Search Results (364862 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0595 1 Webtrends 1 Reporting Center 2026-04-16 N/A
Buffer overflow in WTRS_UI.EXE (WTX_REMOTE.DLL) for WebTrends Reporting Center 4.0d allows remote attackers to execute arbitrary code via a long HTTP GET request to the /reports/ directory.
CVE-1999-1031 1 Behold Software 1 Web Page Counter 2026-04-16 N/A
counter.exe 2.70 allows a remote attacker to cause a denial of service (hang) via a long argument.
CVE-1999-1032 1 Digital 1 Ultrix 2026-04-16 N/A
Vulnerability in LAT/Telnet Gateway (lattelnet) on Ultrix 4.1 and 4.2 allows attackers to gain root privileges.
CVE-1999-1043 1 Microsoft 1 Exchange Server 2026-04-16 N/A
Microsoft Exchange Server 5.5 and 5.0 does not properly handle (1) malformed NNTP data, or (2) malformed SMTP data, which allows remote attackers to cause a denial of service (application error).
CVE-1999-1061 1 Hp 1 Jetdirect 2026-04-16 N/A
HP Laserjet printers with JetDirect cards, when configured with TCP/IP, can be configured without a password, which allows remote attackers to connect to the printer and change its IP address or disable logging.
CVE-1999-1068 1 Oracle 1 Http Server 2026-04-16 N/A
Oracle Webserver 2.1, when serving PL/SQL stored procedures, allows remote attackers to cause a denial of service via a long HTTP GET request.
CVE-2001-1325 1 Microsoft 2 Internet Explorer, Outlook Express 2026-04-16 N/A
Internet Explorer 5.0 and 5.5, and Outlook Express 5.0 and 5.5, allow remote attackers to execute scripts when Active Scripting is disabled by including the scripts in XML stylesheets (XSL) that are referenced using an IFRAME tag, possibly due to a vulnerability in Windows Scripting Host (WSH).
CVE-2002-0596 1 Webtrends 1 Reporting Center 2026-04-16 N/A
WebTrends Reporting Center 4.0d allows remote attackers to determine the real path of the web server via a GET request to get_od_toc.pl with an empty Profile parameter, which leaks the pathname in an error message.
CVE-1999-1072 1 Excite 1 Ews 2026-04-16 N/A
Excite for Web Servers (EWS) 1.1 allows local users to gain privileges by obtaining the encrypted password from the world-readable Architext.conf authentication file and replaying the encrypted password in an HTTP request to AT-generated.cgi or AT-admin.cgi.
CVE-1999-1073 1 Excite 1 Ews 2026-04-16 N/A
Excite for Web Servers (EWS) 1.1 records the first two characters of a plaintext password in the beginning of the encrypted password, which makes it easier for an attacker to guess passwords via a brute force or dictionary attack.
CVE-1999-1074 1 Webmin 1 Webmin 2026-04-16 N/A
Webmin before 0.5 does not restrict the number of invalid passwords that are entered for a valid username, which could allow remote attackers to gain privileges via brute force password cracking.
CVE-1999-1075 1 Ibm 1 Aix 2026-04-16 N/A
inetd in AIX 4.1.5 dynamically assigns a port N when starting ttdbserver (ToolTalk server), but also inadvertently listens on port N-1 without passing control to ttdbserver, which allows remote attackers to cause a denial of service via a large number of connections to port N-1, which are not properly closed by inetd.
CVE-1999-1076 1 Apple 1 Macos 2026-04-16 N/A
Idle locking function in MacOS 9 allows local users to bypass the password protection of idled sessions by selecting the "Log Out" option and selecting a "Cancel" option in the dialog box for an application that attempts to verify that the user wants to log out, which returns the attacker into the locked session.
CVE-1999-1077 1 Apple 1 Macos 2026-04-16 N/A
Idle locking function in MacOS 9 allows local attackers to bypass the password protection of idled sessions via the programmer's switch or CMD-PWR keyboard sequence, which brings up a debugger that the attacker can use to disable the lock.
CVE-2001-1327 1 Berkeley Softworks 1 Pmake 2026-04-16 N/A
pmake before 2.1.35 in Turbolinux 6.05 and earlier is installed with setuid root privileges, which could allow local users to gain privileges by exploiting vulnerabilities in pmake or programs that are used by pmake.
CVE-1999-1078 1 Ipswitch 1 Ws Ftp Pro 2026-04-16 N/A
WS_FTP Pro 6.0 uses weak encryption for passwords in its initialization files, which allows remote attackers to easily decrypt the passwords and gain privileges.
CVE-2001-1328 1 Sun 1 Sunos 2026-04-16 N/A
Buffer overflow in ypbind daemon in Solaris 5.4 through 8 allows remote attackers to execute arbitrary code.
CVE-2002-0598 1 Foundstone 1 Fscan 2026-04-16 N/A
Format string vulnerability in Foundstone FScan 1.12 with banner grabbing enabled allows remote attackers to execute arbitrary code on the scanning system via format string specifiers in the server banner.
CVE-2002-1066 1 T. Hauck 1 Jana Web Server 2026-04-16 N/A
Thomas Hauck Jana Server 1.4.6 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large message index value in a (1) RETR or (2) DELE command to the POP3 server, which exceeds the array limits and allows a buffer overflow attack.
CVE-1999-1079 1 Ibm 1 Aix 2026-04-16 N/A
Vulnerability in ptrace in AIX 4.3 allows local users to gain privileges by attaching to a setgid program.