Export limit exceeded: 362599 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-1340 1 Hylafax 1 Hylafax 2026-04-16 N/A
Buffer overflow in faxalter in hylafax 4.0.2 allows local users to gain privileges via a long -m command line argument.
CVE-2002-1480 1 Phpgb 1 Phpgb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in phpGB before 1.20 allows remote attackers to inject arbitrary HTML or script into guestbook pages, which is executed when the administrator deletes the entry.
CVE-2004-0388 2 Oracle, Redhat 2 Mysql, Enterprise Linux 2026-04-16 N/A
The mysqld_multi script in MySQL allows local users to overwrite arbitrary files via a symlink attack.
CVE-1999-1345 1 Auto Ftp 1 Auto Ftp 2026-04-16 N/A
Auto_FTP.pl script in Auto_FTP 0.2 uses the /tmp/ftp_tmp as a shared directory with insecure permissions, which allows local users to (1) send arbitrary files to the remote server by placing them in the directory, and (2) view files that are being transferred.
CVE-2002-1481 1 Phpgb 1 Phpgb 2026-04-16 N/A
savesettings.php in phpGB 1.20 and earlier does not require authentication, which allows remote attackers to cause a denial of service or execute arbitrary PHP code by using savesettings.php to modify config.php.
CVE-2004-1438 1 Subversion 1 Subversion 2026-04-16 N/A
The mod_authz_svn Apache module for Subversion 1.0.4-r1 and earlier allows remote authenticated users, with write access to the repository, to read unauthorized parts of the repository via the svn copy command.
CVE-2004-2097 1 Suse 1 Suse Linux 2026-04-16 N/A
Multiple scripts on SuSE Linux 9.0 allow local users to overwrite arbitrary files via a symlink attack on (1) /tmp/fvwm-bug created by fvwm-bug, (2) /tmp/wmmenu created by wm-oldmenu2new, (3) /tmp/rates created by x11perfcomp, (4) /tmp/xf86debug.1.log created by xf86debug, (5) /tmp/.winpopup-new created by winpopup-send.sh, or (6) /tmp/initrd created by lvmcreate_initrd.
CVE-2004-2369 1 Ibm 1 Lotus Domino 2026-04-16 N/A
Directory traversal vulnerability in webadmin.nsf for Lotus Domino R6 6.5.1 allows attackers to create and detect directories via a .. (dot dot) in the directory creation command.
CVE-1999-1349 1 Xlink Technology 1 Omni-nfs X Enterprise 2026-04-16 N/A
NFS daemon (nfsd.exe) for Omni-NFS/X 6.1 allows remote attackers to cause a denial of service (resource exhaustion) via certain packets, possibly with the Urgent (URG) flag set, to port 111.
CVE-2002-1482 1 Phpgb 1 Phpgb 2026-04-16 N/A
SQL injection vulnerability in login.php for phpGB 1.20 and earlier, when magic_quotes_gpc is not enabled, allows remote attackers to gain administrative privileges via SQL code in the password entry.
CVE-2004-0390 1 Sco 1 Openserver 2026-04-16 N/A
SCO OpenServer 5.0.5 through 5.0.7 only supports Xauthority style access control when users log in using scologin, which allows remote attackers to gain unauthorized access to an X session via other X login methods.
CVE-2004-1439 1 Sapporoworks 1 Black Jumbodog 2026-04-16 N/A
Buffer overflow in BlackJumboDog 3.x allows remote attackers to execute arbitrary code via long FTP commands such as (1) USER, (2) PASS, (3) RETR,(4) CWD, (5) XMKD, and (6) XRMD.
CVE-2004-2098 1 Native Solutions 1 Tbe Banner Engine 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the banner engine (TBE) 5.0 allows remote attackers to execute arbitrary script as other users via the HTML banner view/preview capability.
CVE-1999-1354 1 Softarc 1 Firstclass Internet Server 2026-04-16 N/A
E-mail client in Softarc FirstClass Internet Server 5.506 and earlier stores usernames and passwords in cleartext in the files (1) home.fc for version 5.506, (2) network.fc for version 3.5, or (3) FCCLIENT.LOG when logging is enabled.
CVE-2002-1483 1 Db4web 1 Db4web 2026-04-16 N/A
db4web_c and db4web_c.exe programs in DB4Web 3.4 and 3.6 allow remote attackers to read arbitrary files via an HTTP request whose argument is a filename of the form (1) C: (drive letter), (2) //absolute/path (double-slash), or (3) .. (dot-dot).
CVE-2004-0395 1 Gatos 1 Gatos 2026-04-16 N/A
The xatitv program in the gatos package does not properly drop root privileges when the configuration file does not exist, which allows local users to execute arbitrary commands via shell metacharacters in a system call.
CVE-2004-1440 1 Putty 1 Putty 2026-04-16 N/A
Multiple heap-based buffer overflows in the modpow function in PuTTY before 0.55 allow (1) remote attackers to execute arbitrary code via an SSH2 packet with a base argument that is larger than the mod argument, which causes the modpow function to write memory before the beginning of its buffer, and (2) remote malicious servers to cause a denial of service (client crash) and possibly execute arbitrary code via a large bignum during authentication.
CVE-2004-2100 1 Geovision 1 Geohttpserver 2026-04-16 N/A
GeoHttpServer, when configured to authenticate users, allows remote attackers to bypass authentication and access unauthorized files via a URL that contains %0a%0a (encoded newlines).
CVE-1999-1356 1 Compaq 1 Smartstart 2026-04-16 N/A
Compaq Integration Maintenance Utility as used in Compaq Insight Manager agent before SmartStart 4.50 modifies the legal notice caption (LegalNoticeCaption) and text (LegalNoticeText) in Windows NT, which could produce a legal notice that is in violation of the security policy.
CVE-1999-1365 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Windows NT searches a user's home directory (%systemroot% by default) before other directories to find critical programs such as NDDEAGNT.EXE, EXPLORER.EXE, USERINIT.EXE or TASKMGR.EXE, which could allow local users to bypass access restrictions or gain privileges by placing a Trojan horse program into the root directory, which is writable by default.