Total
29914 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-1022 | 1 Working Resources Inc. | 1 Badblue | 2026-04-16 | N/A |
| BadBlue server stores passwords in plaintext in the ext.ini file, which could allow local and possibly remote attackers to gain privileges. | ||||
| CVE-2005-3346 | 1 Osh | 1 Osh | 2026-04-16 | N/A |
| Buffer overflow in the environment variable substitution code in main.c in OSH 1.7-14 allows local users to inject arbitrary environment variables, such as LD_PRELOAD, via pathname arguments of the form "$VAR/EVAR=arg", which cause the EVAR portion to be appended to a buffer returned by a getenv function call. | ||||
| CVE-2006-4570 | 2 Mozilla, Redhat | 3 Seamonkey, Thunderbird, Enterprise Linux | 2026-04-16 | N/A |
| Mozilla Thunderbird before 1.5.0.7 and SeaMonkey before 1.0.5, with "Load Images" enabled, allows remote user-assisted attackers to bypass settings that disable JavaScript via a remote XBL file in a message that is loaded when the user views, forwards, or replies to the original message. | ||||
| CVE-2006-4956 | 1 Neosys | 1 Neon Webmail | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the updateuser servlet in Neon WebMail for Java before 5.08 allows remote attackers to inject arbitrary web script or HTML via the in_name parameter, as used by the Name field. | ||||
| CVE-2002-1031 | 1 Key Focus | 1 Kf Web Server | 2026-04-16 | N/A |
| KeyFocus (KF) web server 1.0.2 allows remote attackers to list directories and read restricted files via an HTTP request containing a %00 (null) character. | ||||
| CVE-1999-0730 | 1 Debian | 1 Debian Linux | 2026-04-16 | N/A |
| The zsoelim program in the Debian man-db package allows local users to overwrite files via a symlink attack. | ||||
| CVE-1999-0735 | 1 Kde | 1 K-mail | 2026-04-16 | N/A |
| KDE K-Mail allows local users to gain privileges via a symlink attack in temporary user directories. | ||||
| CVE-1999-0738 | 1 Microsoft | 1 Internet Information Server | 2026-04-16 | N/A |
| The code.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. | ||||
| CVE-2002-1032 | 1 Key Focus | 1 Kf Web Server | 2026-04-16 | N/A |
| Buffer overflow in KeyFocus (KF) web server 1.0.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed HTTP header. | ||||
| CVE-1999-0741 | 1 Qms | 1 Crownnet Unix Utilities | 2026-04-16 | N/A |
| QMS CrownNet Unix Utilities for 2060 allows root to log on without a password. | ||||
| CVE-1999-0749 | 1 Microsoft | 2 Windows 95, Windows 98 | 2026-04-16 | N/A |
| Buffer overflow in Microsoft Telnet client in Windows 95 and Windows 98 via a malformed Telnet argument. | ||||
| CVE-2002-1035 | 1 Omnicron | 1 Omnihttpd | 2026-04-16 | N/A |
| Omnicron OmniHTTPd 2.09 allows remote attackers to cause a denial of service (crash) via an HTTP request with a long, malformed HTTP 1version number. | ||||
| CVE-1999-0750 | 1 Microsoft | 1 Hotmail | 2026-04-16 | N/A |
| Hotmail allows Javascript to be executed via the HTML STYLE tag, allowing remote attackers to execute commands on the user's Hotmail account. | ||||
| CVE-1999-0754 | 1 Isc | 1 Inn | 2026-04-16 | N/A |
| The INN inndstart program allows local users to gain privileges by specifying an alternate configuration file using the INNCONF environmental variable. | ||||
| CVE-2002-1051 | 1 Ehud Gavron | 1 Tracesroute | 2026-04-16 | N/A |
| Format string vulnerability in TrACESroute 6.0 GOLD (aka NANOG traceroute) allows local users to execute arbitrary code via the -T (terminator) command line argument. | ||||
| CVE-1999-0760 | 1 Allaire | 1 Coldfusion Server | 2026-04-16 | N/A |
| Undocumented ColdFusion Markup Language (CFML) tags and functions in the ColdFusion Administrator allow users to gain additional privileges. | ||||
| CVE-2005-3393 | 1 Openvpn | 2 Openvpn, Openvpn Access Server | 2026-04-16 | N/A |
| Format string vulnerability in the foreign_option function in options.c for OpenVPN 2.0.x allows remote clients to execute arbitrary code via format string specifiers in a push of the dhcp-option command option. | ||||
| CVE-2002-1065 | 1 T. Hauck | 1 Jana Web Server | 2026-04-16 | N/A |
| Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, does not restrict the number of unsuccessful login attempts, which makes it easier for remote attackers to gain privileges via brute force username and password guessing. | ||||
| CVE-1999-0770 | 1 Checkpoint | 1 Firewall-1 | 2026-04-16 | N/A |
| Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allowing an attacker to conduct a denial of service via a large number of connection attempts to unresponsive systems. | ||||
| CVE-1999-0771 | 1 Compaq | 2 Insight Management Agent, Power Management | 2026-04-16 | N/A |
| The web components of Compaq Management Agents and the Compaq Survey Utility allow a remote attacker to read arbitrary files via a .. (dot dot) attack. | ||||