Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0252 1 Typsoft 1 Typsoft Ftp Server 2026-04-16 N/A
TYPSoft FTP Server 1.10 allows remote attackers to cause a denial of service (CPU consumption) via an empty USER name.
CVE-1999-1105 1 Microsoft 1 Windows 95 2026-04-16 N/A
Windows 95, when Remote Administration and File Sharing for NetWare Networks is enabled, creates a share (C$) when an administrator logs in remotely, which allows remote attackers to read arbitrary files by mapping the network drive.
CVE-2002-1254 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model and access information on the local system or in other domains, and possibly execute code, via cached methods and objects, aka "Cross Domain Verification via Cached Methods."
CVE-1999-1106 1 Kde 1 Kde 2026-04-16 N/A
Buffer overflow in kppp in KDE allows local users to gain root access via a long -c (account_name) command line argument.
CVE-2002-1255 1 Microsoft 1 Outlook 2026-04-16 N/A
Microsoft Outlook 2002 allows remote attackers to cause a denial of service (repeated failure) via an email message with a certain invalid header field that is accessed using POP3, IMAP, or WebDAV, aka "E-mail Header Processing Flaw Could Cause Outlook 2002 to Fail."
CVE-2004-0253 1 Ibm 1 Cloudscape 2026-04-16 N/A
IBM Cloudscape 5.1 running jdk 1.4.2_03 allows remote attackers to execute arbitrary programs or cause a denial of service via certain SQL code, possibly due to a SQL injection vulnerability.
CVE-2004-2040 1 E107 1 E107 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in e107 0.615 allow remote attackers to inject arbitrary web script or HTML via the (1) LAN_407 parameter to clock_menu.php, (2) "email article to a friend" field, (3) "submit news" field, or (4) avmsg parameter to usersettings.php.
CVE-1999-1107 1 Kde 1 Kde 2026-04-16 N/A
Buffer overflow in kppp in KDE allows local users to gain root access via a long PATH environmental variable.
CVE-2002-1257 1 Microsoft 8 Windows 2000, Windows 2000 Terminal Services, Windows 95 and 5 more 2026-04-16 N/A
Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allows remote attackers to execute arbitrary code by including a Java applet that invokes COM (Component Object Model) objects in a web site or an HTML mail.
CVE-2004-0254 1 Crosscom Olicom 1 Discuz 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Discuz! Board 2.x and 3.x allows remote attackers to execute arbitrary script as other users via an img tag.
CVE-2004-2041 1 E107 1 E107 2026-04-16 N/A
PHP remote file inclusion vulnerability in secure_img_render.php in e107 0.615 allows remote attackers to execute arbitrary PHP code by modifying the p parameter to reference a URL on a remote web server that contains the code.
CVE-1999-1109 1 Sendmail 1 Sendmail 2026-04-16 N/A
Sendmail before 8.10.0 allows remote attackers to cause a denial of service by sending a series of ETRN commands then disconnecting from the server, while Sendmail continues to process the commands after the connection has been terminated.
CVE-2002-1265 3 Apple, Gnu, Sgi 4 Mac Os X, Mac Os X Server, Glibc and 1 more 2026-04-16 N/A
The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows remote attackers to cause a denial of service (hang).
CVE-2004-0255 1 Xlight Ftp Server 1 Xlight Ftp Server 2026-04-16 N/A
Xlight 1.52, with log to screen enabled, allows remote attackers to cause a denial of service by requesting a long directory consisting of . (dot) and / (slash) characters, which causes the server to crash when the administrator views the log file, possibly triggering a buffer overflow.
CVE-2004-1372 1 Ibm 1 Db2 Universal Database 2026-04-16 N/A
Multiple stack-based buffer overflows in IBM DB2 7.x and 8.1 allow local users to execute arbitrary code via (1) a long third argument to the rec2xml function or (2) a long filename argument to the generate_distfile procedure.
CVE-2004-0256 1 Gnu 1 Libtool 2026-04-16 N/A
GNU libtool before 1.5.2, during compile time, allows local users to overwrite arbitrary files via a symlink attack on libtool directories in /tmp.
CVE-1999-1110 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Windows Media Player ActiveX object as used in Internet Explorer 5.0 returns a specific error code when a file does not exist, which allows remote malicious web sites to determine the existence of files on the client.
CVE-2002-1276 2 Redhat, Squirrelmail 2 Linux, Squirrelmail 2026-04-16 N/A
An incomplete fix for a cross-site scripting (XSS) vulnerability in SquirrelMail 1.2.8 calls the strip_tags function on the PHP_SELF value but does not save the result back to that variable, leaving it open to cross-site scripting attacks.
CVE-2004-0257 2 Netbsd, Openbsd 2 Netbsd, Openbsd 2026-04-16 N/A
OpenBSD 3.4 and NetBSD 1.6 and 1.6.1 allow remote attackers to cause a denial of service (crash) by sending an IPv6 packet with a small MTU to a listening port and then issuing a TCP connect to that port.
CVE-2004-1373 1 Nullsoft 1 Shoutcast Server 2026-04-16 N/A
Format string vulnerability in SHOUTcast 1.9.4 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via format string specifiers in a content URL, as demonstrated in the filename portion of a .mp3 file.