Filtered by NVD-CWE-Other
Total 29947 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2004-1970 1 Securecomputing 1 Smartether Ss6215s Switch 2026-04-16 N/A
Samsung SmartEther SS6215S switch, and possibly other Samsung switches, allows remote attackers and local users to gain administrative access by providing the admin username followed by a password that is the maximum allowed length, then pressing the enter key after the resulting error message.
CVE-2004-1974 1 Php Arena 1 Pafiledb 2026-04-16 N/A
paFileDB 3.1 allows remote attackers to gain sensitive information via a direct request to (1) login.php, (2) category.php, (3) search.php, (4) main.php, (5) viewall.php, (6) download.php, (7) email.php, (8) file.php, (9) rate.php, or (10) stats.php, which reveals the path in an error message.
CVE-2005-1495 1 Oracle 3 Application Server, Oracle10g, Oracle9i 2026-04-16 N/A
Oracle Database 9i and 10g disables Fine Grained Audit (FGA) after the SYS user executes a SELECT statement on an FGA object, which makes it easier for attackers to escape detection.
CVE-2006-0895 1 Nocc 1 Nocc 2026-04-16 N/A
NOCC Webmail 1.0 allows remote attackers to obtain the installation path via a direct request to html/header.php.
CVE-1999-1540 1 Cactus Software 1 Shell-lock 2026-04-16 N/A
shell-lock in Cactus Software Shell Lock uses weak encryption (trivial encoding) which allows attackers to easily decrypt and obtain the source code.
CVE-2006-0969 1 Pixelartkingdom 1 Top Sites 2026-04-16 N/A
PHP remote file inclusion vulnerability in index.php in Top sites de PixelArtKingdom allows remote attackers to include and execute arbitrary files via the page parameter.
CVE-1999-1561 1 Nullsoft 1 Shoutcast Server 2026-04-16 N/A
Nullsoft SHOUTcast server stores the administrative password in plaintext in a configuration file (sc_serv.conf), which could allow a local user to gain administrative privileges on the server.
CVE-2001-1342 1 Apache 1 Http Server 2026-04-16 N/A
Apache before 1.3.20 on Windows and OS/2 systems allows remote attackers to cause a denial of service (GPF) via an HTTP request for a URI that contains a large number of / (slash) or other characters, which causes certain functions to dereference a null pointer.
CVE-1999-1562 1 Gftp 1 Ftp Client 2026-04-16 N/A
gFTP FTP client 1.13, and other versions before 2.0.0, records a password in plaintext in (1) the log window, or (2) in a log file.
CVE-2001-1349 2 Redhat, Sendmail 2 Linux, Sendmail 2026-04-16 N/A
Sendmail before 8.11.4, and 8.12.0 before 8.12.0.Beta10, allows local users to cause a denial of service and possibly corrupt the heap and gain privileges via race conditions in signal handlers.
CVE-2002-0382 2 Redhat, Xchat 3 Enterprise Linux, Linux, Xchat 2026-04-16 N/A
XChat IRC client allows remote attackers to execute arbitrary commands via a /dns command on a host whose DNS reverse lookup contains shell metacharacters.
CVE-2006-1041 1 Gregarius 1 Gregarius 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Gregarius 0.5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) rss_query parameter to search.php or (2) tag parameter to tags.php.
CVE-2006-1069 1 Geeklog 1 Geeklog 2026-04-16 N/A
Unspecified vulnerability in the session handling for Geeklog 1.4.x before 1.4.0sr2, 1.3.11 before 1.3.11sr5, 1.3.9 before 1.3.9sr5, and possibly earlier versions allows attackers to gain privileges as arbitrary users via unknown vectors.
CVE-2006-1111 1 Aztek Forum 1 Aztek Forum 2026-04-16 N/A
Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a "*/*" in the msg parameter to index.php, which reveals usernames and passwords in a MySQL error message, possibly due to a forced SQL error or SQL injection.
CVE-1999-1576 1 Adobe 1 Acrobat Reader 2026-04-16 N/A
Buffer overflow in Adobe Acrobat ActiveX control (pdf.ocx, PDF.PdfCtrl.1) 1.3.188 for Acrobat Reader 4.0 allows remote attackers to execute arbitrary code via the pdf.setview method.
CVE-2006-1146 1 Cor Entertainment 1 Alien Arena 2006 2026-04-16 N/A
Stack-based buffer overflow in the Cmd_Say_f function in g_cmds.c in Alien Arena 2006 Gold Edition 5.00 allows remote attackers (possibly authenticated) to execute arbitrary code by sending a long message to the server.
CVE-1999-1582 1 Cisco 1 Pix Firewall 2026-04-16 N/A
By design, the "established" command on the Cisco PIX firewall allows connections from one host to arbitrary ports of a target host if an alternative conduit has already been allowed, which can cause administrators to configure less restrictive access controls than intended if they do not understand this functionality.
CVE-2006-1147 1 Cor Entertainment 1 Alien Arena 2006 2026-04-16 N/A
The Com_sprintf function in q_shared.c in Alien Arena 2006 Gold Edition 5.00 does not properly NULL terminate certain long strings, which allows remote attackers (possibly authenticated) to cause a denial of service (application crash) via a long skin, weapon, or model name.
CVE-2006-1149 1 Owl 1 Owl Intranet Engine 2026-04-16 N/A
PHP remote file inclusion vulnerability in lib/OWL_API.php in OWL Intranet Engine 0.82, when register_globals is enabled, allows remote attackers to include arbitrary files via a URL in the xrms_file_root parameter, which is not initialized before use.
CVE-2006-1152 1 M Phorum 1 M Phorum 2026-04-16 N/A
PHP remote file inclusion vulnerability in index.php in M-Phorum 0.2 allows remote attackers to include arbitrary files via the go parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.