Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-2134 1 Oracle 1 Application Server 2026-04-16 N/A
Oracle toplink mapping workBench uses a weak encryption algorithm for passwords, which allows local users to decrypt the passwords.
CVE-2005-0968 1 Broadcom 1 Etrust Intrusion Detection 2026-04-16 N/A
Computer Associates (CA) eTrust Intrusion Detection 3.0 allows remote attackers to cause a denial of service via large size values that are not properly validated before calling the CPImportKey function in the Crypto API.
CVE-2000-0269 1 Gnu 1 Emacs 2026-04-16 N/A
Emacs 20 does not properly set permissions for a slave PTY device when starting a new subprocess, which allows local users to read or modify communications between Emacs and the subprocess.
CVE-2002-1836 1 Xerox 2 Docutech 6110, Docutech 6115 2026-04-16 N/A
The default configuration of Xerox DocuTech 6110 and DocuTech 6115 exports certain NFS shares to the world with world writable permissions, which may allow remote attackers to modify sensitive files.
CVE-2004-0555 1 Gnu 1 Queue 2026-04-16 N/A
Buffer overflow in (1) queue.c and (2) queued.c in queue before 1.30.1 may allow remote attackers to execute arbitrary code.
CVE-2004-1488 2 Gnu, Redhat 2 Wget, Enterprise Linux 2026-04-16 N/A
wget 1.8.x and 1.9.x does not filter or quote control characters when displaying HTTP responses to the terminal, which may allow remote malicious web servers to inject terminal escape sequences and execute arbitrary code.
CVE-2004-2135 1 Linux 1 Linux Kernel 2026-04-16 N/A
cryptoloop on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryption.
CVE-2004-2374 1 Working Resources Inc. 1 Badblue 2026-04-16 N/A
BadBlue 2.4 allows remote attackers to obtain the location of the server installation path via a request for phptest.php, which includes the pathname in the source of the resulting HTML.
CVE-2000-0275 1 Cryptocard 1 Cryptoadmin 2026-04-16 N/A
CRYPTOCard CryptoAdmin for PalmOS uses weak encryption to store a user's PIN number, which allows an attacker with access to the .PDB file to generate valid PT-1 tokens after cracking the PIN.
CVE-2002-1837 1 Ids 1 Ids 2026-04-16 N/A
The getAlbumToDisplay function in idsShared.pm for Image Display System (IDS) 0.81 allows remote attackers to determine the existence of arbitrary directories via ".." sequences in the album parameter, which generates different error messages depending on whether the directory exists or not.
CVE-2000-0276 1 Be 1 Beos 2026-04-16 N/A
BeOS 4.5 and 5.0 allow local users to cause a denial of service via malformed direct system calls using interrupt 37.
CVE-2002-1855 1 Macromedia 1 Jrun 2026-04-16 N/A
Macromedia JRun 3.0 through 4.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF.").
CVE-2004-0557 4 Conectiva, Gentoo, Redhat and 1 more 6 Linux, Linux, Enterprise Linux and 3 more 2026-04-16 N/A
Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields.
CVE-2004-2136 1 Linux 1 Linux Kernel 2026-04-16 N/A
dm-crypt on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryption.
CVE-2004-2375 1 1st Class Internet Solutions 1 1st Class Mail Server 2026-04-16 N/A
Buffer overflow in the POP3 server in 1st Class Mail Server 4.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an APOP USER command with a long second parameter (digest).
CVE-2000-0282 1 Talentsoft 1 Web\+ 2026-04-16 N/A
TalentSoft webpsvr daemon in the Web+ shopping cart application allows remote attackers to read arbitrary files via a .. (dot dot) attack on the webplus CGI program.
CVE-2002-1858 1 Oracle 1 Application Server 2026-04-16 N/A
Oracle Oracle9i Application Server 1.0.2.2 and 9.0.2 through 9.0.2.0.1, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF.").
CVE-2004-0558 2 Easy Software Products, Redhat 2 Cups, Enterprise Linux 2026-04-16 N/A
The Internet Printing Protocol (IPP) implementation in CUPS before 1.1.21 allows remote attackers to cause a denial of service (service hang) via a certain UDP packet to the IPP port.
CVE-2000-0283 1 Sgi 1 Irix 2026-04-16 N/A
The default installation of IRIX Performance Copilot allows remote attackers to access sensitive system information via the pmcd daemon.
CVE-2002-1863 1 Iomega 1 Network Attached Storage 2026-04-16 N/A
Iomega Network Attached Storage (NAS) A300U, and possibly other models, does not allow the FTP service to be disabled, which allows local users to access home directories via FTP even when access to all shared directories have been disabled.