Filtered by NVD-CWE-Other
Total 29947 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-1999-1091 2 Rtin, Tin 2 Rtin, Tin 2026-04-16 N/A
UNIX news readers tin and rtin create the /tmp/.tin_log file with insecure permissions and follow symlinks, which allows attackers to modify the permissions of files writable by the user via a symlink attack.
CVE-2006-0420 1 Bea 1 Weblogic Server 2026-04-16 N/A
BEA WebLogic Server and WebLogic Express 8.1 through SP4 and 7.0 through SP6 does not properly handle when servlets use relative forwarding, which allows remote attackers to cause a denial of service (slowdown) via unknown attack vectors that cause "looping stack overflow errors."
CVE-2004-2066 1 Linpha 1 Linpha 2026-04-16 N/A
SQL injection vulnerability in session.php in LinPHA 0.9.4 allows remote attackers to execute arbitrary SQL code and bypass authentication via the (1) linpha_userid or (2) linpha_password cookies.
CVE-2006-3290 1 Cisco 1 Wireless Control System 2026-04-16 N/A
HTTP server in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(51) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain usernames and directory paths via a direct URL request.
CVE-2005-1201 1 Azbb 1 Az Bulletin Board 2026-04-16 N/A
Multiple directory traversal vulnerabilities in AZ Bulletin board (AZbb) before 1.0.08 allow (1) remote authenticated users with administrative privileges to delete arbitrary files via a .. (dot dot) in the URL to admin_avatar.php or admin_attachment.php or (2) remote attackers to enumerate files via a .. (dot dot) in the attachment parameter to attachment.php, which displays a different message when a file exists or does not exist.
CVE-2006-3286 1 Cisco 1 Wireless Control System 2026-04-16 N/A
The internal database in Cisco Wireless Control System (WCS) for Linux and Windows before 3.2(63) stores a hard-coded username and password in plaintext within unspecified files, which allows remote authenticated users to access the database (aka bug CSCsd15951).
CVE-2001-1575 1 Apple 1 Personal Web Sharing 2026-04-16 N/A
Apple Personal Web Sharing (PWS) 1.1, 1.5, and 1.5.5, when Web Sharing authentication is enabled, allows remote attackers to cause a denial of service via a long password, possibly due to a buffer overflow.
CVE-2000-0080 1 Ibm 1 Aix 2026-04-16 N/A
AIX techlibss allows local users to overwrite files via a symlink attack.
CVE-2006-3253 1 Jelsoft 1 Vbulletin 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in member.php in vBulletin 3.5.x allows remote attackers to inject arbitrary web script or HTML via the u parameter. NOTE: the vendor has disputed this report, stating that they have been unable to replicate the issue and that "the userid parameter is run through our filtering system as an unsigned integer.
CVE-1999-0329 1 Sgi 1 Irix 2026-04-16 N/A
SGI mediad program allows local users to gain root access.
CVE-2001-1266 1 Doug Neal 1 Dnhttpd 2026-04-16 N/A
Directory traversal vulnerability in Doug Neal's HTTPD Daemon (DNHTTPD) before 0.4.1 allows remote attackers to view arbitrary files via a .. (dot dot) attack using the dot hex code '%2E'.
CVE-1999-0336 1 Hp 1 Hp-ux 2026-04-16 N/A
Buffer overflow in mstm in HP-UX allows local users to gain root access.
CVE-1999-0339 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, possibly root access.
CVE-2004-0169 1 Apple 1 Darwin Streaming Server 2026-04-16 N/A
QuickTime Streaming Server in MacOS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service (crash) via DESCRIBE requests with long User-Agent fields, which causes an Assert error to be triggered in the BufferIsFull function.
CVE-1999-0353 1 Hp 1 Hp-ux 2026-04-16 N/A
rpc.pcnfsd in HP gives remote root access by changing the permissions on the main printer spool directory.
CVE-2006-3250 1 Microsoft 1 Windows Live Messenger 2026-04-16 N/A
Heap-based buffer overflow in Windows Live Messenger 8.0 allows user-assisted attackers to execute arbitrary code via a crafted Contact List (.ctt) file, which triggers the overflow when it is imported by the user.
CVE-2006-3238 1 Vbzoom 1 Vbzoom 2026-04-16 N/A
Multiple SQL injection vulnerabilities in VBZooM 1.00 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) MemberID parameter to rank.php, and the (2) QuranID parameter to lng.php.
CVE-1999-0358 1 Digital 1 Unix 2026-04-16 N/A
Digital Unix 4.0 has a buffer overflow in the inc program of the mh package.
CVE-1999-0386 1 Microsoft 2 Frontpage, Personal Web Server 2026-04-16 N/A
Microsoft Personal Web Server and FrontPage Personal Web Server in some Windows systems allows a remote attacker to read files on the server by using a nonstandard URL.
CVE-2001-0578 1 Sco 1 Openserver 2026-04-16 N/A
Buffer overflow in lpforms in SCO OpenServer 5.0-5.0.6 can allow a local attacker to gain additional privileges via a long first argument to the lpforms command.