Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-2095 1 Niels Provos 1 Honeyd 2026-04-16 N/A
Honeyd before 0.8 replies to TCP packets with the SYN and RST flags set, which allows remote attackers to identify IP addresses that are being simulated by Honeyd.
CVE-1999-1322 2 Broadcom, Microsoft 3 Arcserve Backup, Inoculan, Exchange Server 2026-04-16 N/A
The installation of 1ArcServe Backup and Inoculan AV client modules for Exchange create a log file, exchverify.log, which contains usernames and passwords in plaintext.
CVE-2002-1471 1 Ximian 1 Evolution 2026-04-16 N/A
The camel component for Ximian Evolution 1.0.x and earlier does not verify certificates when it establishes a new SSL connection after previously verifying a certificate, which could allow remote attackers to monitor or modify sessions via a man-in-the-middle attack.
CVE-2004-0386 3 Gentoo, Mandrakesoft, Mplayer 3 Linux, Mandrake Linux, Mplayer 2026-04-16 N/A
Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote attackers to execute arbitrary code via a long Location header.
CVE-2004-1436 1 Cisco 1 Optical Networking Systems Software 2026-04-16 N/A
The Transaction Language 1 (TL1) login interface in Cisco ONS 15327 4.6(0) and 4.6(1) and 15454 and 15454 SDH 4.6(0) and 4.6(1), when a user account is configured with a blank password, allows remote attackers to gain unauthorized access by logging in with a password larger than 10 characters.
CVE-1999-1331 1 Redhat 1 Linux 2026-04-16 N/A
netcfg 2.16-1 in Red Hat Linux 4.2 allows the Ethernet interface to be controlled by users on reboot when an option is set, which allows local users to cause a denial of service by shutting down the interface.
CVE-2002-1479 1 The Cacti Group 1 Cacti 2026-04-16 N/A
Cacti before 0.6.8 stores a MySQL username and password in plaintext in config.php, which has world-readable permissions, which allows local users to modify databases as the Cacti user and possibly gain privileges.
CVE-2004-0387 2 Realnetworks, Redhat 3 Realone Player, Realplayer, Rhel Extras 2026-04-16 N/A
Stack-based buffer overflow in the RT3 plugin, as used in RealPlayer 8, RealOne Player, RealOne Player 10 beta, and RealOne Player Enterprise, allows remote attackers to execute arbitrary code via a malformed .R3T file.
CVE-2004-1437 1 Pavuk 1 Pavuk 2026-04-16 N/A
Multiple buffer overflows in the digest authentication functionality in Pavuk 0.9.28-r2 and earlier allow remote attackers to execute arbitrary code.
CVE-2004-2096 1 Mephistoles Internet Suite 1 Mephistoles Httpd 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Mephistoles httpd 0.6.0 final allows remote attackers to execute arbitrary script as other users by injecting arbitrary HTML or script into the URL.
CVE-2004-2368 1 The Opt-x Project 1 Opt-x 2026-04-16 N/A
PHP remote file inclusion vulnerability in header.php in Opt-X 0.7.2 allows remote attackers to execute arbitrary PHP code via the systempath parameter.
CVE-1999-1340 1 Hylafax 1 Hylafax 2026-04-16 N/A
Buffer overflow in faxalter in hylafax 4.0.2 allows local users to gain privileges via a long -m command line argument.
CVE-2002-1480 1 Phpgb 1 Phpgb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in phpGB before 1.20 allows remote attackers to inject arbitrary HTML or script into guestbook pages, which is executed when the administrator deletes the entry.
CVE-2004-0388 2 Oracle, Redhat 2 Mysql, Enterprise Linux 2026-04-16 N/A
The mysqld_multi script in MySQL allows local users to overwrite arbitrary files via a symlink attack.
CVE-1999-1345 1 Auto Ftp 1 Auto Ftp 2026-04-16 N/A
Auto_FTP.pl script in Auto_FTP 0.2 uses the /tmp/ftp_tmp as a shared directory with insecure permissions, which allows local users to (1) send arbitrary files to the remote server by placing them in the directory, and (2) view files that are being transferred.
CVE-2002-1481 1 Phpgb 1 Phpgb 2026-04-16 N/A
savesettings.php in phpGB 1.20 and earlier does not require authentication, which allows remote attackers to cause a denial of service or execute arbitrary PHP code by using savesettings.php to modify config.php.
CVE-2004-1438 1 Subversion 1 Subversion 2026-04-16 N/A
The mod_authz_svn Apache module for Subversion 1.0.4-r1 and earlier allows remote authenticated users, with write access to the repository, to read unauthorized parts of the repository via the svn copy command.
CVE-2004-2097 1 Suse 1 Suse Linux 2026-04-16 N/A
Multiple scripts on SuSE Linux 9.0 allow local users to overwrite arbitrary files via a symlink attack on (1) /tmp/fvwm-bug created by fvwm-bug, (2) /tmp/wmmenu created by wm-oldmenu2new, (3) /tmp/rates created by x11perfcomp, (4) /tmp/xf86debug.1.log created by xf86debug, (5) /tmp/.winpopup-new created by winpopup-send.sh, or (6) /tmp/initrd created by lvmcreate_initrd.
CVE-2004-2369 1 Ibm 1 Lotus Domino 2026-04-16 N/A
Directory traversal vulnerability in webadmin.nsf for Lotus Domino R6 6.5.1 allows attackers to create and detect directories via a .. (dot dot) in the directory creation command.
CVE-1999-1349 1 Xlink Technology 1 Omni-nfs X Enterprise 2026-04-16 N/A
NFS daemon (nfsd.exe) for Omni-NFS/X 6.1 allows remote attackers to cause a denial of service (resource exhaustion) via certain packets, possibly with the Urgent (URG) flag set, to port 111.