Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-1343 1 Xerox 1 Docucolor 4lp 2026-04-16 N/A
HTTP server for Xerox DocuColor 4 LP allows remote attackers to cause a denial of service (hang) via a long URL that contains a large number of . characters.
CVE-1999-1345 1 Auto Ftp 1 Auto Ftp 2026-04-16 N/A
Auto_FTP.pl script in Auto_FTP 0.2 uses the /tmp/ftp_tmp as a shared directory with insecure permissions, which allows local users to (1) send arbitrary files to the remote server by placing them in the directory, and (2) view files that are being transferred.
CVE-2005-1022 1 Macromedia 1 Coldfusion 2026-04-16 N/A
ColdFusion 6.1 Updater 1 places Java .class files under the web root in the /WEB-INF/cfclasses directory, which allows remote attackers to obtain sensitive information.
CVE-1999-1351 1 Kvirc 1 Irc Client 2026-04-16 N/A
Directory traversal vulnerability in KVIrc IRC client 0.9.0 with the "Listen to !nick <soundname> requests" option enabled allows remote attackers to read arbitrary files via a .. (dot dot) in a DCC GET request.
CVE-1999-1356 1 Compaq 1 Smartstart 2026-04-16 N/A
Compaq Integration Maintenance Utility as used in Compaq Insight Manager agent before SmartStart 4.50 modifies the legal notice caption (LegalNoticeCaption) and text (LegalNoticeText) in Windows NT, which could produce a legal notice that is in violation of the security policy.
CVE-2005-3807 1 Linux 1 Linux Kernel 2026-04-16 N/A
Memory leak in the VFS file lease handling in locks.c in Linux kernels 2.6.10 to 2.6.15 allows local users to cause a denial of service (memory exhaustion) via certain Samba activities that cause an fasync entry to be re-allocated by the fcntl_setlease function after the fasync queue has already been cleaned by the locks_delete_lock function.
CVE-2005-1040 1 Novell 1 Linux Desktop 2026-04-16 N/A
Multiple unknown vulnerabilities in netapplet in Novell Linux Desktop 9 allow local users to gain root privileges, related to "User input [being] passed to network scripts without verification."
CVE-2006-2739 1 Epic Designs 1 Tinybb 2026-04-16 N/A
PHP remote file inclusion vulnerability in footers.php in Epicdesigns tinyBB 0.3, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the tinybb_footers parameter.
CVE-2005-3812 1 Freeftpd 1 Freeftpd 2026-04-16 N/A
freeFTPd 1.0.10 allows remote authenticated users to cause a denial of service (null dereference and crash) via a PORT command with missing arguments.
CVE-2006-2741 1 Epic Designs 1 Tinybb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Epicdesigns tinyBB 0.3 allow remote attackers to inject arbitrary web script or HTML via the q parameter in forgot.php, which is echoed in an error message, and other unspecified vectors.
CVE-1999-1388 1 Sun 1 Sunos 2026-04-16 N/A
passwd in SunOS 4.1.x allows local users to overwrite arbitrary files via a symlink attack and the -F command line argument.
CVE-1999-1395 1 Dec 1 Dec Openvms 2026-04-16 N/A
Vulnerability in Monitor utility (SYS$SHARE:SPISHR.EXE) in VMS 5.0 through 5.4-2 allows local users to gain privileges.
CVE-2002-0747 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in lsmcode in AIX 4.3.3.
CVE-2005-1070 1 Invision Power Services 1 Invision Board 2026-04-16 N/A
SQL injection vulnerability in index.php in Invision Power Board 1.3.1 Final and earlier allows remote attackers to execute arbitrary SQL commands via the st parameter.
CVE-2005-3838 1 Isolsoft 1 Support Center 2026-04-16 N/A
Multiple SQL injection vulnerabilities in search.php in IsolSoft Support Center 2.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) lorder, (2) Priority, (3) Status, (4) Category, (5) searchvalue, and (6) field parameter.
CVE-2006-2755 1 Ubbcentral 1 Ubb.threads 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in UBBThreads 5.x and earlier allows remote attackers to inject arbitrary web script or HTML via the debug parameter, as demonstrated by stealing MD5 hashes of passwords.
CVE-1999-1421 1 N-base 2 Nh208, Nh215 2026-04-16 N/A
NBase switches NH208 and NH215 run a TFTP server which allows remote attackers to send software updates to modify the switch or cause a denial of service (crash) by guessing the target filenames, which have default names.
CVE-1999-1423 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
ping in Solaris 2.3 through 2.6 allows local users to cause a denial of service (crash) via a ping request to a multicast address through the loopback interface, e.g. via ping -i.
CVE-2000-0177 1 Dnstools Software 1 Dnstools 2026-04-16 N/A
DNSTools CGI applications allow remote attackers to execute arbitrary commands via shell metacharacters.
CVE-2005-1292 1 Elemental Software 1 Cartwiz 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in CartWIZ ASP Cart allow remote attackers to inject arbitrary web script or HTML via the idProduct parameter to (1) tellAFriend.asp or (2) addToWishlist.asp, redirect parameter to (3) access.asp or (4) login.asp, message parameter to (5) login.asp or (6) error.asp, or (7) sku or (8) name parameter to searchResults.asp.