Total
29944 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0507 | 1 Microsoft | 1 Internet Information Services | 2026-04-16 | N/A |
| IIS 5.0 uses relative paths to find system files that will run in-process, which allows local users to gain privileges via a Trojan horse file, aka the "System file listing privilege elevation" vulnerability. | ||||
| CVE-1999-0868 | 5 Isc, Nec, Netscape and 2 more | 6 Inn, Goah Intrasv, Goah Networksv and 3 more | 2026-04-16 | N/A |
| ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN. | ||||
| CVE-1999-0970 | 1 Omnicron | 1 Omnihttpd | 2026-04-16 | N/A |
| The OmniHTTPD visadmin.exe program allows a remote attacker to conduct a denial of service via a malformed URL which causes a large number of temporary files to be created. | ||||
| CVE-1999-0760 | 1 Allaire | 1 Coldfusion Server | 2026-04-16 | N/A |
| Undocumented ColdFusion Markup Language (CFML) tags and functions in the ColdFusion Administrator allow users to gain additional privileges. | ||||
| CVE-1999-1059 | 1 Att | 1 Svr4 | 2026-04-16 | N/A |
| Vulnerability in rexec daemon (rexecd) in AT&T TCP/IP 4.0 for various SVR4 systems allows remote attackers to execute arbitrary commands. | ||||
| CVE-1999-1111 | 1 Immunix | 1 Stackguard | 2026-04-16 | N/A |
| Vulnerability in StackGuard before 1.21 allows remote attackers to bypass the Random and Terminator Canary security mechanisms by using a non-linear attack which directly modifies a pointer to a return address instead of using a buffer overflow to reach the return address entry itself. | ||||
| CVE-1999-1170 | 2 Ipswitch, Progress | 2 Imail, Ws Ftp Server | 2026-04-16 | N/A |
| IPswitch IMail allows local users to gain additional privileges and modify or add mail accounts by setting the "flags" registry key to 1920. | ||||
| CVE-1999-1197 | 1 Sun | 1 Sunos | 2026-04-16 | N/A |
| TIOCCONS in SunOS 4.1.1 does not properly check the permissions of a user who tries to redirect console output and input, which could allow a local user to gain privileges. | ||||
| CVE-1999-1286 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| addnetpr in SGI IRIX 6.2 and earlier allows local users to modify arbitrary files and possibly gain root access via a symlink attack on a temporary file. | ||||
| CVE-2001-0489 | 2 Gftp, Redhat | 2 Gftp, Linux | 2026-04-16 | N/A |
| Format string vulnerability in gftp prior to 2.0.8 allows remote malicious FTP servers to execute arbitrary commands. | ||||
| CVE-2004-2681 | 1 Peersec Networks | 1 Matrixssl | 2026-04-16 | N/A |
| PeerSec MatrixSSL before 1.1 caches session keys for an indefinitely long time, which might make it easier for remote attackers to hijack a session. | ||||
| CVE-2006-3160 | 1 Onedotoh | 1 Simple File Manager | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in fm.php in ONEdotOH Simple File Manager (SFM) 0.24a and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | ||||
| CVE-2006-3149 | 1 Phpmyforum | 1 Phpmyforum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in topic.php in phpMyForum 4.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the highlight parameter. | ||||
| CVE-2001-0464 | 1 Crosswind | 1 Cyberscheduler | 2026-04-16 | N/A |
| Buffer overflow in websync.exe in Cyberscheduler allows remote attackers to execute arbitrary commands via a long tzs (timezone) parameter. | ||||
| CVE-2006-3143 | 1 Maximus | 1 Schoolmax | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in icue_login.asp in Maximus SchoolMAX 4.0.1 and earlier iCue and iParent applications allows remote attackers to inject arbitrary web script or HTML via the error_msg parameter. | ||||
| CVE-2004-0272 | 1 Maxwebportal | 1 Maxwebportal | 2026-04-16 | N/A |
| SQL injection vulnerability in MaxWebPortal allows remote attackers to inject arbitrary SQL code and gain sensitive information via the SendTo parameter in Personal Messages. | ||||
| CVE-2002-1916 | 1 Pirch | 2 Pirch Irc, Ruspirch | 2026-04-16 | N/A |
| Pirch and RusPirch, when auto-log is enabled, allows remote attackers to cause a denial of service (crash) via a nickname containing an MS-DOS device name such as AUX, which is inserted into a filename for saving queries. | ||||
| CVE-2006-3304 | 1 Deluxebb | 1 Deluxebb | 2026-04-16 | N/A |
| SQL injection vulnerability in cp.php in DeluxeBB 1.07 and earlier allows remote attackers to execute arbitrary SQL commands via the xmsn parameter. | ||||
| CVE-2006-3829 | 1 Kailash Nadh | 1 Boastmachine | 2026-04-16 | N/A |
| Cross-site request forgery (CSRF) vulnerability in bmc/admin.php in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier allows remote attackers to perform unauthorized actions as an administrator and delete arbitrary user accounts via a delete_user action. | ||||
| CVE-1999-0233 | 1 Microsoft | 1 Internet Information Services | 2026-04-16 | N/A |
| IIS 1.0 allows users to execute arbitrary commands using .bat or .cmd files. | ||||