Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1044 1 Basilix 1 Basilix Webmail 2026-04-16 N/A
Basilix Webmail 0.9.7beta, and possibly other versions, stores *.class and *.inc files under the document root and does not restrict access, which could allows remote attackers to obtain sensitive information such as MySQL passwords and usernames from the mysql.class file.
CVE-2002-0425 1 Khaled Mardam-bey 1 Mirc 2026-04-16 N/A
mIRC DCC server protocol allows remote attackers to gain sensitive information such as alternate IRC nicknames via a "100 testing" message in a DCC connection request that cannot be ignored or canceled by the user, which may leak the alternate nickname in a response message.
CVE-1999-0267 1 Ncsa 1 Ncsa Httpd 2026-04-16 N/A
Buffer overflow in NCSA HTTP daemon v1.3 allows remote command execution.
CVE-1999-0268 1 Metainfo 1 Metaweb 2026-04-16 N/A
MetaInfo MetaWeb web server allows users to upload, execute, and read scripts.
CVE-2001-1045 1 Basilix 1 Basilix Webmail 2026-04-16 N/A
Directory traversal vulnerability in basilix.php3 in Basilix Webmail 1.0.3beta and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the request_id[DUMMY] parameter.
CVE-1999-0365 1 Metainfo 2 Metaip, Sendmail 2026-04-16 N/A
The metamail package allows remote command execution using shell metacharacters that are not quoted in a mailcap entry.
CVE-2001-1078 1 Extremail 1 Extremail 2026-04-16 N/A
Format string vulnerability in flog function of eXtremail 1.1.9 and earlier allows remote attackers to gain root privileges via format specifiers in the SMTP commands (1) HELO, (2) EHLO, (3) MAIL FROM, or (4) RCPT TO, and the POP3 commands (5) USER and (6) other commands that can be executed after POP3 authentication.
CVE-1999-0367 1 Netbsd 1 Netbsd 2026-04-16 N/A
NetBSD netstat command allows local users to access kernel memory.
CVE-1999-0369 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access.
CVE-1999-0379 1 Microsoft 1 Backoffice Resource Kit 2026-04-16 N/A
Microsoft Taskpads allows remote web sites to execute commands on the visiting user's machine via certain methods that are marked as Safe for Scripting.
CVE-2001-1083 2 Icecast, Redhat 2 Icecast, Powertools 2026-04-16 N/A
Icecast 1.3.7, and other versions before 1.3.11 with HTTP server file streaming support enabled allows remote attackers to cause a denial of service (crash) via a URL that ends in . (dot), / (forward slash), or \ (backward slash).
CVE-1999-0384 1 Microsoft 6 Office, Outlook, Project and 3 more 2026-04-16 N/A
The Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0) can be used to read text from a user's clipboard when the user accesses documents with ActiveX content.
CVE-2001-1088 1 Microsoft 2 Outlook, Outlook Express 2026-04-16 N/A
Microsoft Outlook 8.5 and earlier, and Outlook Express 5 and earlier, with the "Automatically put people I reply to in my address book" option enabled, do not notify the user when the "Reply-To" address is different than the "From" address, which could allow an untrusted remote attacker to spoof legitimate addresses and intercept email from the client that is intended for another user.
CVE-1999-0388 1 Datalynx 1 Suguard 2026-04-16 N/A
DataLynx suGuard trusts the PATH environment variable to execute the ps command, allowing local users to execute commands as root.
CVE-2001-1091 1 Netbsd 1 Netbsd 2026-04-16 N/A
The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges, which could allow local users to gain privileges via the RCMD_CMD environment variable.
CVE-2002-0447 1 Xerver 1 Xerver 2026-04-16 N/A
Directory traversal vulnerability in Xerver Free Web Server 2.10 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in an HTTP GET request.
CVE-2002-1009 1 Summit Computer Networks 1 Lil Http Server 2026-04-16 N/A
Cross-site scripting vulnerability in PowerBASIC pbcgi.cgi, as included in Lil' HTTP web server, allows remote attackers to execute arbitrary web script in other web browsers via the (1) "Name" or (2) "E-mail" parameters.
CVE-1999-0398 1 Ssh 2 Ssh, Ssh2 2026-04-16 N/A
In some instances of SSH 1.2.27 and 2.0.11 on Linux systems, SSH will allow users with expired accounts to login.
CVE-2001-1100 1 Spencer Miles 1 W3mail 2026-04-16 N/A
sendmessage.cgi in W3Mail 1.0.2, and possibly other CGI programs, allows remote attackers to execute arbitrary commands via shell metacharacters in any field of the 'Compose Message' page.
CVE-1999-0418 2026-04-16 N/A
Denial of service in SMTP applications such as Sendmail, when a remote attacker (e.g. spammer) uses many "RCPT TO" commands in the same connection.