Total
29947 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-1137 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| The permissions for the /dev/audio device on Solaris 2.2 and earlier, and SunOS 4.1.x, allow any local user to read from the device, which could be used by an attacker to monitor conversations happening near a machine that has a microphone. | ||||
| CVE-2000-1110 | 1 Ibm | 1 Net.data | 2026-04-16 | N/A |
| document.d2w CGI program in the IBM Net.Data db2www package allows remote attackers to determine the physical path of the web server by sending a nonexistent command to the program. | ||||
| CVE-2006-3614 | 1 Orbitcoders | 1 Orbitmatrix | 2026-04-16 | N/A |
| index.php in Orbitcoders OrbitMATRIX 1.0 allows remote attackers to trigger a SQL error via the page_name parameter, possibly due to a SQL injection vulnerability. | ||||
| CVE-2000-1125 | 1 Redhat | 1 Linux | 2026-04-16 | N/A |
| restore 0.4b15 and earlier in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program. | ||||
| CVE-2000-1133 | 1 Flicks Software | 1 Authentix | 2026-04-16 | N/A |
| Authentix Authentix100 allows remote attackers to bypass authentication by inserting a . (dot) into the URL for a protected directory. | ||||
| CVE-1999-1163 | 1 Hp | 1 9000 | 2026-04-16 | N/A |
| Vulnerability in HP Series 800 S/X/V Class servers allows remote attackers to gain access to the S/X/V Class console via the Service Support Processor (SSP) Teststation. | ||||
| CVE-1999-1168 | 1 Iss | 1 Internet Security Scanner | 2026-04-16 | N/A |
| install.iss installation script for Internet Security Scanner (ISS) for Linux, version 5.3, allows local users to change the permissions of arbitrary files via a symlink attack on a temporary file. | ||||
| CVE-2006-3661 | 1 Cutephp | 1 Cutenews | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Index.PHP in CuteNews 1.4.5 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-1999-1184 | 1 Elm Development Group | 1 Elm | 2026-04-16 | N/A |
| Buffer overflow in Elm 2.4 and earlier allows local users to gain privileges via a long TERM environmental variable. | ||||
| CVE-2000-1167 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| ppp utility in FreeBSD 4.1.1 and earlier does not properly restrict access as specified by the "nat deny_incoming" command, which allows remote attackers to connect to the target system. | ||||
| CVE-2000-1169 | 1 Openbsd | 1 Openssh | 2026-04-16 | N/A |
| OpenSSH SSH client before 2.3.0 does not properly disable X11 or agent forwarding, which could allow a malicious SSH server to gain access to the X11 display and sniff X11 events, or gain access to the ssh-agent. | ||||
| CVE-1999-1188 | 1 Oracle | 1 Mysql | 2026-04-16 | N/A |
| mysqld in MySQL 3.21 creates log files with world-readable permissions, which allows local users to obtain passwords for users who are added to the user database. | ||||
| CVE-1999-1191 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument. | ||||
| CVE-2001-1402 | 2 Mozilla, Redhat | 2 Bugzilla, Powertools | 2026-04-16 | N/A |
| Bugzilla before 2.14 does not properly escape untrusted parameters, which could allow remote attackers to conduct unauthorized activities via cross-site scripting (CSS) and possibly SQL injection attacks on (1) the product or output form variables for reports.cgi, (2) the voteon, bug_id, and user variables for showvotes.cgi, (3) an invalid email address in createaccount.cgi, (4) an invalid ID in showdependencytree.cgi, (5) invalid usernames and other fields in process_bug.cgi, and (6) error messages in buglist.cgi. | ||||
| CVE-2006-3683 | 1 Flipper Poll | 1 Flipper Poll | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in poll.php in Flipper Poll 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter. | ||||
| CVE-2001-1422 | 1 Att | 1 Winvnc | 2026-04-16 | N/A |
| WinVNC 3.3.3 and earlier generates the same challenge string for multiple connections, which allows remote attackers to bypass VNC authentication by sniffing the challenge and response of other users. | ||||
| CVE-1999-1226 | 1 Netscape | 1 Communicator | 2026-04-16 | N/A |
| Netscape Communicator 4.7 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long certificate key. | ||||
| CVE-2005-1585 | 1 Open Solution | 1 Quick.forum | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Quick.Forum 2.1.6 allow remote attackers to execute arbitrary SQL commands via the (1) iCategory or (2) page parameter to index.php, or (3) iCategory parameter in the query string to the forum directory. | ||||
| CVE-2005-1590 | 1 Altiris | 2 Client Service, Deployment Solution | 2026-04-16 | N/A |
| The Altiris Client Service for Windows (ACLIENT.EXE) 6.0.88 allows local users to disable password protection and access the administrative interface by finding and showing the "Altiris Client Service" hidden window, disabling the password protection, disabling the "Hide client tray icon box" option, then opening the AClient tray icon and using the View Log File option, a different vulnerability than CVE-2004-2070. | ||||
| CVE-1999-1240 | 1 Gracenote | 1 Cddbd | 2026-04-16 | N/A |
| Buffer overflow in cddbd CD database server allows remote attackers to execute arbitrary commands via a long log message. | ||||