Search Results (364785 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-2572 1 Oracle 1 Mysql 2026-04-16 N/A
MySQL, when running on Windows, allows remote authenticated users with insert privileges on the mysql.func table to cause a denial of service (server hang) and possibly execute arbitrary code via (1) a request for a non-library file, which causes the Windows LoadLibraryEx function to block, or (2) a request for a function in a library that has the XXX_deinit or XXX_init functions defined but is not tailored for mySQL, such as jpeg1x32.dll and jpeg2x32.dll.
CVE-2001-1154 2 Bsdi, Carnegie Mellon University 2 Bsd Os, Cyrus Imap Server 2026-04-16 N/A
Cyrus 2.0.15, 2.0.16, and 1.6.24 on BSDi 4.2, with IMAP enabled, allows remote attackers to cause a denial of service (hang) using PHP IMAP clients.
CVE-2001-1155 1 Freebsd 1 Freebsd 2026-04-16 9.8 Critical
TCP Wrappers (tcp_wrappers) in FreeBSD 4.1.1 through 4.3 with the PARANOID ACL option enabled does not properly check the result of a reverse DNS lookup, which could allow remote attackers to bypass intended access restrictions via DNS spoofing.
CVE-2001-1159 1 Squirrelmail 1 Squirrelmail 2026-04-16 N/A
load_prefs.php and supporting include files in SquirrelMail 1.0.4 and earlier do not properly initialize certain PHP variables, which allows remote attackers to (1) view sensitive files via the config_php and data_dir options, and (2) execute arbitrary code by using options_order.php to upload a message that could be interpreted as PHP.
CVE-2002-0457 1 Bg Guestbook 1 Bg Guestbook 2026-04-16 N/A
Cross-site scripting vulnerability in signgbook.php for BG GuestBook 1.0 allows remote attackers to execute arbitrary Javascript via encoded tags such as <, >, and & in fields such as (1) name, (2) email, (3) AIM screen name, (4) website, (5) location, or (6) message.
CVE-2002-0461 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 5.01 through 6 allows remote attackers to cause a denial of service (application crash) via Javascript in a web page that calls location.replace on itself, causing a loop.
CVE-2001-1162 3 Hp, Redhat, Samba 3 Cifs-9000 Server, Linux, Samba 2026-04-16 N/A
Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file.
CVE-2002-1010 1 Lotus 1 Domino R4 2026-04-16 N/A
Lotus Domino R4 allows remote attackers to bypass access restrictions for files in the web root via an HTTP request appended with a "?" character, which is treated as a wildcard character and bypasses the web handlers.
CVE-2001-1171 1 Checkpoint 1 Firewall-1 2026-04-16 N/A
Check Point Firewall-1 3.0b through 4.0 SP1 follows symlinks and creates a world-writable temporary .cpp file when compiling Policy rules, which could allow local users to gain privileges or modify the firewall policy.
CVE-2001-1180 1 Freebsd 1 Freebsd 2026-04-16 N/A
FreeBSD 4.3 does not properly clear shared signal handlers when executing a process, which allows local users to gain privileges by calling rfork with a shared signal handler, having the child process execute a setuid program, and sending a signal to the child.
CVE-1999-0534 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
A Windows NT user has inappropriate rights or privileges, e.g. Act as System, Add Workstation, Backup, Change System Time, Create Pagefile, Create Permanent Object, Create Token Name, Debug, Generate Security Audit, Increase Priority, Increase Quota, Load Driver, Lock Memory, Profile Single Process, Remote Shutdown, Replace Process Token, Restore, System Environment, Take Ownership, or Unsolicited Input.
CVE-1999-0537 2 Microsoft, Netscape 2 Internet Explorer, Communicator 2026-04-16 N/A
A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc.
CVE-2001-1189 1 Ibm 1 Websphere Application Server 2026-04-16 N/A
IBM Websphere Application Server 3.5.3 and earlier stores a password in cleartext in the sas.server.props file, which allows local users to obtain the passwords via a JSP script.
CVE-1999-0539 2026-04-16 N/A
A trust relationship exists between two Unix hosts.
CVE-2001-1194 1 Zyxel 2 Prestige 1600, Prestige 681 2026-04-16 N/A
Zyxel Prestige 681 and 1600 SDSL Routers allow remote attackers to cause a denial of service via malformed packets with (1) an IP length less than actual packet size, or (2) fragmented packets whose size exceeds 64 kilobytes after reassembly.
CVE-1999-0541 2026-04-16 N/A
A password for accessing a WWW URL is guessable.
CVE-1999-0546 1 Microsoft 1 Windows Nt 2026-04-16 N/A
The Windows NT guest account is enabled.
CVE-2001-1195 1 Novell 1 Groupwise 2026-04-16 N/A
Novell Groupwise 5.5 and 6.0 Servlet Gateway is installed with a default username and password for the servlet manager, which allows remote attackers to gain privileges.
CVE-2002-0462 1 Big Sam 1 Big Sam 2026-04-16 N/A
bigsam_guestbook.php for Big Sam (Built-In Guestbook Stand-Alone Module) 1.1.08 and earlier allows remote attackers to cause a denial of service (CPU consumption) or obtain the absolute path of the web server via a displayBegin parameter with a very large number, which leaks the web path in an error message when PHP safe_mode is enabled, or consumes resources when safe_mode is not enabled.
CVE-1999-0547 2026-04-16 N/A
An SSH server allows authentication through the .rhosts file.