Search Results (366762 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-1236 1 Oracle 1 Application Server 2026-04-16 N/A
SQL injection vulnerability in mod_sql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the query string of the URL.
CVE-2000-1237 1 Floosietek 1 Ftgate 2026-04-16 N/A
The POP3 server in FTGate returns an -ERR code after receiving an invalid USER request, which makes it easier for remote attackers to determine valid usernames and conduct brute force password guessing.
CVE-2000-1234 1 Phorum 1 Phorum 2026-04-16 N/A
violation.php3 in Phorum 3.0.7 allows remote attackers to send e-mails to arbitrary addresses and possibly use Phorum as a "spam proxy" by setting the Mod and ForumName parameters.
CVE-2001-0012 2 Isc, Redhat 2 Bind, Linux 2026-04-16 N/A
BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variables.
CVE-1999-0941 1 Mutt 1 Mutt 2026-04-16 N/A
Mutt mail client allows a remote attacker to execute commands via shell metacharacters.
CVE-2000-1241 1 Sips 1 Sips 2026-04-16 N/A
Unspecified vulnerability in Haakon Nilsen simple, integrated publishing system (SIPS) before 0.2.4 has an unknown impact and attack vectors, related to a "grave security fault."
CVE-2000-1243 1 Dansie 1 Shopping Cart 2026-04-16 N/A
Privacy leak in Dansie Shopping Cart 3.04, and probably earlier versions, sends sensitive information such as user credentials to an e-mail address controlled by the product developers.
CVE-2000-1242 1 Apc 1 Powerchute 2026-04-16 N/A
The HTTP service in American Power Conversion (APC) PowerChute uses a default username and password, which allows remote attackers to gain system access.
CVE-2006-1038 1 Van Dyke Technologies 2 Securecrt, Securefx 2026-04-16 N/A
Buffer overflow in SecureCRT 5.0.4 and earlier and SecureFX 3.0.4 and earlier allows remote attackers to have an unknown impact when a Unicode string is converted to a "narrow" string.
CVE-1999-0948 3 Sgi, Sun, Turbolinux 4 Irix, Solaris, Sunos and 1 more 2026-04-16 N/A
Buffer overflow in uum program for Canna input system allows local users to gain root privileges.
CVE-1999-0955 1 Washington University 1 Wu-ftpd 2026-04-16 N/A
Race condition in wu-ftpd and BSDI ftpd allows remote attackers to gain root access via the SITE EXEC command.
CVE-2001-0005 1 Microsoft 1 Powerpoint 2026-04-16 N/A
Buffer overflow in the parsing mechanism of the file loader in Microsoft PowerPoint 2000 allows attackers to execute arbitrary commands.
CVE-2001-0007 1 Netscreen 1 Screen Os 2026-04-16 N/A
Buffer overflow in NetScreen Firewall WebUI allows remote attackers to cause a denial of service via a long URL request to the web administration interface.
CVE-2001-0008 2 Borland Software, Firebirdsql 2 Interbase, Firebird 2026-04-16 N/A
Backdoor account in Interbase database server allows remote attackers to overwrite arbitrary files using stored procedures.
CVE-2001-0009 1 Lotus 1 Domino Server 2026-04-16 N/A
Directory traversal vulnerability in Lotus Domino 5.0.5 web server allows remote attackers to read arbitrary files via a .. attack.
CVE-2001-0010 2 Isc, Redhat 2 Bind, Linux 2026-04-16 N/A
Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to gain root privileges.
CVE-2001-0015 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Network Dynamic Data Exchange (DDE) in Windows 2000 allows local users to gain SYSTEM privileges via a "WM_COPYDATA" message to an invisible window that is running with the privileges of the WINLOGON process.
CVE-2001-0016 1 Microsoft 1 Windows Nt 2026-04-16 N/A
NTLM Security Support Provider (NTLMSSP) service does not properly check the function number in an LPC request, which could allow local users to gain administrator level access.
CVE-2001-0017 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Memory leak in PPTP server in Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed data packet, aka the "Malformed PPTP Packet Stream" vulnerability.
CVE-2001-0019 1 Cisco 2 Arrowpoint, Content Services Switch 2026-04-16 N/A
Arrowpoint (aka Cisco Content Services, or CSS) allows local users to cause a denial of service via a long argument to the "show script," "clear script," "show archive," "clear archive," "show log," or "clear log" commands.