Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0405 1 Atstake 1 Antisniff 2026-04-16 N/A
Buffer overflow in L0pht AntiSniff allows remote attackers to execute arbitrary commands via a malformed DNS response packet.
CVE-2002-2124 1 Nylon 1 Nylon 2026-04-16 N/A
The recvn and sendn functions in nylon 0.2 do not check when the recv function call returns 0, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) by closing the connection while recv is executing.
CVE-2004-0640 2 Netkit, Ssltelnetd 2 Linux Netkit, Secure Telnet 2026-04-16 N/A
Format string vulnerability in the SSL_set_verify function in telnetd.c for SSLtelnet daemon (SSLtelnetd) 0.13 allows remote attackers to execute arbitrary code.
CVE-2004-1549 1 Onnuri Infotek 1 Activepost Standard 2026-04-16 N/A
The conference menu in ActivePost Standard 3.1 sends passwords of password-protected rooms in cleartext, which could allow remote attackers to gain sensitive information by sniffing the network connection.
CVE-2004-2160 1 Xmlstarlet 1 Command Line Xml Toolkit 2026-04-16 N/A
Format string vulnerability in xml_elem.c for XMLStarlet Command Line XML Toolkit 0.9.3 may allow attackers to cause a denial of service or execute arbitrary code.
CVE-2004-2383 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 5.0 through 6.0 allows remote attackers to bypass cross-frame scripting restrictions and capture keyboard events from other domains via an HTML document with Javascript that is outside a frameset that includes the target domain, then forcing the frameset to maintain focus. NOTE: the discloser claimed that the vendor does not categorize this as a vulnerability, but it can be used in a spoofing scenario; the discloser provides alternate scenarios. Spoofing scenarios are currently included in CVE.
CVE-2000-0406 1 Netscape 1 Communicator 2026-04-16 N/A
Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the "Acros-Suencksen SSL" vulnerability.
CVE-2004-0641 1 Thomson 1 Speedtouch 2026-04-16 N/A
Thomson SpeedTouch 510 ADSL Router with firmware GV8BAA3.270, and possibly earlier versions, generates predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections.
CVE-2004-1550 1 Motorola 1 Wr850g 2026-04-16 N/A
Motorola Wireless Router WR850G running firmware 4.03 allows remote attackers to bypass authentication, log on as an administrator, and obtain sensitive information by repeatedly making an HTTP request for ver.asp until an administrator logs on.
CVE-2004-2161 1 Tutos 1 Tutos 2026-04-16 N/A
SQL injection vulnerability in file_overview.php in TUTOS 1.1 allows remote attackers to execute arbitrary SQL commands via the link_id parameter.
CVE-2004-2384 1 Nullsoft 1 Winamp 2026-04-16 N/A
NullSoft Winamp 5.02 allows remote attackers to cause a denial of service (crash) by creating a file with a long filename, which causes the victim's player to crash when the file is opened from the command line.
CVE-2002-2125 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Internet Explorer 6.0 does not warn users when an expired certificate authority (CA) certificate is submitted to the user and a newer CA certificate is in the user's local repository, which could allow remote attackers to decrypt web sessions via a man-in-the-middle (MITM) attack.
CVE-2000-0407 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in Solaris netpr program allows local users to execute arbitrary commands via a long -p option.
CVE-2002-2132 1 Microsoft 2 Windows 2000, Windows Xp 2026-04-16 N/A
Windows File Protection (WFP) in Windows 2000 and XP does not remove old security catalog .CAT files, which could allow local users to replace new files with vulnerable old files that have valid hash codes.
CVE-2000-0408 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-04-16 N/A
IIS 4.05 and 5.0 allow remote attackers to cause a denial of service via a long, complex URL that appears to contain a large number of file extensions, aka the "Malformed Extension Data in URL" vulnerability.
CVE-2000-0409 1 Netscape 1 Communicator 2026-04-16 N/A
Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate.
CVE-2000-0410 1 Allaire 1 Coldfusion Server 2026-04-16 N/A
ColdFusion Server 4.5.1 allows remote attackers to cause a denial of service by making repeated requests to a CFCACHE tagged cache file that is not stored in memory.
CVE-2002-2133 1 Telindus 1 1120 Adsl Router 2026-04-16 N/A
Telindus 1100 ASDL router running firmware 6.0.x uses weak encryption for UDP session traffic, which allows remote attackers to gain unauthorized access by sniffing and decrypting the administrative password.
CVE-2004-1551 1 Php Arena 1 Pafiledb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the (1) email or (2) file modules in paFileDB 3.1 Final allows remote attackers to execute arbitrary web script or HTML via the id parameter.
CVE-2000-0411 1 Matt Wright 1 Formmail 2026-04-16 N/A
Matt Wright's FormMail CGI script allows remote attackers to obtain environmental variables via the env_report parameter.