Export limit exceeded: 344908 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 344908 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344908 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0258 | 2 Icewarp, Merak | 2 Web Mail, Mail Server | 2026-04-16 | N/A |
| Merak Mail IceWarp Web Mail uses a static identifier as a user session ID that does not change across sessions, which could allow remote attackers with access to the ID to gain privileges as that user, e.g. by extracting the ID from the user's answer or forward URLs. | ||||
| CVE-2006-1988 | 1 Apple | 1 Safari | 2026-04-16 | N/A |
| The WebTextRenderer(WebInternal) _CG_drawRun:style:geometry: function in Apple Safari 2.0.3 allows remote attackers to cause a denial of service (application crash) via an HTML LI tag with a large VALUE attribute (list item number), which triggers a null dereference in QPainter::drawText, probably due to a failed memory allocation that uses the VALUE. | ||||
| CVE-2000-0948 | 1 Gnome | 1 Gnorpm | 2026-04-16 | N/A |
| GnoRPM before 0.95 allows local users to modify arbitrary files via a symlink attack. | ||||
| CVE-2000-0949 | 2 Lbl, Sun | 2 Lbl Traceroute, Sunos | 2026-04-16 | N/A |
| Heap overflow in savestr function in LBNL traceroute 1.4a5 and earlier allows a local user to execute arbitrary commands via the -g option. | ||||
| CVE-2000-0950 | 1 Tis | 1 Internet Firewall Toolkit | 2026-04-16 | N/A |
| Format string vulnerability in x-gw in TIS Firewall Toolkit (FWTK) allows local users to execute arbitrary commands via a malformed display name. | ||||
| CVE-2000-0951 | 1 Microsoft | 1 Internet Information Services | 2026-04-16 | N/A |
| A misconfiguration in IIS 5.0 with Index Server enabled and the Index property set allows remote attackers to list directories in the web root via a Web Distributed Authoring and Versioning (WebDAV) search. | ||||
| CVE-2002-0259 | 1 Instantservers Inc. | 1 Miniportal | 2026-04-16 | N/A |
| InstantServers MiniPortal 1.1.5 and earlier stores sensitive login and account data in plaintext in (1) .pwd files in the miniportal/apache directory, or (2) mplog.txt, which could allow local users to gain privileges. | ||||
| CVE-2000-0952 | 1 Shigio Yamaguchi | 1 Global | 2026-04-16 | N/A |
| global.cgi CGI program in Global 3.55 and earlier on NetBSD allows remote attackers to execute arbitrary commands via shell metacharacters. | ||||
| CVE-2000-0953 | 1 Evolvable Corporation | 1 Shambala Server | 2026-04-16 | N/A |
| Shambala Server 4.5 allows remote attackers to cause a denial of service by opening then closing a connection. | ||||
| CVE-2002-0260 | 1 Instantservers Inc. | 1 Miniportal | 2026-04-16 | N/A |
| Buffer overflow in InstantServers MiniPortal 1.1.5 and earlier allows remote attackers to execute arbitrary code via a long login name, which is not properly handled by the logging utility. | ||||
| CVE-2000-0956 | 1 Carnegie Mellon University | 1 Cyrus-sasl | 2026-04-16 | N/A |
| cyrus-sasl before 1.5.24 in Red Hat Linux 7.0 does not properly verify the authorization for a local user, which could allow the users to bypass specified access restrictions. | ||||
| CVE-2002-0261 | 1 Instantservers Inc. | 1 Miniportal | 2026-04-16 | N/A |
| Directory traversal vulnerability in InstantServers MiniPortal 1.1.5 and earlier allows remote authenticated users to read arbitrary files via a ... (modified dot dot) in the GET command. | ||||
| CVE-2000-0957 | 1 Pam Mysql | 1 Pam Mysql | 2026-04-16 | N/A |
| The pluggable authentication module for mysql (pam_mysql) before 0.4.7 does not properly cleanse user input when constructing SQL statements, which allows attackers to obtain plaintext passwords or hashes. | ||||
| CVE-2002-0262 | 1 Sybex | 1 E-trainer | 2026-04-16 | N/A |
| Directory traversal vulnerability in netget for Sybex E-Trainer web server allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | ||||
| CVE-2000-0958 | 1 Sun | 1 Hotjava Browser | 2026-04-16 | N/A |
| HotJava Browser 3.0 allows remote attackers to access the DOM of a web page by opening a javascript: URL in a named window. | ||||
| CVE-2002-0263 | 1 Ezne.net | 1 Ezboard 2000 | 2026-04-16 | N/A |
| Buffer overflow in EasyBoard 2000 1.27 (aka EZboard) allows remote attackers to execute arbitrary code via a long boundary value in a multipart Content-Type header to (1) ezboard.cgi, (2) ezman.cgi, or (3) ezadmin.cgi. | ||||
| CVE-2000-0959 | 1 Gnu | 1 Glibc | 2026-04-16 | N/A |
| glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environmental variables when a program is spawned from a setuid program, which could allow local users to overwrite files via a symlink attack. | ||||
| CVE-2002-0090 | 1 Sun | 1 Solaris | 2026-04-16 | N/A |
| Buffer overflow in Low BandWidth X proxy (lbxproxy) in Solaris 8 allows local users to execute arbitrary code via a long display command line option. | ||||
| CVE-2003-0851 | 3 Cisco, Openssl, Redhat | 7 Css11000 Content Services Switch, Ios, Pix Firewall and 4 more | 2026-04-16 | N/A |
| OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences. | ||||
| CVE-2001-0187 | 1 Washington University | 1 Wu-ftpd | 2026-04-16 | N/A |
| Format string vulnerability in wu-ftp 2.6.1 and earlier, when running with debug mode enabled, allows remote attackers to execute arbitrary commands via a malformed argument that is recorded in a PASV port assignment. | ||||