Search Results (359806 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-1408 1 Lotus 1 Domino Server 2026-04-16 N/A
Lotus Domino Server 5.0 and 6.0 allows remote attackers to read the source code for files via an HTTP request with a filename with a trailing dot.
CVE-2003-1424 1 Petitforum 1 Petitforum 2026-04-16 N/A
message.php in Petitforum does not properly authenticate users, which allows remote attackers to impersonate forum users via a modified connect cookie.
CVE-2003-1427 1 Netgear 1 Fm114p 2026-04-16 N/A
Directory traversal vulnerability in the web configuration interface in Netgear FM114P 1.4 allows remote attackers to read arbitrary files, such as the netgear.cfg configuration file, via a hex-encoded (%2e%2e%2f) ../ (dot dot slash) in the port parameter.
CVE-2005-2974 2 Libungif, Redhat 2 Libungif, Enterprise Linux 2026-04-16 N/A
libungif library before 4.1.0 allows attackers to cause a denial of service via a crafted GIF file that triggers a null dereference.
CVE-2000-0014 1 Michael Lamont 1 Savant Webserver 2026-04-16 N/A
Denial of service in Savant web server via a null character in the requested URL.
CVE-1999-0050 1 Hp 1 Hp-ux 2026-04-16 N/A
Buffer overflow in HP-UX newgrp program.
CVE-1999-0512 2026-04-16 N/A
A mail server is explicitly configured to allow SMTP mail relay, which allows abuse by spammers.
CVE-1999-0518 1 Microsoft 1 Windows 95 2026-04-16 N/A
A NETBIOS/SMB share password is guessable.
CVE-1999-1061 1 Hp 1 Jetdirect 2026-04-16 N/A
HP Laserjet printers with JetDirect cards, when configured with TCP/IP, can be configured without a password, which allows remote attackers to connect to the printer and change its IP address or disable logging.
CVE-1999-1308 1 Hp 1 Hp-ux 2026-04-16 N/A
Certain programs in HP-UX 10.20 do not properly handle large user IDs (UID) or group IDs (GID) over 60000, which could allow local users to gain privileges.
CVE-2005-0224 1 Hp 1 Virtualvault 2026-04-16 N/A
Unknown vulnerability in HP-UX B.11.04 running Virtualvault 4.5 through 4.7, when running the TGA daemon, allows remote attackers to cause a denial of service via certain network traffic.
CVE-2005-0297 1 Oracle 1 Database Server 2026-04-16 N/A
SQL injection vulnerability in Oracle Database 9i and 10g allows remote attackers to execute arbitrary SQL commands and gain privileges.
CVE-2006-3311 2 Adobe, Redhat 3 Flash Player, Flex Sdk, Rhel Extras 2026-04-16 N/A
Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash Professional 8, Flash MX 2004, and Flex 1.5 allows user-assisted remote attackers to execute arbitrary code via a long, dynamically created string in a SWF movie.
CVE-2006-4640 2 Adobe, Redhat 2 Flash Player, Rhel Extras 2026-04-16 N/A
Unspecified vulnerability in Adobe Flash Player before 9.0.16.0 allows user-assisted remote attackers to bypass the allowScriptAccess protection via unspecified vectors.
CVE-2006-3440 1 Microsoft 3 Windows 2000, Windows 2003 Server, Windows Xp 2026-04-16 N/A
Buffer overflow in the Winsock API in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via unknown vectors, aka "Winsock Hostname Vulnerability."
CVE-2006-3441 1 Microsoft 3 Windows 2000, Windows 2003 Server, Windows Xp 2026-04-16 N/A
Buffer overflow in the DNS Client service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted record response. NOTE: while MS06-041 implies that there is a single issue, there are multiple vectors, and likely multiple vulnerabilities, related to (1) a heap-based buffer overflow in a DNS server response to the client, (2) a DNS server response with malformed ATMA records, and (3) a length miscalculation in TXT, HINFO, X25, and ISDN records.
CVE-2006-3443 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Untrusted search path vulnerability in Winlogon in Microsoft Windows 2000 SP4, when SafeDllSearchMode is disabled, allows local users to gain privileges via a malicious DLL in the UserProfile directory, aka "User Profile Elevation of Privilege Vulnerability."
CVE-2006-3444 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Unspecified vulnerability in the kernel in Microsoft Windows 2000 SP4, probably a buffer overflow, allows local users to obtain privileges via unspecified vectors involving an "unchecked buffer."
CVE-2006-3449 1 Microsoft 1 Powerpoint 2026-04-16 N/A
Unspecified vulnerability in Microsoft PowerPoint 2000 through 2003, possibly a buffer overflow, allows user-assisted remote attackers to execute arbitrary commands via a malformed record in the BIFF file format used in a PPT file, a different issue than CVE-2006-1540, aka "Microsoft PowerPoint Malformed Record Vulnerability."
CVE-2006-3639 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 5.01 and 6 does not properly identify the originating domain zone when handling redirects, which allows remote attackers to read cross-domain web pages and possibly execute code via unspecified vectors involving a crafted web page, aka "Source Element Cross-Domain Vulnerability."