Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1468 2 Usermin, Webmin 2 Usermin, Webmin 2026-04-16 N/A
The web mail functionality in Usermin 1.x and Webmin 1.x allows remote attackers to execute arbitrary commands via shell metacharacters in an e-mail message.
CVE-2000-0202 1 Microsoft 2 Data Engine, Sql Server 2026-04-16 N/A
Microsoft SQL Server 7.0 and Microsoft Data Engine (MSDE) 1.0 allow remote attackers to gain privileges via a malformed Select statement in an SQL query.
CVE-2002-1744 1 Microsoft 1 Internet Information Services 2026-04-16 N/A
Directory traversal vulnerability in CodeBrws.asp in Microsoft IIS 5.0 allows remote attackers to view source code and determine the existence of arbitrary files via a hex-encoded "%c0%ae%c0%ae" string, which is the Unicode representation for ".." (dot dot).
CVE-2002-2145 1 Savant 1 Savant Webserver 2026-04-16 N/A
Savant Web Server 3.1 and earlier allows remote attackers to bypass authentication for password protected user folders via a URL with a hex encoded space (%20) and a '.' (%2e) at the end of the filename.
CVE-2000-0203 1 Trend Micro 1 Officescan 2026-04-16 N/A
The Trend Micro OfficeScan client tmlisten.exe allows remote attackers to cause a denial of service via malformed data to port 12345.
CVE-2004-0506 3 Ethereal Group, Redhat, Sgi 3 Ethereal, Enterprise Linux, Propack 2026-04-16 N/A
The SPNEGO dissector in Ethereal 0.9.8 to 0.10.3 allows remote attackers to cause a denial of service (crash) via unknown attack vectors that cause a null pointer dereference.
CVE-2004-1469 1 Peter D. Gray 1 Sus 2026-04-16 N/A
Format string vulnerability in the log function in SUS 2.0.2, and other versions before 2.0.6, allows local users to execute arbitrary code via format string specifiers in a command line argument that is passed directly to syslog.
CVE-2004-2117 1 Tinyserver 1 Tinyserver 2026-04-16 N/A
Tiny Server 1.1 allows remote attackers to cause a denial of service (crash) via malformed HTTP requests such as (1) a GET request without the HTTP version (HTTP/1.1), or (2) a request without GET or the HTTP version.
CVE-2000-0204 1 Trend Micro 1 Officescan 2026-04-16 N/A
The Trend Micro OfficeScan client allows remote attackers to cause a denial of service by making 5 connections to port 12345, which raises CPU utilization to 100%.
CVE-2002-1746 1 Maxim Krasnyansky 1 Vtun 2026-04-16 N/A
Vtun 2.5b1 allows remote attackers to inject data into user sessions by sniffing and replaying packets.
CVE-2000-0205 1 Trend Micro 1 Officescan 2026-04-16 N/A
Trend Micro OfficeScan allows remote attackers to replay administrative commands and modify the configuration of OfficeScan clients.
CVE-2002-1747 1 Maxim Krasnyansky 1 Vtun 2026-04-16 N/A
Vtun 2.5b1 does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on ECB.
CVE-2004-0507 3 Ethereal Group, Redhat, Sgi 3 Ethereal, Enterprise Linux, Propack 2026-04-16 N/A
Buffer overflow in the MMSE dissector for Ethereal 0.10.1 to 0.10.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code.
CVE-2004-1470 1 Snipsnap 1 Snipsnap 2026-04-16 N/A
CRLF injection vulnerability in SnipSnap 0.5.2a, and other versions before 1.0b1, allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server.
CVE-2004-2118 1 Tinyserver 1 Tinyserver 2026-04-16 N/A
Tiny Server 1.1 allows remote attackers to cause a denial of service (crash) via a GET request with a long filename, possibly due to a buffer overflow.
CVE-2002-2189 2 Activxperts Software, Microsoft 2 Activwebserver, Windows 2003 Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in ActiveXperts Software ActiveWebserver allows remote attackers to execute arbitrary web script via a link.
CVE-2000-0290 1 4d 1 Webstar Http Server 2026-04-16 N/A
Buffer overflow in Webstar HTTP server allows remote attackers to cause a denial of service via a long GET request.
CVE-2002-1881 1 Macromedia 1 Flash Player 2026-04-16 N/A
Macromedia Flash Player 4.0 r12 through 6.0.47.0 allows remote attackers to cause a denial of service (web browser crash) via malformed content in a Flash Shockwave (.SWF) file, as demonstrated by by ROT13 encoding the body of the file but not the headers.
CVE-2004-0564 2 Debian, Roaring Penguin 2 Debian Linux, Pppoe 2026-04-16 N/A
Roaring Penguin pppoe (rp-ppoe), if installed or configured to run setuid root contrary to its design, allows local users to overwrite arbitrary files. NOTE: the developer has publicly disputed the claim that this is a vulnerability because pppoe "is NOT designed to run setuid-root." Therefore this identifier applies *only* to those configurations and installations under which pppoe is run setuid root despite the developer's warnings.
CVE-2000-0291 1 Sun 1 Staroffice 2026-04-16 N/A
Buffer overflow in Star Office 5.1 allows attackers to cause a denial of service by embedding a long URL within a document.