Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0448 1 Microsoft 1 Internet Information Server 2026-04-16 N/A
IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request.
CVE-1999-0459 2026-04-16 N/A
Local users can perform a denial of service in Alpha Linux, using MILO to force a reboot.
CVE-2002-0798 1 Hp 1 Hp-ux 2026-04-16 N/A
Vulnerability in swinstall for HP-UX 11.00 and 11.11 allows local users to view obtain data views for files that cannot be directly read by the user, which reportedly can be used to cause a denial of service.
CVE-1999-0472 2 Network Appliance, Snmp 2 Netcache, Snmp 2026-04-16 N/A
The SNMP default community name "public" is not properly removed in NetApps C630 Netcache, even if the administrator tries to disable it.
CVE-1999-0486 1 Aol 1 Instant Messenger 2026-04-16 N/A
Denial of service in AOL Instant Messenger when a remote attacker sends a malicious hyperlink to the receiving client, potentially causing a system crash.
CVE-1999-0488 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 4.0 and 5.0 allows a remote attacker to execute security scripts in a different security context using malicious URLs, a variant of the "cross frame" vulnerability.
CVE-2002-0799 1 Youngzsoft 1 Cmailserver 2026-04-16 N/A
Buffer overflow in YoungZSoft CMailServer 3.30 allows remote attackers to execute arbitrary code via a long USER argument.
CVE-2004-1210 1 Ipcop 1 Ipcop 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in proxylog.dat in IPCop 1.4.1 and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the (1) url or (2) part variables.
CVE-2004-1970 1 Securecomputing 1 Smartether Ss6215s Switch 2026-04-16 N/A
Samsung SmartEther SS6215S switch, and possibly other Samsung switches, allows remote attackers and local users to gain administrative access by providing the admin username followed by a password that is the maximum allowed length, then pressing the enter key after the resulting error message.
CVE-1999-0490 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to learn information about a local user's files via an IMG SRC tag.
CVE-2002-0801 1 Macromedia 1 Jrun 2026-04-16 N/A
Buffer overflow in the ISAPI DLL filter for Macromedia JRun 3.1 allows remote attackers to execute arbitrary code via a direct request to the filter with a long HTTP host header field in a URL for a .jsp file.
CVE-2002-0802 2 Postgresql, Redhat 2 Postgresql, Database 2026-04-16 N/A
The multibyte support in PostgreSQL 6.5.x with SQL_ASCII encoding consumes an extra character when processing a character that cannot be converted, which could remove an escape character from the query and make the application subject to SQL injection attacks.
CVE-1999-0492 2026-04-16 N/A
The ffingerd 1.19 allows remote attackers to identify users on the target system based on its responses.
CVE-2002-0805 2 Mozilla, Redhat 2 Bugzilla, Powertools 2026-04-16 N/A
Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, (1) creates new directories with world-writable permissions, and (2) creates the params file with world-writable permissions, which allows local users to modify the files and execute code.
CVE-1999-0493 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SM_MON and SM_NOTIFY commands, which in turn could be used to remotely exploit other bugs such as in automountd.
CVE-2002-0807 2 Mozilla, Redhat 2 Bugzilla, Powertools 2026-04-16 N/A
Cross-site scripting vulnerabilities in Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, could allow remote attackers to execute script as other Bugzilla users via the full name (real name) field, which is not properly quoted by editusers.cgi.
CVE-1999-0494 1 Wingate 1 Wingate 2026-04-16 N/A
Denial of service in WinGate proxy through a buffer overflow in POP3.
CVE-2002-0809 2 Mozilla, Redhat 2 Bugzilla, Powertools 2026-04-16 N/A
Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, does not properly handle URL-encoded field names that are generated by some browsers, which could cause certain fields to appear to be unset, which has the effect of removing group permissions on bugs when buglist.cgi is provided with the encoded field names.
CVE-1999-0495 2026-04-16 N/A
A remote attacker can gain access to a file system using .. (dot dot) when accessing SMB shares.
CVE-2002-0818 1 Wwwoffle 1 Wwwoffle 2026-04-16 N/A
wwwoffled in World Wide Web Offline Explorer (WWWOFFLE) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a negative Content-Length value.