Export limit exceeded: 357822 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (357822 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-0502 | 3 Hp, Redhat, Sun | 4 Hp-ux, Linux, Solaris and 1 more | 2026-04-16 | N/A |
| A Unix account has a default, null, blank, or missing password. | ||||
| CVE-1999-0693 | 3 Hp, Ibm, Sco | 3 Hp-ux, Aix, Unixware | 2026-04-16 | N/A |
| Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges. | ||||
| CVE-2000-0324 | 1 Symantec | 1 Pcanywhere | 2026-04-16 | N/A |
| pcAnywhere 8.x and 9.0 allows remote attackers to cause a denial of service via a TCP SYN scan, e.g. by nmap. | ||||
| CVE-2001-0202 | 1 Informs | 1 Picserver | 2026-04-16 | N/A |
| Picserver web server allows remote attackers to read arbitrary files via a .. (dot dot) attack in an HTTP GET request. | ||||
| CVE-2002-0863 | 1 Microsoft | 5 .net Windows Server, Windows 2000, Windows 2000 Terminal Services and 2 more | 2026-04-16 | N/A |
| Remote Data Protocol (RDP) version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, aka "Weak Encryption in RDP Protocol." | ||||
| CVE-2002-1150 | 1 Microsoft | 1 Netmeeting | 2026-04-16 | N/A |
| The Remote Desktop Sharing (RDS) Screen Saver Protection capability for Microsoft NetMeeting 3.01 through SP2 (4.4.3396) allows attackers with physical access to hijack remote sessions by entering certain logoff or shutdown sequences (such as CTRL-ALT-DEL) and canceling out of the resulting user confirmation prompts, such as when the remote user is editing a document. | ||||
| CVE-2002-1168 | 1 Ibm | 1 Websphere Caching Proxy Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x before 4.0.1.26 allows remote attackers to execute script as other users via an HTTP request that contains an Location: header with a "%0a%0d" (CRLF) sequence, which echoes the Location as an HTTP header in the server response. | ||||
| CVE-2003-0105 | 1 Port80 Software | 1 Servermask | 2026-04-16 | N/A |
| ServerMask 2.2 and earlier does not obfuscate (1) ETag, (2) HTTP Status Message, or (3) Allow HTTP responses, which could tell remote attackers that the web server is an IIS server. | ||||
| CVE-1999-0030 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| root privileges via buffer overflow in xlock command on SGI IRIX systems. | ||||
| CVE-1999-0033 | 5 Ibm, Ncr, Sco and 2 more | 7 Aix, Mp-ras, Open Desktop and 4 more | 2026-04-16 | N/A |
| Command execution in Sun systems via buffer overflow in the at program. | ||||
| CVE-1999-0499 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-04-16 | N/A |
| NETBIOS share information may be published through SNMP registry keys in NT. | ||||
| CVE-1999-0534 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-04-16 | N/A |
| A Windows NT user has inappropriate rights or privileges, e.g. Act as System, Add Workstation, Backup, Change System Time, Create Pagefile, Create Permanent Object, Create Token Name, Debug, Generate Security Audit, Increase Priority, Increase Quota, Load Driver, Lock Memory, Profile Single Process, Remote Shutdown, Replace Process Token, Restore, System Environment, Take Ownership, or Unsolicited Input. | ||||
| CVE-2006-4127 | 1 Dconnect | 1 Dconnect Daemon | 2026-04-16 | N/A |
| Multiple format string vulnerabilities in DConnect Daemon 0.7.0 and earlier allow remote administrators to execute arbitrary code via format string specifiers that are not properly handled when calling the (1) privmsg() or (2) pubmsg functions from (a) cmd.user.c, (b) penalties.c, or (c) cmd.dc.c. | ||||
| CVE-2006-4128 | 1 Symantec Veritas | 1 Backup Exec | 2026-04-16 | N/A |
| Multiple heap-based buffer overflows in Symantec VERITAS Backup Exec for Netware Server Remote Agent for Windows Server 9.1 and 9.2 (all builds), Backup Exec Continuous Protection Server Remote Agent for Windows Server 10.1 (builds 10.1.325.6301, 10.1.326.1401, 10.1.326.2501, 10.1.326.3301, and 10.1.327.401), and Backup Exec for Windows Server and Remote Agent 9.1 (build 9.1.4691), 10.0 (builds 10.0.5484 and 10.0.5520), and 10.1 (build 10.1.5629) allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted RPC message. | ||||
| CVE-2006-4129 | 1 Joomla | 1 Webring Component | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in admin.webring.docs.php in the Webring Component (com_webring) 1.0 and earlier for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the component_dir parameter. | ||||
| CVE-2006-4130 | 1 Matt Smith | 1 Remository For Mambo | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in admin.remository.php in the Remository Component (com_remository) 3.25 and earlier for Mambo and Joomla!, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| CVE-2006-4131 | 1 Arcsoft | 1 Mms Composer | 2026-04-16 | N/A |
| Multiple buffer overflows in ArcSoft MMS Composer 1.5.5.6, and possibly earlier, and 2.0.0.13, and possibly earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via crafted MMS (Multimedia Messaging Service) messages that trigger the overflows in the (1) M-Notification.ind, (2) M-Retrieve.conf (Header and Body), or (3) SMIL parsers. | ||||
| CVE-2006-4132 | 1 Arcsoft | 1 Mms Composer | 2026-04-16 | N/A |
| ArcSoft MMS Composer 1.5.5.6 and possibly earlier, and 2.0.0.13 and possibly earlier, allow remote attackers to cause a denial of service (resource exhaustion and application crash) via WAPPush messages to UDP port UDP 2948. | ||||
| CVE-2006-4133 | 1 Sap | 1 Internet Graphics Server | 2026-04-16 | N/A |
| Heap-based buffer overflow in SAP Internet Graphics Service (IGS) 6.40 and earlier, and 7.00 and earlier, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via an HTTP request with an ADM:GETLOGFILE command and a long portwatcher argument, which triggers the overflow during error message construction when the _snprintf function returns a negative value that is used in a memcpy operation. | ||||
| CVE-2006-4134 | 1 Sap | 1 Internet Graphics Server | 2026-04-16 | N/A |
| Unspecified vulnerability related to a "design flaw" in SAP Internet Graphics Service (IGS) 6.40 and earlier and 7.00 and earlier allows remote attackers to cause a denial of service (service shutdown) via certain HTTP requests. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. | ||||