkeia 2026-04-16 N/A
Buffer overflow in (1) nlservd and (2) rnavc in Knox Software Arkeia backup product allows local users to obtain root access via a long HOME environmental variable.
CVE-1999-1536 1 Acushop 1 Salesbuilder 2026-04-16 N/A
.sbstart startup script in AcuShop Salesbuilder is world writable, which allows local users to gain privileges by appending commands to the file.
CVE-2005-1148 1 Calendarscript 1 Calendarscript 2026-04-16 N/A
calendar.pl in CalendarScript 3.21 allows remote attackers to obtain sensitive information via invalid (1) year or (2) month parameters, which leaks the full pathname and debug information.
CVE-1999-1542 1 Redhat 1 Linux 2026-04-16 N/A
RPMMail before 1.4 allows remote attackers to execute commands via an e-mail message with shell metacharacters in the "MAIL FROM" command.
CVE-1999-1543 1 Apple 1 Macos 2026-04-16 N/A
MacOS uses weak encryption for passwords that are stored in the Users & Groups Data File.
CVE-2005-1157 3 Mozilla, Netscape, Redhat 4 Firefox, Mozilla, Navigator and 1 more 2026-04-16 N/A
Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 allows remote attackers to replace existing search plugins with malicious ones using sidebar.addSearchEngine and the same filename as the target engine, which may not be displayed in the GUI, which could then be used to execute malicious script, aka "Firesearching 2."
CVE-1999-1562 1 Gftp 1 Ftp Client 2026-04-16 N/A
gFTP FTP client 1.13, and other versions before 2.0.0, records a password in plaintext in (1) the log window, or (2) in a log file.
CVE-1999-1563 1 Nachuatec 2 D435, D445 2026-04-16 N/A
Nachuatec D435 and D445 printer allows remote attackers to cause a denial of service via ICMP redirect storm.
CVE-1999-1564 1 Freebsd 1 Freebsd 2026-04-16 N/A
FreeBSD 3.2 and possibly other versions allows a local user to cause a denial of service (panic) with a large number accesses of an NFS v3 mounted directory from a large number of processes.
CVE-1999-1566 1 Intel 1 Iparty 2026-04-16 N/A
Buffer overflow in iParty server 1.2 and earlier allows remote attackers to cause a denial of service (crash) by connecting to default port 6004 and sending repeated extended characters.
CVE-2005-1176 1 Ibm 1 Aix 2026-04-16 N/A
Race condition in JFS2 on AIX 5.2 and 5.3, when deleting a file while I/O is still occurring for that file, may write data to a different file, which could leak sensitive information.
CVE-1999-1571 1 Sco 1 Openserver 2026-04-16 N/A
Buffer overflow in sar for SCO OpenServer 5.0.0 through 5.0.5 may allow local users to gain root privileges via a long -f parameter, a different vulnerability than CVE-1999-1570.
CVE-2005-3878 1 Alex King 1 Php Doc System 2026-04-16 N/A
Directory traversal vulnerability in index.php in PHP Doc System 1.5.1 and earlier allows remote attackers to access or include arbitrary files via a .. (dot dot) in the show parameter.
CVE-1999-1583 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in nslookup for AIX 4.3 allows local users to execute arbitrary code via a long hostname command line argument.
CVE-1999-1584 1 Sun 2 Openwindows, Sunos 2026-04-16 N/A
Unknown vulnerability in (1) loadmodule, and (2) modload if modload is installed with setuid/setgid privileges, in SunOS 4.1.1 through 4.1.3c, and Open Windows 3.0, allows local users to gain root privileges via environment variables, a different vulnerability than CVE-1999-1586.
CVE-1999-1587 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
/usr/ucb/ps in Sun Microsystems Solaris 8 and 9, and certain earlier releases, allows local users to view the environment variables and values of arbitrary processes via the -e option.