Export limit exceeded: 357835 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (357835 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-1491 | 1 Kerio | 1 Personal Firewall | 2026-04-16 | N/A |
| Kerio Personal Firewall (KPF) 2.1.4 has a default rule to accept incoming packets from DNS (UDP port 53), which allows remote attackers to bypass the firewall filters via packets with a source port of 53. | ||||
| CVE-2003-1492 | 2 Mozilla, Netscape | 2 Firefox, Navigator | 2026-04-16 | N/A |
| Netscape Navigator 7.0.2 and Mozilla allows remote attackers to access cookie information in a different domain via an HTTP request for a domain with an extra . (dot) at the end. | ||||
| CVE-2003-1493 | 1 Hp | 1 Openview Network Node Manager | 2026-04-16 | N/A |
| Memory leak in HP OpenView Network Node Manager (NNM) 6.2 and 6.4 allows remote attackers to cause a denial of service (memory exhaustion) via crafted TCP packets. | ||||
| CVE-2003-1494 | 1 Hp | 1 Openview Network Node Manager | 2026-04-16 | N/A |
| Unspecified vulnerability in HP OpenView Network Node Manager (NNM) 6.2 and 6.4 allows remote attackers to cause a denial of service (CPU consumption) via a crafted TCP packet. | ||||
| CVE-2004-0119 | 1 Microsoft | 3 Windows 2000, Windows Server 2003, Windows Xp | 2026-04-16 | 7.5 High |
| The Negotiate Security Software Provider (SSP) interface in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service (crash from null dereference) or execute arbitrary code via a crafted SPNEGO NegTokenInit request during authentication protocol selection. | ||||
| CVE-2004-1842 | 1 Phpnuke | 1 Php-nuke | 2026-04-16 | 8.8 High |
| Cross-site request forgery (CSRF) vulnerability in Php-Nuke 6.x through 7.1.0 allows remote attackers to gain administrative privileges via an img tag with a URL to admin.php. | ||||
| CVE-2006-2581 | 1 Rwiki | 1 Rwiki | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Wiki content in RWiki 2.1.0pre1 through 2.1.0 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. | ||||
| CVE-1999-0122 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Buffer overflow in AIX lchangelv gives root access. | ||||
| CVE-1999-0227 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Access violation in LSASS.EXE (LSA/LSARPC) program in Windows NT allows a denial of service. | ||||
| CVE-1999-0275 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Denial of service in Windows NT DNS servers by flooding port 53 with too many characters. | ||||
| CVE-1999-0496 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| A Windows NT 4.0 user can gain administrative rights by forcing NtOpenProcessToken to succeed regardless of the user's permissions, aka GetAdmin. | ||||
| CVE-2000-0622 | 1 Oreilly | 1 Website Professional | 2026-04-16 | N/A |
| Buffer overflow in Webfind CGI program in O'Reilly WebSite Professional web server 2.x allows remote attackers to execute arbitrary commands via a URL containing a long "keywords" parameter. | ||||
| CVE-1999-0497 | 2026-04-16 | N/A | ||
| Anonymous FTP is enabled. | ||||
| CVE-1999-1125 | 1 Oracle | 1 Http Server | 2026-04-16 | N/A |
| Oracle Webserver 2.1 and earlier runs setuid root, but the configuration file is owned by the oracle account, which allows any local or remote attacker who obtains access to the oracle account to gain privileges or modify arbitrary files by modifying the configuration file. | ||||
| CVE-2000-0773 | 1 Bajie | 1 Java Http Server | 2026-04-16 | N/A |
| Bajie HTTP web server 0.30a allows remote attackers to read arbitrary files via a URL that contains a "....", a variant of the dot dot directory traversal attack. | ||||
| CVE-1999-1365 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Windows NT searches a user's home directory (%systemroot% by default) before other directories to find critical programs such as NDDEAGNT.EXE, EXPLORER.EXE, USERINIT.EXE or TASKMGR.EXE, which could allow local users to bypass access restrictions or gain privileges by placing a Trojan horse program into the root directory, which is writable by default. | ||||
| CVE-1999-1397 | 1 Microsoft | 1 Index Server | 2026-04-16 | N/A |
| Index Server 2.0 on IIS 4.0 stores physical path information in the ContentIndex\Catalogs subkey of the AllowedPaths registry key, whose permissions allows local and remote users to obtain the physical paths of directories that are being indexed. | ||||
| CVE-2000-0844 | 13 Caldera, Conectiva, Debian and 10 more | 16 Openlinux, Openlinux Ebuilder, Openlinux Eserver and 13 more | 2026-04-16 | N/A |
| Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. | ||||
| CVE-1999-1486 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| sadc in IBM AIX 4.1 through 4.3, when called from programs such as timex that are setgid adm, allows local users to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2000-0121 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| The Recycle Bin utility in Windows NT and Windows 2000 allows local users to read or modify files by creating a subdirectory with the victim's SID in the recycler directory, aka the "Recycle Bin Creation" vulnerability. | ||||