Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1855 1 Macromedia 1 Jrun 2026-04-16 N/A
Macromedia JRun 3.0 through 4.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF.").
CVE-2000-0733 1 Sgi 1 Irix 2026-04-16 N/A
Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans user-injected format strings, which allows remote attackers to execute arbitrary commands via a long RLD variable in the IAC-SB-TELOPT_ENVIRON request.
CVE-2001-0757 1 Cisco 1 6400 Nrp 2 2026-04-16 N/A
Cisco 6400 Access Concentrator Node Route Processor 2 (NRP2) 12.1DC card does not properly disable access when a password has not been set for vtys, which allows remote attackers to obtain access via telnet.
CVE-2000-1037 1 Checkpoint 1 Firewall-1 2026-04-16 N/A
Check Point Firewall-1 session agent 3.0 through 4.1 generates different error messages for invalid user names versus invalid passwords, which allows remote attackers to determine valid usernames and guess a password via a brute force attack.
CVE-2004-2014 2 Gnu, Redhat 2 Wget, Enterprise Linux 2026-04-16 N/A
Wget 1.9 and 1.9.1 allows local users to overwrite arbitrary files via a symlink attack on the name of the file being downloaded.
CVE-2000-1179 1 Netopia 1 650-st Isdn Router 2026-04-16 N/A
Netopia ISDN Router 650-ST before 4.3.5 allows remote attackers to read system logs without authentication by directly connecting to the login screen and typing certain control characters.
CVE-2001-0837 1 Deltathree 1 Pc-to-phone 2026-04-16 N/A
DeltaThree Pc-To-Phone 3.0.3 places sensitive data in world-readable locations in the installation directory, which allows local users to read the information in (1) temp.html, (2) the log folder, and (3) the PhoneBook folder.
CVE-2001-0840 1 Compaq 1 Insight Manager Xe 2026-04-16 N/A
Buffer overflow in Compaq Insight Manager XE 2.1b and earlier allows remote attackers to execute arbitrary code via (1) SNMP and (2) DMI.
CVE-2000-1040 1 Suse 1 Suse Linux 2026-04-16 N/A
Format string vulnerability in logging function of ypbind 3.3, while running in debug mode, leaks file descriptors and allows an attacker to cause a denial of service.
CVE-2001-0841 1 Ikonboard.com 1 Ikonboard 2026-04-16 N/A
Directory traversal vulnerability in Search.cgi in Ikonboard ib219 and earlier allows remote attackers to overwrite files and gain privileges via .. (dot dot) sequences in the amembernamecookie cookie.
CVE-2001-0843 2 Redhat, Squid 2 Linux, Squid Web Proxy 2026-04-16 N/A
Squid proxy server 2.4 and earlier allows remote attackers to cause a denial of service (crash) via a mkdir-only FTP PUT request.
CVE-2002-0470 1 Phpnettoolpack 1 Phpnettoolpack 2026-04-16 N/A
PHPNetToolpack 0.1 relies on its environment's PATH to find and execute the traceroute program, which could allow local users to gain privileges by inserting a Trojan horse program into the search path.
CVE-2003-0541 2 Gnome, Redhat 2 Gtkhtml, Linux 2026-04-16 N/A
gtkhtml before 1.1.10, as used in Evolution, allows remote attackers to cause a denial of service (crash) via a malformed message that causes a null pointer dereference.
CVE-2003-0573 1 Sgi 1 Irix 2026-04-16 N/A
The DNS callbacks in nsd in SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, do not perform sufficient sanity checking, with unknown impact.
CVE-2003-0583 1 Tolis Group 1 Bru 2026-04-16 N/A
Buffer overflow in Backup and Restore Utility for Unix (BRU) 17.0 and earlier, when running setuid, allows local users to execute arbitrary code via a long command line argument.
CVE-2003-0584 1 Tolis Group 1 Bru 2026-04-16 N/A
Format string vulnerability in Backup and Restore Utility for Unix (BRU) 17.0 and earlier, when running setuid, allows local users to execute arbitrary code via format string specifiers in a command line argument.
CVE-2003-0623 1 Bea 2 Tuxedo, Weblogic Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the Administration Console for BEA Tuxedo 8.1 and earlier allows remote attackers to inject arbitrary web script via the INIFILE argument.
CVE-2003-0632 1 Oracle 2 Applications, E-business Suite 2026-04-16 N/A
Buffer overflow in the Oracle Applications Web Report Review (FNDWRR) CGI program (FNDWRR.exe) of Oracle E-Business Suite 11.0 and 11.5.1 through 11.5.8 may allow remote attackers to execute arbitrary code via a long URL.
CVE-2003-0643 1 Linux 1 Linux Kernel 2026-04-16 N/A
Integer signedness error in the Linux Socket Filter implementation (filter.c) in Linux 2.4.3-pre3 to 2.4.22-pre10 allows attackers to cause a denial of service (crash).
CVE-2003-0677 1 Cisco 1 Webns 2026-04-16 N/A
Cisco CSS 11000 routers on the CS800 chassis allow remote attackers to cause a denial of service (CPU consumption or reboot) via a large number of TCP SYN packets to the circuit IP address, aka "ONDM Ping failure."