Export limit exceeded: 364864 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 364864 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364864 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1062 1 T. Hauck 1 Jana Web Server 2026-04-16 N/A
Signedness error in Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, allows remote attackers to execute arbitrary code via long (1) Username, (2) Password, or (3) Hostname entries.
CVE-1999-0975 1 Microsoft 3 Windows 95, Windows 98, Windows Nt 2026-04-16 N/A
The Windows help system can allow a local user to execute commands as another user by editing a table of contents metafile with a .CNT extension and modifying the topic action to include the commands to be executed when the .hlp file is accessed.
CVE-1999-0976 1 Eric Allman 1 Sendmail 2026-04-16 N/A
Sendmail allows local users to reinitialize the aliases database via the newaliases command, then cause a denial of service by interrupting Sendmail.
CVE-2001-1315 1 Critical Path 2 Injoin Directory Server, Livecontent Directory 2026-04-16 N/A
Critical Path (1) InJoin Directory Server or (2) LiveContent Directory allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed BER encodings, as demonstrated by the PROTOS LDAPv3 test suite.
CVE-1999-0977 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in Solaris sadmind allows remote attackers to gain root privileges using a NETMGT_PROC_SERVICE request.
CVE-1999-0978 1 Debian 1 Debian Linux 2026-04-16 N/A
htdig allows remote attackers to execute commands via filenames with shell metacharacters.
CVE-1999-0979 1 Sco 1 Unixware 2026-04-16 N/A
The SCO UnixWare privileged process system allows local users to gain root privileges by using a debugger such as gdb to insert traps into _init before the privileged process is executed.
CVE-1999-0980 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Windows NT Service Control Manager (SCM) allows remote attackers to cause a denial of service via a malformed argument in a resource enumeration request.
CVE-2001-1316 1 Teamware 1 Teamware Office 2026-04-16 N/A
Buffer overflows in Teamware Office Enterprise Directory allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.
CVE-2002-0649 1 Microsoft 2 Data Engine, Sql Server 2026-04-16 N/A
Multiple buffer overflows in the Resolution Service for Microsoft SQL Server 2000 and Microsoft Desktop Engine 2000 (MSDE) allow remote attackers to cause a denial of service or execute arbitrary code via UDP packets to port 1434 in which (1) a 0x04 byte that causes the SQL Monitor thread to generate a long registry key name, or (2) a 0x08 byte with a long string causes heap corruption, as exploited by the Slammer/Sapphire worm.
CVE-2002-0680 3 Goahead Software, Montavista Software, Orange Software 3 Goahead Webserver, Hard Hat Linux, Orange Web Server 2026-04-16 N/A
Directory traversal vulnerability in GoAhead Web Server 2.1 allows remote attackers to read arbitrary files via a URL with an encoded / (%5C) in a .. (dot dot) sequence. NOTE: it is highly likely that this candidate will be REJECTED because it has been reported to be a duplicate of CVE-2001-0228.
CVE-2002-1131 2 Redhat, Squirrelmail 2 Linux, Squirrelmail 2026-04-16 N/A
Cross-site scripting vulnerabilities in SquirrelMail 1.2.7 and earlier allows remote attackers to execute script as other web users via (1) addressbook.php, (2) options.php, (3) search.php, or (4) help.php.
CVE-1999-0981 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 5.01 and earlier allows a remote attacker to create a reference to a client window and use a server-side redirect to access local files via that window, aka "Server-side Page Reference Redirect."
CVE-2006-2369 1 Vnc 1 Realvnc 2026-04-16 N/A
RealVNC 4.1.1, and other products that use RealVNC such as AdderLink IP and Cisco CallManager, allows remote attackers to bypass authentication via a request in which the client specifies an insecure security type such as "Type 1 - None", which is accepted even if it is not offered by the server, as originally demonstrated using a long password.
CVE-1999-0982 1 Sun 2 Solaris, Web-based Enterprise Management 2026-04-16 N/A
The Sun Web-Based Enterprise Management (WBEM) installation script stores a password in plaintext in a world readable file.
CVE-1999-0983 1 Internic 1 Whois Lookup 2026-04-16 N/A
Whois Internic Lookup program whois.cgi allows remote attackers to execute commands via shell metacharacters in the domain entry.
CVE-1999-0994 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Windows NT with SYSKEY reuses the keystream that is used for encrypting SAM password hashes, allowing an attacker to crack passwords.
CVE-2001-1317 1 Teamware 1 Teamware Office 2026-04-16 N/A
Teamware Office Enterprise Directory allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, via invalid encodings for certain BER object types, as demonstrated by the PROTOS LDAPv3 test suite.
CVE-2002-1158 2 Canna, Redhat 3 Canna, Enterprise Linux, Linux 2026-04-16 N/A
Buffer overflow in the irw_through function for Canna 3.5b2 and earlier allows local users to execute arbitrary code as the bin user.
CVE-1999-0997 3 Millenux Gmbh, Redhat, University Of Washington 3 Anonftp, Linux, Wu-ftpd 2026-04-16 N/A
wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress.