Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1227 2 Redhat, Zope 3 Linux, Powertools, Zope 2026-04-16 N/A
Zope before 2.2.4 allows partially trusted users to bypass security controls for certain methods by accessing the methods through the fmt attribute of dtml-var tags.
CVE-2002-1015 1 Realnetworks 3 Realjukebox 2, Realjukebox 2 Plus, Realone Player 2026-04-16 N/A
RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary script in the Local computer zone by inserting the script into the skin.ini file of an RJS archive, then referencing skin.ini from a web page after it has been extracted, which is parsed as HTML by Internet Explorer or other Microsoft-based web readers.
CVE-1999-0661 2026-04-16 N/A
A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail 8.12.6.
CVE-1999-0662 2026-04-16 N/A
A system-critical program or library does not have the appropriate patch, hotfix, or service pack installed, or is outdated or obsolete.
CVE-1999-0663 2026-04-16 N/A
A system-critical program, library, or file has a checksum or other integrity measurement that indicates that it has been modified.
CVE-1999-0764 1 Netbsd 1 Netbsd 2026-04-16 N/A
NetBSD allows ARP packets to overwrite static ARP entries.
CVE-2001-1241 1 Steve Grimm 1 Un-cgi 2026-04-16 N/A
Un-CGI 1.9 and earlier does not verify that a CGI script has the execution bits set before executing it, which allows remote attackers to execute arbitrary commands by directing Un-CGI to a document that begins with "#!" and the desired program name.
CVE-2002-0500 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 5.0 through 6.0 allows remote attackers to determine the existence of files on the client via an IMG tag with a dynsrc property that references the target file, which sets certain elements of the image object such as file size.
CVE-1999-0765 1 Sgi 1 Irix 2026-04-16 N/A
SGI IRIX midikeys program allows local users to modify arbitrary files via a text editor.
CVE-2001-1242 1 Steve Grimm 1 Un-cgi 2026-04-16 N/A
Directory traversal vulnerability in Un-CGI 1.9 and earlier allows remote attackers to execute arbitrary code via a .. (dot dot) in an HTML form.
CVE-1999-0767 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES environmental variable.
CVE-1999-0768 2 Redhat, Suse 2 Linux, Suse Linux 2026-04-16 N/A
Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variable.
CVE-2002-0510 1 Linux 1 Linux Kernel 2026-04-16 N/A
The UDP implementation in Linux 2.4.x kernels keeps the IP Identification field at 0 for all non-fragmented packets, which could allow remote attackers to determine that a target system is running Linux.
CVE-2002-1020 1 Adobe 1 Adobe Content Server 2026-04-16 N/A
The library feature for Adobe Content Server 3.0 allows a remote attacker to check out an eBook even when the maximum number of loans is exceeded by accessing the "Add to bookbag" feature when the server reports that no more copies are available.
CVE-1999-0769 4 Caldera, Debian, Paul Vixie and 1 more 4 Openlinux, Debian Linux, Vixie Cron and 1 more 2026-04-16 N/A
Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable.
CVE-2002-0511 1 Nscd 1 Nscd 2026-04-16 N/A
The default configuration of Name Service Cache Daemon (nscd) in Caldera OpenLinux 3.1 and 3.1.1 uses cached PTR records instead of consulting the authoritative DNS server for the A record, which could make it easier for remote attackers to bypass applications that restrict access based on host names.
CVE-1999-0770 1 Checkpoint 1 Firewall-1 2026-04-16 N/A
Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allowing an attacker to conduct a denial of service via a large number of connection attempts to unresponsive systems.
CVE-1999-0771 1 Compaq 2 Insight Management Agent, Power Management 2026-04-16 N/A
The web components of Compaq Management Agents and the Compaq Survey Utility allow a remote attacker to read arbitrary files via a .. (dot dot) attack.
CVE-1999-0772 1 Compaq 2 Insight Management Agent, Power Management 2026-04-16 N/A
Denial of service in Compaq Management Agents and the Compaq Survey Utility via a long string sent to port 2301.
CVE-2001-1243 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-04-16 N/A
Scripting.FileSystemObject in asp.dll for Microsoft IIS 4.0 and 5.0 allows local or remote attackers to cause a denial of service (crash) via (1) creating an ASP program that uses Scripting.FileSystemObject to open a file with an MS-DOS device name, or (2) remotely injecting the device name into ASP programs that internally use Scripting.FileSystemObject.