Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0513 7 Digital, Freebsd, Hp and 4 more 8 Unix, Freebsd, Hp-ux and 5 more 2026-04-16 N/A
ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.
CVE-1999-0514 2026-04-16 N/A
UDP messages to broadcast addresses are allowed, allowing for a Fraggle attack that can cause a denial of service by flooding the target.
CVE-1999-0515 2026-04-16 N/A
An unrestricted remote trust relationship for Unix systems has been set up, e.g. by using a + sign in /etc/hosts.equiv.
CVE-1999-0516 2026-04-16 N/A
An SNMP community name is guessable.
CVE-2001-1147 2 Andries Brouwer, Redhat 2 Util-linux, Linux 2026-04-16 N/A
The PAM implementation in /bin/login of the util-linux package before 2.11 causes a password entry to be rewritten across multiple PAM calls, which could provide the credentials of one user to a different user, when used in certain PAM modules such as pam_limits.
CVE-2001-1152 1 Baltimore Technologies 1 Websweeper 2026-04-16 N/A
Baltimore Technologies WEBsweeper 4.02, when used to manage URL blacklists, allows remote attackers to bypass blacklist restrictions and connect to unauthorized web servers by modifying the requested URL, including (1) a // (double slash), (2) a /SUBDIR/.. where the desired file is in the parentdir, (3) a /./, or (4) URL-encoded characters.
CVE-2005-2572 1 Oracle 1 Mysql 2026-04-16 N/A
MySQL, when running on Windows, allows remote authenticated users with insert privileges on the mysql.func table to cause a denial of service (server hang) and possibly execute arbitrary code via (1) a request for a non-library file, which causes the Windows LoadLibraryEx function to block, or (2) a request for a function in a library that has the XXX_deinit or XXX_init functions defined but is not tailored for mySQL, such as jpeg1x32.dll and jpeg2x32.dll.
CVE-2001-1154 2 Bsdi, Carnegie Mellon University 2 Bsd Os, Cyrus Imap Server 2026-04-16 N/A
Cyrus 2.0.15, 2.0.16, and 1.6.24 on BSDi 4.2, with IMAP enabled, allows remote attackers to cause a denial of service (hang) using PHP IMAP clients.
CVE-2001-1159 1 Squirrelmail 1 Squirrelmail 2026-04-16 N/A
load_prefs.php and supporting include files in SquirrelMail 1.0.4 and earlier do not properly initialize certain PHP variables, which allows remote attackers to (1) view sensitive files via the config_php and data_dir options, and (2) execute arbitrary code by using options_order.php to upload a message that could be interpreted as PHP.
CVE-2002-0457 1 Bg Guestbook 1 Bg Guestbook 2026-04-16 N/A
Cross-site scripting vulnerability in signgbook.php for BG GuestBook 1.0 allows remote attackers to execute arbitrary Javascript via encoded tags such as <, >, and & in fields such as (1) name, (2) email, (3) AIM screen name, (4) website, (5) location, or (6) message.
CVE-2002-0461 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 5.01 through 6 allows remote attackers to cause a denial of service (application crash) via Javascript in a web page that calls location.replace on itself, causing a loop.
CVE-2001-1162 3 Hp, Redhat, Samba 3 Cifs-9000 Server, Linux, Samba 2026-04-16 N/A
Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file.
CVE-2002-1010 1 Lotus 1 Domino R4 2026-04-16 N/A
Lotus Domino R4 allows remote attackers to bypass access restrictions for files in the web root via an HTTP request appended with a "?" character, which is treated as a wildcard character and bypasses the web handlers.
CVE-2001-1171 1 Checkpoint 1 Firewall-1 2026-04-16 N/A
Check Point Firewall-1 3.0b through 4.0 SP1 follows symlinks and creates a world-writable temporary .cpp file when compiling Policy rules, which could allow local users to gain privileges or modify the firewall policy.
CVE-2001-1180 1 Freebsd 1 Freebsd 2026-04-16 N/A
FreeBSD 4.3 does not properly clear shared signal handlers when executing a process, which allows local users to gain privileges by calling rfork with a shared signal handler, having the child process execute a setuid program, and sending a signal to the child.
CVE-1999-0534 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
A Windows NT user has inappropriate rights or privileges, e.g. Act as System, Add Workstation, Backup, Change System Time, Create Pagefile, Create Permanent Object, Create Token Name, Debug, Generate Security Audit, Increase Priority, Increase Quota, Load Driver, Lock Memory, Profile Single Process, Remote Shutdown, Replace Process Token, Restore, System Environment, Take Ownership, or Unsolicited Input.
CVE-1999-0537 2 Microsoft, Netscape 2 Internet Explorer, Communicator 2026-04-16 N/A
A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc.
CVE-2001-1189 1 Ibm 1 Websphere Application Server 2026-04-16 N/A
IBM Websphere Application Server 3.5.3 and earlier stores a password in cleartext in the sas.server.props file, which allows local users to obtain the passwords via a JSP script.
CVE-1999-0539 2026-04-16 N/A
A trust relationship exists between two Unix hosts.
CVE-2001-1194 1 Zyxel 2 Prestige 1600, Prestige 681 2026-04-16 N/A
Zyxel Prestige 681 and 1600 SDSL Routers allow remote attackers to cause a denial of service via malformed packets with (1) an IP length less than actual packet size, or (2) fragmented packets whose size exceeds 64 kilobytes after reassembly.