Export limit exceeded: 344930 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344930 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-0269 | 1 Netscape | 1 Enterprise Server | 2026-04-16 | N/A |
| Netscape Enterprise servers may list files through the PageServices query. | ||||
| CVE-1999-0597 | 2026-04-16 | N/A | ||
| A Windows NT account policy does not forcibly disconnect remote users from the server when their logon hours expire. | ||||
| CVE-1999-0955 | 1 Washington University | 1 Wu-ftpd | 2026-04-16 | N/A |
| Race condition in wu-ftpd and BSDI ftpd allows remote attackers to gain root access via the SITE EXEC command. | ||||
| CVE-2004-1015 | 3 Carnegie Mellon University, Redhat, Ubuntu | 3 Cyrus Imap Server, Fedora Core, Ubuntu Linux | 2026-04-16 | N/A |
| Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2004-1011. | ||||
| CVE-2004-1016 | 3 Linux, Redhat, Ubuntu | 3 Linux Kernel, Enterprise Linux, Ubuntu Linux | 2026-04-16 | N/A |
| The scm_send function in the scm layer for Linux kernel 2.4.x up to 2.4.28, and 2.6.x up to 2.6.9, allows local users to cause a denial of service (system hang) via crafted auxiliary messages that are passed to the sendmsg function, which causes a deadlock condition. | ||||
| CVE-2004-1017 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| Multiple "overflows" in the io_edgeport driver for Linux kernel 2.4.x have unknown impact and unknown attack vectors. | ||||
| CVE-1999-0313 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| disk_bandwidth on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local users to gain root access using relative pathnames. | ||||
| CVE-1999-0965 | 1 X.org | 1 X11 | 2026-04-16 | N/A |
| Race condition in xterm allows local users to modify arbitrary files via the logging option. | ||||
| CVE-1999-0330 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| Linux bdash game has a buffer overflow that allows local users to gain root access. | ||||
| CVE-1999-0991 | 1 Goodtech | 1 Telnet Server Nt | 2026-04-16 | N/A |
| Buffer overflow in GoodTech Telnet Server NT allows remote users to cause a denial of service via a long login name. | ||||
| CVE-1999-0350 | 1 Rational Software | 1 Clearcase | 2026-04-16 | N/A |
| Race condition in the db_loader program in ClearCase gives local users root access by setting SUID bits. | ||||
| CVE-1999-0994 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Windows NT with SYSKEY reuses the keystream that is used for encrypting SAM password hashes, allowing an attacker to crack passwords. | ||||
| CVE-1999-0388 | 1 Datalynx | 1 Suguard | 2026-04-16 | N/A |
| DataLynx suGuard trusts the PATH environment variable to execute the ps command, allowing local users to execute commands as root. | ||||
| CVE-2004-1018 | 3 Canonical, Php, Redhat | 5 Ubuntu Linux, Php, Enterprise Linux and 2 more | 2026-04-16 | N/A |
| Multiple integer handling errors in PHP before 4.3.10 allow attackers to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via (1) a negative offset value to the shmop_write function, (2) an "integer overflow/underflow" in the pack function, or (3) an "integer overflow/underflow" in the unpack function. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion. | ||||
| CVE-2004-1019 | 5 Openpkg, Php, Redhat and 2 more | 7 Openpkg, Php, Enterprise Linux and 4 more | 2026-04-16 | N/A |
| The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger "information disclosure, double-free and negative reference index array underflow" results. | ||||
| CVE-2004-1020 | 1 Php | 1 Php | 2026-04-16 | N/A |
| The addslashes function in PHP 4.3.9 does not properly escape a NULL (/0) character, which may allow remote attackers to read arbitrary files in PHP applications that contain a directory traversal vulnerability in require or include statements, but are otherwise protected by the magic_quotes_gpc mechanism. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion. | ||||
| CVE-2004-1021 | 1 Apple | 1 Ical | 2026-04-16 | N/A |
| iCal before 1.5.4 on Mac OS X 10.2.3, and other later versions, does not alert the user when handling calendars that use alarms, which allows attackers to execute programs and send e-mail via alarms. | ||||
| CVE-2004-1023 | 1 Kerio | 3 Kerio Mailserver, Serverfirewall, Winroute Firewall | 2026-04-16 | N/A |
| Kerio Winroute Firewall before 6.0.9, ServerFirewall before 1.0.1, and MailServer before 6.0.5, when installed on Windows based systems, do not modify the ACLs for critical files, which allows local users with Power Users privileges to modify programs, install malicious DLLs in the plug-ins folder, and modify XML files related to configuration. | ||||
| CVE-2004-1029 | 5 Conectiva, Gentoo, Hp and 2 more | 8 Linux, Linux, Hp-ux and 5 more | 2026-04-16 | N/A |
| The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages. | ||||
| CVE-2004-1030 | 2 Gentoo, Thibault Godouet | 2 Linux, Fcron | 2026-04-16 | N/A |
| fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to gain sensitive information by calling fcronsighup with an arbitrary file, which reveals the contents of the file that can not be parsed in an error message. | ||||