Total
29739 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-1517 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | N/A |
| RunAs (runas.exe) in Windows 2000 stores cleartext authentication information in memory, which could allow attackers to obtain usernames and passwords by executing a process that is allocated the same memory page after termination of a RunAs command. NOTE: the vendor disputes this issue, saying that administrative privileges are already required to exploit it, and the original researcher did not respond to requests for additional information | ||||
| CVE-2000-0537 | 1 Tolis Group | 1 Bru | 2025-04-03 | N/A |
| BRU backup software allows local users to append data to arbitrary files by specifying an alternate configuration file with the BRUEXECLOG environmental variable. | ||||
| CVE-2003-0590 | 1 Splatt | 1 Splatt Forum | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Splatt Forum allows remote attackers to insert arbitrary HTML and web script via the post icon (image_subject) field. | ||||
| CVE-1999-0807 | 1 Netscape | 1 Directory Server | 2025-04-03 | N/A |
| The Netscape Directory Server installation procedure leaves sensitive information in a file that is accessible to local users. | ||||
| CVE-2004-1353 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Unknown vulnerability in LDAP on Sun Solaris 8 and 9, when using Role Based Access Control (RBAC), allows local users to execute certain commands with additional privileges. | ||||
| CVE-2005-1287 | 1 Bk Dev | 1 Bk Forum | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in BK Forum 4.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to member.asp, (2) forum parameter to forum.asp, or (3) various parameters in register.asp. | ||||
| CVE-2000-0556 | 1 Computalynx | 1 Cmail | 2025-04-03 | N/A |
| Buffer overflow in the web interface for Cmail 2.4.7 allows remote attackers to cause a denial of service by sending a large user name to the user dialog running on port 8002. | ||||
| CVE-2005-4760 | 1 Bea | 1 Weblogic Server | 2025-04-03 | N/A |
| BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier, and 7.0 SP5 and earlier, when fullyDelegatedAuthorization is enabled for a servlet, does not cause servlet deployment to fail when failures occur in authorization or role providers, which might prevent the servlet from being "fully protected." | ||||
| CVE-1999-0824 | 1 Microsoft | 1 Windows Nt | 2025-04-03 | N/A |
| A Windows NT user can use SUBST to map a drive letter to a folder, which is not unmapped after the user logs off, potentially allowing that user to modify the location of folders accessed by later users. | ||||
| CVE-2001-0020 | 1 Cisco | 2 Arrowpoint, Content Services Switch | 2025-04-03 | N/A |
| Directory traversal vulnerability in Arrowpoint (aka Cisco Content Services, or CSS) allows local unprivileged users to read arbitrary files via a .. (dot dot) attack. | ||||
| CVE-2006-3300 | 1 Phpmysms | 1 Phpmysms | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in sms_config/gateway.php in PhpMySms 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the ROOT_PATH parameter. | ||||
| CVE-2004-2247 | 1 Goosequill | 1 Audienceconnect | 2025-04-03 | N/A |
| Unknown vulnerability in the "admin of paypal email addresses" in AudienceConnect before 1.0.beta.21 has unknown impact and attack vectors. | ||||
| CVE-2005-2076 | 1 Hp | 1 Version Control Repository Manager | 2025-04-03 | N/A |
| HP Version Control Repository Manager (VCRM) before 2.1.1.730 does not properly handle the "@" character in a proxy password, which could allow attackers with physical access to obtain portions of the password when it is displayed to the screen. | ||||
| CVE-2005-2205 | 1 Pngren | 1 Pngren | 2025-04-03 | N/A |
| The ReadLog function in kaiseki.cgi in pngren allows remote attackers to execute arbitrary commands via shell metacharacters in the query string. | ||||
| CVE-1999-0834 | 1 Rsa | 1 Rsaref | 2025-04-03 | N/A |
| Buffer overflow in RSAREF2 via the encryption and decryption functions in the RSAREF library. | ||||
| CVE-1999-0217 | 1 Sun | 1 Sunos | 2025-04-03 | N/A |
| Malicious option settings in UDP packets could force a reboot in SunOS 4.1.3 systems. | ||||
| CVE-1999-0204 | 1 Eric Allman | 1 Sendmail | 2025-04-03 | N/A |
| Sendmail 8.6.9 allows remote attackers to execute root commands, using ident. | ||||
| CVE-2005-2765 | 1 Microsoft | 2 Windows 2003 Server, Windows Xp | 2025-04-03 | N/A |
| The user interface in the Windows Firewall does not properly display certain malformed entries in the Windows Registry, which makes it easier for attackers with administrator privileges to hide activities if the administrator only uses the Windows Firewall interface to monitor exceptions. NOTE: the vendor disputes this issue, saying that since administrative privileges are already required, it is not a vulnerability. CVE has not yet formally decided if such "information hiding" issues should be included. | ||||
| CVE-1999-0973 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is running in verbose mode. | ||||
| CVE-1999-0865 | 1 Stalker | 1 Communigate Pro | 2025-04-03 | N/A |
| Buffer overflow in CommuniGatePro via a long string to the HTTP configuration port. | ||||