Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0676 1 Sun 2 Iplanet Directory Server, One Directory Server 2026-04-16 N/A
Directory traversal vulnerability in ViewLog for iPlanet Administration Server 5.1 (aka Sun ONE) allows remote attackers to read arbitrary files via "..%2f" (partially encoded dot dot) sequences.
CVE-2003-0656 1 Eroaster 1 Eroaster 2026-04-16 N/A
eroaster before 2.2.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file that is used as a lockfile.
CVE-2003-0649 1 Xpcd 1 Xpcd 2026-04-16 N/A
Buffer overflow in xpcd-svga for xpcd 2.08 and earlier allows local users to execute arbitrary code via a long HOME environment variable.
CVE-2003-0645 1 Andries Brouwer 1 Man 2026-04-16 N/A
man-db 2.3.12 and 2.3.18 to 2.4.1 uses certain user-controlled DEFINE directives from the ~/.manpath file, even when running setuid, which could allow local users to gain privileges.
CVE-2001-0846 1 Lotus 1 Domino 2026-04-16 N/A
Lotus Domino 5.x allows remote attackers to read files or execute arbitrary code by requesting the ReplicaID of the Web Administrator template file (webadmin.ntf).
CVE-2002-1925 1 Tiny Software 1 Tiny Personal Firewall 2026-04-16 N/A
Tiny Personal Firewall 3.0 through 3.0.6 allows remote attackers to cause a denial of service (crash) by via SYN, UDP, ICMP and TCP portscans when the administrator selects the Log tab of the Personal Firewall Agent module.
CVE-2004-0578 1 Qbik 1 Wingate 2026-04-16 N/A
WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other versions such as 5.0.5, allows remote attackers to read arbitrary files via leading slash (//) characters in a URL request to the wingate-internal directory.
CVE-2004-1502 1 Software602 1 602lan Suite 2026-04-16 N/A
The Telnet proxy in 602 Lan Suite 2004.0.04.0909 and earlier allows remote attackers to cause a denial of service (socket exhaustion) via a Telnet request to an IP address of the proxy's network interface, which causes a loop.
CVE-2000-0309 1 Openbsd 1 Openbsd 2026-04-16 N/A
The i386 trace-trap handling in OpenBSD 2.4 with DDB enabled allows a local user to cause a denial of service.
CVE-2002-1934 1 Pingtel 1 Xpressa 2026-04-16 N/A
Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 2.0.1 leaks sensitive information during boot-up, which allows attackers to obtain the MD5 hash of the Admin password, MD5 hash of the physical password, and other registration information.
CVE-2004-0583 3 Debian, Usermin, Webmin 3 Debian Linux, Usermin, Webmin 2026-04-16 N/A
The account lockout functionality in (1) Webmin 1.140 and (2) Usermin 1.070 does not parse certain character strings, which allows remote attackers to conduct a brute force attack to guess user IDs and passwords.
CVE-2004-1507 1 Webcalendar 1 Webcalendar 2026-04-16 N/A
CRLF injection vulnerability in login.php in WebCalendar allows remote attackers to inject CRLF sequences via the return_path parameter and perform HTTP Response Splitting attacks to modify expected HTML content from the server.
CVE-2000-0310 1 Openbsd 1 Openbsd 2026-04-16 N/A
IP fragment assembly in OpenBSD 2.4 allows a remote attacker to cause a denial of service by sending a large number of fragmented packets.
CVE-2002-1936 1 Utstarcom 1 Bas 1000 2026-04-16 N/A
UTStarcom BAS 1000 3.1.10 creates several default or back door accounts and passwords, which allows remote attackers to gain access via (1) field account with a password of "*field", (2) guru account with a password of "*3noguru", (3) snmp account with a password of "snmp", or (4) dbase account with a password of "dbase".
CVE-2004-0587 3 Mandrakesoft, Redhat, Suse 5 Mandrake Linux, Mandrake Linux Corporate Server, Enterprise Linux and 2 more 2026-04-16 N/A
Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service.
CVE-2004-1509 1 Webcalendar 1 Webcalendar 2026-04-16 N/A
validate.php in WebCalendar allows remote attackers to gain sensitive information via an invalid encoded_login parameter, which reveals the full path in an error message.
CVE-2004-2145 1 Pd9 Software 1 Megabbs 2026-04-16 N/A
SQL injection vulnerability in PD9 Software MegaBBS 2 and 2.1 allows remote attackers to execute arbitrary SQL commands via the (1) sortdir or (2) criteria parameter to ladder-log.asp or the (3) memberid or (4) teamid parameter to view-profile.asp.
CVE-2004-2378 1 Calacode 1 At Mail Webmail System 2026-04-16 N/A
@Mail 3.64 for Windows allows remote attackers to cause a denial of service ("unusable" server) via a large number of POP3 connections to the server.
CVE-2000-0311 1 Microsoft 1 Windows 2000 2026-04-16 N/A
The Windows 2000 domain controller allows a malicious user to modify Active Directory information by modifying an unprotected attribute, aka the "Mixed Object Access" vulnerability.
CVE-2002-1937 1 Symantec 3 Firewall Vpn Appliance 100, Firewall Vpn Appliance 200, Firewall Vpn Appliance 200r 2026-04-16 N/A
Symantec Firewall/VPN Appliance 100 through 200R hardcodes the administrator's MAC address inside the firewall's configuration, which allows remote attackers to spoof the administrator's MAC address and perform an ARP poisoning man-in-the-middle attack to obtain the administrator's password.