Search Results (364816 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0857 1 Freebsd 1 Freebsd 2026-04-16 N/A
FreeBSD gdc program allows local users to modify files via a symlink attack.
CVE-1999-0858 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 5 allows a remote attacker to modify the IE client's proxy configuration via a malicious Web Proxy Auto-Discovery (WPAD) server.
CVE-1999-0859 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly.
CVE-2001-1282 1 Ipswitch 1 Imail 2026-04-16 N/A
Ipswitch IMail 7.04 and earlier records the physical path of attachments in an e-mail message header, which could allow remote attackers to obtain potentially sensitive configuration information.
CVE-1999-0860 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental variable and a symlink attack.
CVE-2001-1283 1 Ipswitch 1 Imail 2026-04-16 N/A
The webmail interface for Ipswitch IMail 7.04 and earlier allows remote authenticated users to cause a denial of service (crash) via a mailbox name that contains a large number of . (dot) or other characters to programs such as (1) readmail.cgi or (2) printmail.cgi, possibly due to a buffer overflow that may allow execution of arbitrary code.
CVE-1999-0861 1 Microsoft 4 Commercial Internet System, Internet Information Server, Site Server and 1 more 2026-04-16 N/A
Race condition in the SSL ISAPI filter in IIS and other servers may leak information in plaintext.
CVE-1999-0862 1 Postgresql 1 Postgresql 2026-04-16 N/A
Insecure directory permissions in RPM distribution for PostgreSQL allows local users to gain privileges by reading a plaintext password file.
CVE-2001-1284 1 Ipswitch 1 Imail 2026-04-16 N/A
Ipswitch IMail 7.04 and earlier uses predictable session IDs for authentication, which allows remote attackers to hijack sessions of other users.
CVE-2002-0559 1 Oracle 4 Application Server, Application Server Web Cache, Oracle8i and 1 more 2026-04-16 N/A
Buffer overflows in PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allow remote attackers to cause a denial of service or execute arbitrary code via (1) a long help page request without a dadname, which overflows the resulting HTTP Location header, (2) a long HTTP request to the plsql module, (3) a long password in the HTTP Authorization, (4) a long Access Descriptor (DAD) password in the addadd form, or (5) a long cache directory name.
CVE-1999-0863 1 Freebsd 1 Freebsd 2026-04-16 N/A
Buffer overflow in FreeBSD seyon via HOME environmental variable, -emulator argument, -modems argument, or the GUI.
CVE-1999-0864 1 Sco 1 Unixware 2026-04-16 N/A
UnixWare programs that dump core allow a local user to modify files via a symlink attack on the ./core.pid file.
CVE-1999-0865 1 Stalker 1 Communigate Pro 2026-04-16 N/A
Buffer overflow in CommuniGatePro via a long string to the HTTP configuration port.
CVE-1999-0868 5 Isc, Nec, Netscape and 2 more 6 Inn, Goah Intrasv, Goah Networksv and 3 more 2026-04-16 N/A
ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN.
CVE-1999-0869 2 Microsoft, Netscape 2 Internet Explorer, Navigator 2026-04-16 N/A
Internet Explorer 3.x to 4.01 allows a remote attacker to insert malicious content into a frame of another web site, aka frame spoofing.
CVE-2001-1285 1 Ipswitch 1 Imail 2026-04-16 N/A
Directory traversal vulnerability in readmail.cgi for Ipswitch IMail 7.04 and earlier allows remote attackers to access the mailboxes of other users via a .. (dot dot) in the mbx parameter.
CVE-2002-0561 1 Oracle 4 Application Server, Application Server Web Cache, Oracle8i and 1 more 2026-04-16 N/A
The default configuration of the PL/SQL Gateway web administration interface in Oracle 9i Application Server 1.0.2.x uses null authentication, which allows remote attackers to gain privileges and modify DAD settings.
CVE-1999-0870 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 4.01 allows remote attackers to read arbitrary files by pasting a file name into the file upload control, aka untrusted scripted paste.
CVE-2004-1912 2 Francisco Burzi, Shiba-design 2 Php-nuke, Nukecalendar 2026-04-16 N/A
The (1) modules.php, (2) block-Calendar.php, (3) block-Calendar1.php, (4) block-Calendar_center.php scripts in NukeCalendar 1.1.a, as used in PHP-Nuke, allow remote attackers to obtain sensitive information via a URL with an invalid argument, which reveals the full path in an error message.
CVE-2004-0799 2 Ipswitch, Progress 2 Whatsup Gold, Whatsup Gold 2026-04-16 N/A
The HTTP daemon in Ipswitch WhatsUp Gold 8.03 and 8.03 Hotfix 1 allows remote attackers to cause a denial of service (server crash) via a GET request containing an MS-DOS device name, as demonstrated using "prn.htm".