Export limit exceeded: 364799 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364799 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0445 1 Php Firstpost 1 Php Firstpost 2026-04-16 N/A
article.php in PHP FirstPost 0.1 allows allows remote attackers to obtain the full pathname of the server via an invalid post number in the post parameter, which leaks the pathname in an error message.
CVE-1999-0364 2 Fms Inc., Microsoft 2 Total Vb Sourcebook, Access 2026-04-16 N/A
Microsoft Access 97 stores a database password as plaintext in a foreign mdb, allowing access to data.
CVE-2001-1075 1 Sun 1 Cobalt Raq 3i 2026-04-16 N/A
poprelayd script before 2.0 in Cobalt RaQ3 servers allows remote attackers to bypass authentication for relaying by causing a "POP login by user" string that includes the attacker's IP address to be injected into the maillog log file.
CVE-2002-0446 1 Black Tie Project 1 Black Tie Project 2026-04-16 N/A
categorie.php3 in Black Tie Project (BTP) 0.4b through 0.5b allows remote attackers to determine the absolute path of the web server via an invalid category ID (cid) parameter, which leaks the pathname in an error message.
CVE-1999-0365 1 Metainfo 2 Metaip, Sendmail 2026-04-16 N/A
The metamail package allows remote command execution using shell metacharacters that are not quoted in a mailcap entry.
CVE-1999-0366 1 Microsoft 1 Windows Nt 2026-04-16 N/A
In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank password, through a problem with a null NT hash value.
CVE-2001-1078 1 Extremail 1 Extremail 2026-04-16 N/A
Format string vulnerability in flog function of eXtremail 1.1.9 and earlier allows remote attackers to gain root privileges via format specifiers in the SMTP commands (1) HELO, (2) EHLO, (3) MAIL FROM, or (4) RCPT TO, and the POP3 commands (5) USER and (6) other commands that can be executed after POP3 authentication.
CVE-1999-0367 1 Netbsd 1 Netbsd 2026-04-16 N/A
NetBSD netstat command allows local users to access kernel memory.
CVE-1999-0369 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access.
CVE-1999-0379 1 Microsoft 1 Backoffice Resource Kit 2026-04-16 N/A
Microsoft Taskpads allows remote web sites to execute commands on the visiting user's machine via certain methods that are marked as Safe for Scripting.
CVE-2001-1083 2 Icecast, Redhat 2 Icecast, Powertools 2026-04-16 N/A
Icecast 1.3.7, and other versions before 1.3.11 with HTTP server file streaming support enabled allows remote attackers to cause a denial of service (crash) via a URL that ends in . (dot), / (forward slash), or \ (backward slash).
CVE-2002-1914 2 Dump Project, Redhat 2 Dump, Enterprise Linux 2026-04-16 5.5 Medium
dump 0.4 b10 through b29 allows local users to cause a denial of service (execution prevention) by using flock() to lock the /etc/dumpdates file.
CVE-1999-0384 1 Microsoft 6 Office, Outlook, Project and 3 more 2026-04-16 N/A
The Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0) can be used to read text from a user's clipboard when the user accesses documents with ActiveX content.
CVE-2001-1088 1 Microsoft 2 Outlook, Outlook Express 2026-04-16 N/A
Microsoft Outlook 8.5 and earlier, and Outlook Express 5 and earlier, with the "Automatically put people I reply to in my address book" option enabled, do not notify the user when the "Reply-To" address is different than the "From" address, which could allow an untrusted remote attacker to spoof legitimate addresses and intercept email from the client that is intended for another user.
CVE-1999-0388 1 Datalynx 1 Suguard 2026-04-16 N/A
DataLynx suGuard trusts the PATH environment variable to execute the ps command, allowing local users to execute commands as root.
CVE-2001-1091 1 Netbsd 1 Netbsd 2026-04-16 N/A
The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges, which could allow local users to gain privileges via the RCMD_CMD environment variable.
CVE-2002-0447 1 Xerver 1 Xerver 2026-04-16 N/A
Directory traversal vulnerability in Xerver Free Web Server 2.10 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in an HTTP GET request.
CVE-2002-1009 1 Summit Computer Networks 1 Lil Http Server 2026-04-16 N/A
Cross-site scripting vulnerability in PowerBASIC pbcgi.cgi, as included in Lil' HTTP web server, allows remote attackers to execute arbitrary web script in other web browsers via the (1) "Name" or (2) "E-mail" parameters.
CVE-1999-0398 1 Ssh 2 Ssh, Ssh2 2026-04-16 N/A
In some instances of SSH 1.2.27 and 2.0.11 on Linux systems, SSH will allow users with expired accounts to login.
CVE-2001-1100 1 Spencer Miles 1 W3mail 2026-04-16 N/A
sendmessage.cgi in W3Mail 1.0.2, and possibly other CGI programs, allows remote attackers to execute arbitrary commands via shell metacharacters in any field of the 'Compose Message' page.