Export limit exceeded: 364861 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364861 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-1223 | 1 Elsa | 1 Lancom 1100 Office | 2026-04-16 | N/A |
| The web administration server for ELSA Lancom 1100 Office does not require authentication, which allows arbitrary remote attackers to gain administrative privileges by connecting to the server. | ||||
| CVE-2002-0479 | 1 Gravity Storm Software | 1 Service Pack Manager 2000 | 2026-04-16 | N/A |
| Gravity Storm Service Pack Manager 2000 creates a hidden share (SPM2000c$) mapped to the C drive, which may allow local users to bypass access restrictions on certain directories in the C drive, such as system32, by accessing them through the hidden share. | ||||
| CVE-2002-1014 | 1 Realnetworks | 3 Realjukebox 2, Realjukebox 2 Plus, Realone Player | 2026-04-16 | N/A |
| Buffer overflow in RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary code via an RFS skin file whose skin.ini contains a long value in a CONTROLnImage argument, such as CONTROL1Image. | ||||
| CVE-1999-0610 | 1 Mountain Network Systems | 1 Webcart | 2026-04-16 | N/A |
| An incorrect configuration of the Webcart CGI program could disclose private information. | ||||
| CVE-2001-1224 | 1 Les Vanbrunt | 1 Adrotate Pro | 2026-04-16 | N/A |
| get_input in adrotate.pm for Les VanBrunt AdRotate Pro 2.0 allows remote attackers to modify the database and possibly execute arbitrary commands via a SQL code injection attack. | ||||
| CVE-1999-0611 | 2026-04-16 | N/A | ||
| A system-critical Windows NT registry key has an inappropriate value. | ||||
| CVE-1999-0612 | 2 Gnu, Microsoft | 4 Finger Service, Fingerd, Windows 2000 and 1 more | 2026-04-16 | N/A |
| A version of finger is running that exposes valid user information to any entity on the network. | ||||
| CVE-1999-0613 | 2026-04-16 | N/A | ||
| The rpc.sprayd service is running. | ||||
| CVE-1999-0624 | 2026-04-16 | N/A | ||
| The rstat/rstatd service is running. | ||||
| CVE-1999-0625 | 2026-04-16 | N/A | ||
| The rpc.rquotad service is running. | ||||
| CVE-1999-0626 | 1 Sun | 1 Rpc.ruserd | 2026-04-16 | N/A |
| A version of rusers is running that exposes valid user information to any entity on the network. | ||||
| CVE-2001-1225 | 1 Hughes | 1 Msql | 2026-04-16 | N/A |
| Hughes Technology Mini SQL 2.0.10 through 2.0.12 allows local users to cause a denial of service by creating a very large array in a table, which causes miniSQL to crash when the table is queried. | ||||
| CVE-1999-0627 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| The rexd service is running, which uses weak authentication that can allow an attacker to execute commands. | ||||
| CVE-2001-1226 | 1 Adcycle | 1 Adcycle | 2026-04-16 | N/A |
| AdCycle 1.17 and earlier allow remote attackers to modify SQL queries, which are not properly sanitized before being passed to the MySQL database. | ||||
| CVE-2002-0480 | 1 Iss | 1 Realsecure Nokia | 2026-04-16 | N/A |
| ISS RealSecure for Nokia devices before IPSO build 6.0.2001.141d is configured to allow a user "skank" on a machine "starscream" to become a key manager when the "first time connection" feature is enabled and before any legitimate administrators have connected, which could allow remote attackers to gain access to the device during installation. | ||||
| CVE-1999-0628 | 4 Freebsd, Ibm, Linux and 1 more | 4 Freebsd, Aix, Linux Kernel and 1 more | 2026-04-16 | N/A |
| The rwho/rwhod service is running, which exposes machine status and user information. | ||||
| CVE-1999-0638 | 2026-04-16 | N/A | ||
| The daytime service is running. | ||||
| CVE-2002-0481 | 1 Microsoft | 1 Outlook | 2026-04-16 | N/A |
| An interaction between Windows Media Player (WMP) and Outlook 2002 allows remote attackers to bypass Outlook security settings and execute Javascript via an IFRAME in an HTML email message that references .WMS (Windows Media Skin) or other WMP media files, whose onload handlers execute the player.LaunchURL() Javascript function. | ||||
| CVE-1999-0650 | 2026-04-16 | N/A | ||
| The netstat service is running, which provides sensitive information to remote attackers. | ||||
| CVE-2001-1227 | 2 Redhat, Zope | 3 Linux, Powertools, Zope | 2026-04-16 | N/A |
| Zope before 2.2.4 allows partially trusted users to bypass security controls for certain methods by accessing the methods through the fmt attribute of dtml-var tags. | ||||