Search Results (364785 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0497 2026-04-16 N/A
Anonymous FTP is enabled.
CVE-2001-1143 1 Ibm 1 Db2 Universal Database 2026-04-16 N/A
IBM DB2 7.0 allows a remote attacker to cause a denial of service (crash) via a single byte to (1) db2ccs.exe on port 6790, or (2) db2jds.exe on port 6789.
CVE-1999-0499 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
NETBIOS share information may be published through SNMP registry keys in NT.
CVE-2002-0452 1 Foundrynet 1 Serveriron 2026-04-16 N/A
Foundry Networks ServerIron switches do not decode URIs when applying "url-map" rules, which could make it easier for attackers to cause the switch to forward traffic to a different server than intended and exploit vulnerabilities that would otherwise be inaccessible.
CVE-1999-0505 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
A Windows NT domain user or administrator account has a guessable password.
CVE-2001-1144 1 Mcafee 1 Asap Virusscan 2026-04-16 N/A
Directory traversal vulnerability in McAfee ASaP VirusScan agent 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP request.
CVE-1999-0506 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
A Windows NT domain user or administrator account has a default, null, blank, or missing password.
CVE-2001-1145 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2026-04-16 N/A
fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and OpenBSD 2.9 and earlier can be forced to change (chdir) into a different directory than intended when the directory above the current directory is moved, which could cause scripts to perform dangerous actions on the wrong directories.
CVE-1999-0507 2026-04-16 N/A
An account on a router, firewall, or other network device has a guessable password.
CVE-1999-0508 2026-04-16 N/A
An account on a router, firewall, or other network device has a default, null, blank, or missing password.
CVE-1999-0509 2026-04-16 N/A
Perl, sh, csh, or other shell interpreters are installed in the cgi-bin directory on a WWW site, which allows remote attackers to execute arbitrary commands.
CVE-2001-1146 1 Lee Herron 1 Allcommerce 2026-04-16 N/A
AllCommerce with debugging enabled in EnGarde Secure Linux 1.0.1 creates temporary files with predictable names, which allows local users to modify files via a symlink attack.
CVE-2002-0453 1 Oblix 1 Netpoint 2026-04-16 N/A
The account lockout capability in Oblix NetPoint 5.2 and earlier only locks out users once for the specified lockout period, which makes it easier for remote attackers to conduct brute force password guessing by waiting until the lockout period ends, then guessing passwords without being locked out again.
CVE-1999-0513 7 Digital, Freebsd, Hp and 4 more 8 Unix, Freebsd, Hp-ux and 5 more 2026-04-16 N/A
ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.
CVE-1999-0514 2026-04-16 N/A
UDP messages to broadcast addresses are allowed, allowing for a Fraggle attack that can cause a denial of service by flooding the target.
CVE-1999-0515 2026-04-16 N/A
An unrestricted remote trust relationship for Unix systems has been set up, e.g. by using a + sign in /etc/hosts.equiv.
CVE-1999-0516 2026-04-16 N/A
An SNMP community name is guessable.
CVE-2001-1147 2 Andries Brouwer, Redhat 2 Util-linux, Linux 2026-04-16 N/A
The PAM implementation in /bin/login of the util-linux package before 2.11 causes a password entry to be rewritten across multiple PAM calls, which could provide the credentials of one user to a different user, when used in certain PAM modules such as pam_limits.
CVE-2001-1152 1 Baltimore Technologies 1 Websweeper 2026-04-16 N/A
Baltimore Technologies WEBsweeper 4.02, when used to manage URL blacklists, allows remote attackers to bypass blacklist restrictions and connect to unauthorized web servers by modifying the requested URL, including (1) a // (double slash), (2) a /SUBDIR/.. where the desired file is in the parentdir, (3) a /./, or (4) URL-encoded characters.
CVE-2003-1564 2 Redhat, Xmlsoft 2 Enterprise Linux, Libxml2 2026-04-16 6.5 Medium
libxml2, possibly before 2.5.0, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, aka the "billion laughs attack."