Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0004 1 Microsoft 1 Windows Xp 2026-04-16 N/A
Buffer overflow in the Windows Redirector function in Microsoft Windows XP allows local users to execute arbitrary code via a long parameter.
CVE-2000-1129 1 Network Associates 1 Webshield Smtp 2026-04-16 N/A
McAfee WebShield SMTP 4.5 allows remote attackers to cause a denial of service via a malformed recipient field.
CVE-2000-1130 1 Network Associates 1 Webshield Smtp 2026-04-16 N/A
McAfee WebShield SMTP 4.5 allows remote attackers to bypass email content filtering rules by including Extended ASCII characters in name of the attachment.
CVE-2000-1179 1 Netopia 1 650-st Isdn Router 2026-04-16 N/A
Netopia ISDN Router 650-ST before 4.3.5 allows remote attackers to read system logs without authentication by directly connecting to the login screen and typing certain control characters.
CVE-2000-1180 1 Oracle 1 Oracle8i 2026-04-16 N/A
Buffer overflow in cmctl program in Oracle 8.1.5 Connection Manager Control allows local users to gain privileges via a long command line argument.
CVE-2000-1187 1 Netscape 2 Communicator, Navigator 2026-04-16 N/A
Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password value in a form field.
CVE-2000-1196 1 Netscape 1 Publishingxpert 2026-04-16 N/A
PSCOErrPage.htm in Netscape PublishingXpert 2.5 before SP2 allows remote attackers to read arbitrary files by specifying the target file in the errPagePath parameter.
CVE-2004-0715 1 Bea 1 Weblogic Server 2026-04-16 N/A
The WebLogic Authentication provider for BEA WebLogic Server and WebLogic Express 8.1 through SP2 and 7.0 through SP4 does not properly clear member relationships when a group is deleted, which can cause a new group with the same name to have the members of the old group, which allows group members to gain privileges.
CVE-2003-0011 1 Microsoft 1 Isa Server 2026-04-16 N/A
Unknown vulnerability in the DNS intrusion detection application filter for Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service (blocked traffic to DNS servers) via a certain type of incoming DNS request that is not properly handled.
CVE-2003-0012 1 Mozilla 1 Bugzilla 2026-04-16 N/A
The data collection script for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x before 2.17.3 sets world-writable permissions for the data/mining directory when it runs, which allows local users to modify or delete the data.
CVE-2004-0716 1 Hp 1 Hp-ux 2026-04-16 N/A
Buffer overflow in the DCE daemon (DCED) for the DCE endpoint mapper (epmap) on HP-UX 11 allows remote attackers to execute arbitrary code via a request with a small fragment length and a large amount of data.
CVE-2004-1587 1 Monolith Productions 4 Alien Versus Predator, Blood, No One Lives Forever and 1 more 2026-04-16 N/A
Buffer overflow in Monolith games including (1) Alien versus Predator 2 1.0.9.6 and earlier, (2) Blood 2 2.1 and earlier, (3) No one lives forever 1.004 and earlier and (4) Shogo 2.2 and earlier allows remote attackers to cause a denial of service (application crash) via a long secure Gamespy query.
CVE-2000-1213 3 Immunix, Iputils, Redhat 3 Immunix, Iputils, Linux 2026-04-16 N/A
ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, does not drop privileges after acquiring a raw socket, which increases ping's exposure to bugs that otherwise would occur at lower privileges.
CVE-2003-0013 1 Mozilla 1 Bugzilla 2026-04-16 N/A
The default .htaccess scripts for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x before 2.17.3 do not include filenames for backup copies of the localconfig file that are made from editors such as vi and Emacs, which could allow remote attackers to obtain a database password by directly accessing the backup file.
CVE-2000-1221 3 Debian, Redhat, Sgi 3 Debian Linux, Linux, Irix 2026-04-16 N/A
The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP.
CVE-2003-0014 1 Bmv 1 Bmv 2026-04-16 N/A
gsinterf.c in bmv 1.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-2000-1224 1 Caucho Technology 1 Resin 2026-04-16 N/A
Caucho Technology Resin 1.2 and possibly earlier allows remote attackers to view JSP source via an HTTP request to a .jsp file with certain characters appended to the file name, such as (1) "..", (2) "%2e..", (3) "%81", (4) "%82", and others.
CVE-2004-0717 3 Linux, Microsoft, Opera 3 Linux Kernel, Windows, Opera Browser 2026-04-16 N/A
Opera 7.51 for Windows and 7.50 for Linux does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.
CVE-2000-1225 1 Imatix 1 Xitami 2026-04-16 N/A
Xitami 2.5b installs the testcgi.exe program by default in the cgi-bin directory, which allows remote attackers to gain sensitive configuration information about the web server by accessing the program.
CVE-2004-0718 4 Firebirdsql, Mozilla, Netscape and 1 more 4 Firebird, Mozilla, Navigator and 1 more 2026-04-16 N/A
The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) Netscape 7.1 web browsers do not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.