Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-4208 1 Flatnuke 1 Flatnuke 2026-04-16 N/A
Directory traversal vulnerability in Flatnuke 2.5.6 allows remote attackers to access arbitrary files via a .. (dot dot) and null byte (%00) in the id parameter of the read module.
CVE-2004-1007 2 Bogofilter, Ubuntu 2 Email Filter, Ubuntu Linux 2026-04-16 N/A
The quoted-printable decoder in bogofilter 0.17.4 to 0.92.7 allows remote attackers to cause a denial of service (application crash) via mail headers that cause a line feed (LF) to be replaced by a null byte that is written to an incorrect memory address.
CVE-1999-1039 1 Sgi 1 Irix 2026-04-16 N/A
Vulnerability in (1) diskalign and (2) diskperf in IRIX 6.4 patches 2291 and 2848 allow a local user to create root-owned files leading to a root compromise.
CVE-1999-1149 1 Computer Software Manufaktur 1 Csm Proxy 2026-04-16 N/A
Buffer overflow in CSM Proxy 4.1 allows remote attackers to cause a denial of service (crash) via a long string to the FTP port.
CVE-1999-1082 1 T. Hauck 1 Jana Web Server 2026-04-16 N/A
Directory traversal vulnerability in Jana proxy web server 1.40 allows remote attackers to ready arbitrary files via a "......" (modified dot dot) attack.
CVE-1999-1150 1 Livingston Portmaster 1 Portmaster 2026-04-16 N/A
Livingston Portmaster routers running ComOS use the same initial sequence number (ISN) for TCP connections, which allows remote attackers to conduct spoofing and hijack TCP sessions.
CVE-1999-1153 1 Hamcards Postcard Cgi 1 Hamcards Postcard Cgi 2026-04-16 N/A
HAMcards Postcard CGI script 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient email address.
CVE-1999-1089 1 Hp 1 Hp-ux 2026-04-16 N/A
Buffer overflow in chfn command in HP-UX 9.X through 10.20 allows local users to gain privileges via a long command line argument.
CVE-2006-2114 1 Sws 1 Sws Simple Web Server 2026-04-16 N/A
Buffer overflow in SWS web Server 0.1.7 allows remote attackers to execute arbitrary code via a long request.
CVE-1999-1155 1 Lakeweb 1 Mail List Cgi Script 2026-04-16 N/A
LakeWeb Mail List CGI script allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient email address.
CVE-2004-1113 1 Sqlgrey 1 Sqlgrey Postfix Greylisting Service 2026-04-16 N/A
SQL injection vulnerability in SQLgrey Postfix greylisting service before 1.2.0 allows remote attackers to execute arbitrary SQL commands via the (1) sender or (2) recipient e-mail addresses.
CVE-2005-4510 1 Extensis 1 Netpublish Server 2026-04-16 N/A
Directory traversal vulnerability in server.np in NetPublish Server 7 allows remote attackers to read arbitrary files via "../" sequences in the template parameter.
CVE-1999-1092 1 Iain Lea 1 Tin 2026-04-16 N/A
tin 1.40 creates the .tin directory with insecure permissions, which allows local users to read passwords from the .inputhistory file.
CVE-2004-1121 1 Apple 1 Safari 2026-04-16 N/A
Apple Safari 1.0 through 1.2.3 allows remote attackers to spoof the URL displayed in the status bar via TABLE tags.
CVE-1999-1093 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Buffer overflow in the Window.External function in the JScript Scripting Engine in Internet Explorer 4.01 SP1 and earlier allows remote attackers to execute arbitrary commands via a malicious web page.
CVE-1999-1094 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Buffer overflow in Internet Explorer 4.01 and earlier allows remote attackers to execute arbitrary commands via a long URL with the "mk:" protocol, aka the "MK Overrun security issue."
CVE-1999-1096 1 Kde 1 Kde 2026-04-16 N/A
Buffer overflow in kscreensaver in KDE klock allows local users to gain root privileges via a long HOME environmental variable.
CVE-2004-1148 1 Phpmyadmin 1 Phpmyadmin 2026-04-16 N/A
phpMyAdmin before 2.6.1, when configured with UploadDir functionality, allows remote attackers to read arbitrary files via the sql_localfile parameter.
CVE-1999-1100 1 Cisco 1 Pix Private Link 2026-04-16 N/A
Cisco PIX Private Link 4.1.6 and earlier does not properly process certain commands in the configuration file, which reduces the effective key length of the DES key to 48 bits instead of 56 bits, which makes it easier for an attacker to find the proper key via a brute force attack.
CVE-2004-1160 1 Netscape 1 Navigator 2026-04-16 N/A
Netscape 7.x to 7.2, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability.