Total
29932 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-0044 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| fsdump command in IRIX allows local users to obtain root access by modifying sensitive files. | ||||
| CVE-1999-0080 | 1 Washington University | 1 Wu-ftpd | 2026-04-16 | N/A |
| Certain configurations of wu-ftp FTP server 2.4 use a _PATH_EXECPATH setting to a directory with dangerous commands, such as /bin, which allows remote authenticated users to gain root access via the "site exec" command. | ||||
| CVE-2004-2523 | 1 Openftpd | 1 Openftpd Ftp Server | 2026-04-16 | N/A |
| Format string vulnerability in the msg command (cat_message function in msg.c) in OpenFTPD 0.30.2 and earlier allows remote authenticated users to execute arbitrary code via format string specifiers in the message argument. | ||||
| CVE-1999-0087 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Denial of service in AIX telnet can freeze a system and prevent users from accessing the server. | ||||
| CVE-2003-1042 | 1 Mozilla | 1 Bugzilla | 2026-04-16 | N/A |
| SQL injection vulnerability in collectstats.pl for Bugzilla 2.16.3 and earlier allows remote authenticated users with editproducts privileges to execute arbitrary SQL via the product name. | ||||
| CVE-2004-2524 | 1 Whm Autopilot | 1 Whm Autopilot | 2026-04-16 | N/A |
| clogin.php in Benchmark Designs' WHM AutoPilot 2.4.5 and earlier allows remote attackers to obtain plaintext username and password credentials by using the clogin_e and base64_encode functions to encode the desired user ID in the c parameter, then read the plaintext values in the resulting form. | ||||
| CVE-2004-2525 | 1 S9y | 1 Serendipity | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in compat.php in Serendipity before 0.7.1 allows remote attackers to inject arbitrary web script or HTML via the searchTerm variable. | ||||
| CVE-1999-0121 | 2026-04-16 | N/A | ||
| Buffer overflow in dtaction command gives root access. | ||||
| CVE-2003-1268 | 1 Urlogy | 1 A.shop.kart | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in (1) addcustomer.asp, (2) addprod.asp, and (3) process.asp in a.shopKart 2.0.3 allow remote attackers to execute arbitrary SQL and obtain sensitive information via the zip, state, country, phone, and fax parameters. | ||||
| CVE-2003-1278 | 1 Infopop | 1 Opentopic | 2026-04-16 | N/A |
| Cross-site scripting vulnerability (XSS) in OpenTopic 2.3.1 allows remote attackers to execute arbitrary script as other users and possibly steal authentication information via cookies by injecting arbitrary HTML or script into IMG tags. | ||||
| CVE-1999-0143 | 3 Mit, Process Software, Sun | 4 Kerberos, Kerberos 5, Multinet and 1 more | 2026-04-16 | N/A |
| Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys. | ||||
| CVE-1999-0159 | 1 Cisco | 1 Ios | 2026-04-16 | 3.5 Low |
| Attackers can crash a Cisco IOS router or device, provided they can get to an interactive prompt (such as a login). This applies to some IOS 9.x, 10.x, and 11.x releases. | ||||
| CVE-1999-0192 | 2 Redhat, Slackware | 2 Linux, Slackware Linux | 2026-04-16 | N/A |
| Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable. | ||||
| CVE-2003-1309 | 1 Zonelabs | 1 Zonealarm | 2026-04-16 | N/A |
| The DeviceIoControl function in the TrueVector Device Driver (VSDATANT) in ZoneAlarm before 3.7.211, Pro before 4.0.146.029, and Plus before 4.0.146.029 allows local users to gain privileges via certain signals (aka "Device Driver Attack"). | ||||
| CVE-2003-1105 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Unknown vulnerability in Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to cause a denial of service (browser or Outlook Express crash) via HTML with certain input tags that are not properly rendered. | ||||
| CVE-1999-0203 | 1 Eric Allman | 1 Sendmail | 2026-04-16 | N/A |
| In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program. | ||||
| CVE-2003-1330 | 2 Clearswift Limited, Microsoft | 2 Mailsweeper, All Windows | 2026-04-16 | N/A |
| Clearswift MAILsweeper for SMTP 4.3.6 SP1 does not execute custom "on strip unsuccessful" hooks, which allows remote attackers to bypass e-mail attachment filtering policies via an attachment that MAILsweeper can detect but not remove. | ||||
| CVE-1999-0223 | 1 Sun | 1 Sunos | 2026-04-16 | N/A |
| Solaris syslogd crashes when receiving a message from a host that doesn't have an inverse DNS entry. | ||||
| CVE-2003-1131 | 1 Activecampaign | 1 Knowledgebuilder | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in index.php in KnowledgeBuilder, referred to as KnowledgeBase, allows remote attackers to execute arbitrary PHP code by modifying the page parameter to reference a URL on a remote web server that contains the code. | ||||
| CVE-1999-0230 | 1 Cisco | 1 Ios | 2026-04-16 | N/A |
| Buffer overflow in Cisco 7xx routers through the telnet service. | ||||