Filtered by NVD-CWE-Other
Total 29942 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2006-3565 1 Hivemail 1 Hivemail 2026-04-16 N/A
SQL injection vulnerability in search.results.php in HiveMail 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the fields[] parameter.
CVE-2005-1039 1 Gnu 1 Coreutils 2026-04-16 N/A
Race condition in Core Utilities (coreutils) 5.2.1, when (1) mkdir, (2) mknod, or (3) mkfifo is running with the -m switch, allows local users to modify permissions of other files.
CVE-1999-1087 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 4 treats a 32-bit number ("dotless IP address") in the a URL as the hostname instead of an IP address, which causes IE to apply Local Intranet Zone settings to the resulting web page, allowing remote malicious web servers to conduct unauthorized activities by using URLs that contain the dotless IP address for their server.
CVE-1999-1098 1 Bsd 1 Bsd 2026-04-16 N/A
Vulnerability in BSD Telnet client with encryption and Kerberos 4 authentication allows remote attackers to decrypt the session via sniffing.
CVE-1999-1100 1 Cisco 1 Pix Private Link 2026-04-16 N/A
Cisco PIX Private Link 4.1.6 and earlier does not properly process certain commands in the configuration file, which reduces the effective key length of the DES key to 48 bits instead of 56 bits, which makes it easier for an attacker to find the proper key via a brute force attack.
CVE-2001-0073 1 Nsa 1 Security-enhanced Linux 2026-04-16 N/A
Buffer overflow in the find_default_type function in libsecure in NSA Security-enhanced Linux, which may allow attackers to modify critical data in memory.
CVE-2001-1185 1 Freebsd 1 Freebsd 2026-04-16 N/A
Some AIO operations in FreeBSD 4.4 may be delayed until after a call to execve, which could allow a local user to overwrite memory of the new process and gain privileges.
CVE-2005-1091 1 Maxthon 1 Maxthon 2026-04-16 N/A
Maxthon 1.2.0 and 1.2.1 allows remote attackers to bypass the security ID and use restricted plugin API functions via script that includes the max.src file into the source page.
CVE-2001-0077 1 Sun 1 Cluster 2026-04-16 N/A
The clustmon service in Sun Cluster 2.x does not require authentication, which allows remote attackers to obtain sensitive information such as system logs and cluster configurations.
CVE-2006-3595 1 Cisco 1 Router Web Setup 2026-04-16 N/A
The default configuration of IOS HTTP server in Cisco Router Web Setup (CRWS) before 3.3.0 build 31 does not require credentials, which allows remote attackers to access the server with arbitrary privilege levels, aka bug CSCsa78190.
CVE-2001-0078 1 Sun 1 Cluster 2026-04-16 N/A
in.mond in Sun Cluster 2.x allows local users to read arbitrary files via a symlink attack on the status file of a host running HA-NFS.
CVE-1999-1105 1 Microsoft 1 Windows 95 2026-04-16 N/A
Windows 95, when Remote Administration and File Sharing for NetWare Networks is enabled, creates a share (C$) when an administrator logs in remotely, which allows remote attackers to read arbitrary files by mapping the network drive.
CVE-2005-1128 1 Virtual Hosting Control System 1 Virtual Hosting Control System 2026-04-16 N/A
Multiple SQL injection vulnerabilities in VHCS 2.4 and earlier allow remote attackers to execute arbitrary SQL commands via certain inputs from HTTP POST queries.
CVE-1999-1126 1 Cisco 1 Resource Manager 2026-04-16 N/A
Cisco Resource Manager (CRM) 1.1 and earlier creates certain files with insecure permissions that allow local users to obtain sensitive configuration information including usernames, passwords, and SNMP community strings, from (1) swim_swd.log, (2) swim_debug.log, (3) dbi_debug.log, and (4) temporary files whose names begin with "DPR_".
CVE-2001-1259 1 Avaya 1 Argent Office 2026-04-16 N/A
Avaya Argent Office allows remote attackers to cause a denial of service by sending UDP packets to port 53 with no payload.
CVE-2000-1111 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Telnet Service for Windows 2000 Professional does not properly terminate incomplete connection attempts, which allows remote attackers to cause a denial of service by connecting to the server and not providing any input.
CVE-2006-3611 1 Phorum 1 Phorum 2026-04-16 N/A
Directory traversal vulnerability in pm.php in Phorum 5 allows remote authenticated users to include and execute arbitrary local files via directory traversal sequences in the GLOBALS[template] parameter, as demonstrated by injecting PHP sequences into a log file, which is then included by pm.php.
CVE-2006-3612 1 Phorum 1 Phorum 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Phorum 5.1.14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-1999-1148 1 Microsoft 1 Internet Information Server 2026-04-16 N/A
FTP service in IIS 4.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via many passive (PASV) connections at the same time.
CVE-2000-1118 1 24link 1 24link 2026-04-16 N/A
24Link 1.06 web server allows remote attackers to bypass access restrictions by prepending strings such as "/+/" or "/." to the HTTP GET request.