Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0805 | 2 Mozilla, Redhat | 2 Bugzilla, Powertools | 2026-04-16 | N/A |
| Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, (1) creates new directories with world-writable permissions, and (2) creates the params file with world-writable permissions, which allows local users to modify the files and execute code. | ||||
| CVE-1999-0493 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SM_MON and SM_NOTIFY commands, which in turn could be used to remotely exploit other bugs such as in automountd. | ||||
| CVE-2002-0807 | 2 Mozilla, Redhat | 2 Bugzilla, Powertools | 2026-04-16 | N/A |
| Cross-site scripting vulnerabilities in Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, could allow remote attackers to execute script as other Bugzilla users via the full name (real name) field, which is not properly quoted by editusers.cgi. | ||||
| CVE-1999-0494 | 1 Wingate | 1 Wingate | 2026-04-16 | N/A |
| Denial of service in WinGate proxy through a buffer overflow in POP3. | ||||
| CVE-2002-0809 | 2 Mozilla, Redhat | 2 Bugzilla, Powertools | 2026-04-16 | N/A |
| Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, does not properly handle URL-encoded field names that are generated by some browsers, which could cause certain fields to appear to be unset, which has the effect of removing group permissions on bugs when buglist.cgi is provided with the encoded field names. | ||||
| CVE-1999-0495 | 2026-04-16 | N/A | ||
| A remote attacker can gain access to a file system using .. (dot dot) when accessing SMB shares. | ||||
| CVE-2002-0818 | 1 Wwwoffle | 1 Wwwoffle | 2026-04-16 | N/A |
| wwwoffled in World Wide Web Offline Explorer (WWWOFFLE) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a negative Content-Length value. | ||||
| CVE-2004-1971 | 1 Oscar Fafian | 1 Video Gallery | 2026-04-16 | N/A |
| modules.php in PHP-Nuke Video Gallery Module 0.1 Beta 5 allows remote attackers to gain sensitive information via an HTTP request with an invalid (1) catid or (2) clipid parameter, which reveals the full path in an error message. | ||||
| CVE-1999-0497 | 2026-04-16 | N/A | ||
| Anonymous FTP is enabled. | ||||
| CVE-2002-0819 | 1 Artsd | 1 Artsd | 2026-04-16 | N/A |
| Format string vulnerability in artsd, when called by artswrapper, allows local users to gain privileges via format strings in the -a argument, which results in an error message that is not properly handled in a call to the arts_fatal function. | ||||
| CVE-2004-1219 | 1 Php Arena | 1 Pafiledb | 2026-04-16 | N/A |
| paFileDB 3.1, when using sessions authentication and while the administrator logs on, allows remote attackers to read the administrator's password hash and conduct brute force password guessing attacks by listing the contents of the sessions directory and reading the associated file for the administrator session. | ||||
| CVE-1999-0575 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| A Windows NT system's user audit policy does not log an event success or failure, e.g. for Logon and Logoff, File and Object Access, Use of User Rights, User and Group Management, Security Policy Changes, Restart, Shutdown, and System, and Process Tracking. | ||||
| CVE-1999-0576 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| A Windows NT system's file audit policy does not log an event success or failure for security-critical files or directories. | ||||
| CVE-2002-0857 | 1 Oracle | 2 Database Server, Oracle8i | 2026-04-16 | N/A |
| Format string vulnerabilities in Oracle Listener Control utility (lsnrctl) for Oracle 9.2 and 9.0, 8.1, and 7.3.4, allow remote attackers to execute arbitrary code on the Oracle DBA system by placing format strings into certain entries in the listener.ora configuration file. | ||||
| CVE-1999-0577 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| A Windows NT system's file audit policy does not log an event success or failure for non-critical files or directories. | ||||
| CVE-1999-0578 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| A Windows NT system's registry audit policy does not log an event success or failure for security-critical registry keys. | ||||
| CVE-2002-0858 | 1 Oracle | 2 Oracle8i, Oracle9i | 2026-04-16 | N/A |
| catsnmp in Oracle 9i and 8i is installed with a dbsnmp user with a default dbsnmp password, which allows attackers to perform restricted database operations and possibly gain other privileges. | ||||
| CVE-1999-0579 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| A Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys. | ||||
| CVE-2002-0859 | 1 Microsoft | 2 Jet, Sql Server | 2026-04-16 | N/A |
| Buffer overflow in the OpenDataSource function of the Jet engine on Microsoft SQL Server 2000 allows remote attackers to execute arbitrary code. | ||||
| CVE-1999-0580 | 2026-04-16 | N/A | ||
| The HKEY_LOCAL_MACHINE key in a Windows NT system has inappropriate, system-critical permissions. | ||||