Filtered by NVD-CWE-Other
Total 29947 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2001-0285 1 A1webserver 1 Http Server 2026-04-16 N/A
Buffer overflow in A1 HTTP server 1.0a allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP request.
CVE-2001-0311 1 Hp 2 Hp-ux, Omniback Ii 2026-04-16 N/A
Vulnerability in OmniBackII A.03.50 in HP 11.x and earlier allows attackers to gain unauthorized access to an OmniBack client.
CVE-2006-2979 1 Viart 1 Shop 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in ViArt Shop Free 2.5.5, and possibly other distributions including Light, Standard, and Enterprise, allow remote attackers to inject arbitrary web script or HTML via the (1) forum_id parameter in forum.php, which is not properly handled in block_forum_topics.php, and (2) item_id parameter in reviews.php, which is not properly handled in block_reviews.php.
CVE-2001-0317 2 Linux, Redhat 2 Linux Kernel, Linux 2026-04-16 N/A
Race condition in ptrace in Linux kernel 2.4 and 2.2 allows local users to gain privileges by using ptrace to track and modify a running setuid process.
CVE-2004-2423 1 Ipswitch 1 Imail 2026-04-16 N/A
Unknown vulnerability in the Web calendaring component of Ipswitch IMail Server before 8.13 allows remote attackers to cause a denial of service (crash) via "specific content."
CVE-2006-3003 1 Easy Ad-manager 1 Easy Ad-manager 2026-04-16 N/A
details.php in Easy Ad-Manager allows remote attackers to obtain the full installation path via an invalid mbid parameter, which leaks the path in an error message. NOTE: this might be resultant from another vulnerability, since this vector also produces cross-site scripting (XSS). NOTE: on 20060829, the vendor notified CVE that this issue has been fixed.
CVE-2001-0322 1 Microsoft 3 Internet Explorer, Outlook, Outlook Express 2026-04-16 N/A
MSHTML.DLL HTML parser in Internet Explorer 4.0, and other versions, allows remote attackers to cause a denial of service (application crash) via a script that creates and deletes an object that is associated with the browser window object.
CVE-2000-1220 2 Redhat, Sgi 2 Linux, Irix 2026-04-16 N/A
The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file.
CVE-2001-0326 1 Oracle 2 Application Server, Oracle8i 2026-04-16 N/A
Oracle Java Virtual Machine (JVM ) for Oracle 8.1.7 and Oracle Application Server 9iAS Release 1.0.2.0.1 allows remote attackers to read arbitrary files via the .jsp and .sqljsp file extensions when the server is configured to use the <<ALL FILES>> FilePermission.
CVE-2001-0329 1 Mozilla 1 Bugzilla 2026-04-16 N/A
Bugzilla 2.10 allows remote attackers to execute arbitrary commands via shell metacharacters in a username that is then processed by (1) the Bugzilla_login cookie in post_bug.cgi, or (2) the who parameter in process_bug.cgi.
CVE-1999-0598 2026-04-16 N/A
A network intrusion detection system (IDS) does not properly handle packets that are sent out of order, allowing an attacker to escape detection.
CVE-2000-1225 1 Imatix 1 Xitami 2026-04-16 N/A
Xitami 2.5b installs the testcgi.exe program by default in the cgi-bin directory, which allows remote attackers to gain sensitive configuration information about the web server by accessing the program.
CVE-2004-2445 1 Jaws 1 Jaws 2026-04-16 N/A
Directory traversal vulnerability in index.php in Jaws 0.3 BETA allows remote attackers to view arbitrary files via a .. (dot dot) in the gadget parameter.
CVE-2004-2446 1 1st Class Internet Solutions 1 1st Class Mail Server 2026-04-16 N/A
Directory traversal vulnerability in 1st Class Mail Server 4.01 allows remote attackers to read arbitrary files via a ".." (dot dot) sequences in unknown vectors.
CVE-2001-0346 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Handle leak in Microsoft Windows 2000 telnet service allows attackers to cause a denial of service by starting a large number of sessions and terminating them.
CVE-2001-0350 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Microsoft Windows 2000 telnet service creates named pipes with predictable names and does not properly verify them, which allows local users to execute arbitrary commands by creating a named pipe with the predictable name and associating a malicious program with it, the second of two variants of this vulnerability.
CVE-2006-3021 1 Blue-collar Productions 1 I-gallery 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in BlueCollar i-Gallery 4.1 PLUS and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) n and (2) d parameters in (a) login.asp and the d parameter in (b) igallery.asp.
CVE-2006-3031 1 Fipsasp 1 Fipscms 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.asp in fipsCMS 4.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) w, (2) phcat, (3) dayid, and (4) calw parameters.
CVE-1999-0607 1 I-soft 1 Quikstore 2026-04-16 N/A
quikstore.cgi in QuikStore shopping cart stores quikstore.cfg under the web document root with insufficient access control, which allows remote attackers to obtain the cleartext administrator password and gain privileges.
CVE-2003-0979 1 Freescripts 1 Visitorbook 2026-04-16 N/A
FreeScripts VisitorBook LE (visitorbook.pl) does not properly escape line breaks in input, which allows remote attackers to (1) use VisitorBook as an open mail relay, when $mailuser is 1, via extra headers in the email field, or (2) cause the guestbook database to be deleted via a large number of line breaks that exceeds the $max_posts variable.