Filtered by NVD-CWE-Other
Total 29947 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2005-2417 1 Astalavista It Engineering 1 Contrexx 2026-04-16 N/A
Contrexx before 1.0.5 allows remote attackers to obtain sensitive information via a direct request to /config/version.xml.
CVE-2005-4722 1 The Media Shoppe Berhad 1 Tmspublisher 2026-04-16 N/A
_Request_Message.cfm in tmsPUBLISHER 3.3 allows remote attackers to obtain sensitive information via an invalid id argument to pagename.cfm, which reveals the installation path in an error message.
CVE-1999-0678 2 Apache, Debian 2 Http Server, Debian Linux 2026-04-16 N/A
A default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server.
CVE-2004-1318 1 Namazu 1 Namazu 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in namazu.cgi for Namazu 2.0.13 and earlier allows remote attackers to inject arbitrary HTML and web script via a query that starts with a tab ("%09") character, which prevents the rest of the query from being properly sanitized.
CVE-2004-2217 1 Ychat 1 Ychat 2026-04-16 N/A
Multiple unknown vulnerabilities in yhttpd in yChat before 0.7 allow remote attackers to cause a denial of service (segmentation fault) via unknown vectors.
CVE-2006-3715 1 Oracle 1 Collaboration Suite 2026-04-16 N/A
Unspecified vulnerability in Calendar for Oracle Collaboration Suite 10.1.2 has unknown impact and attack vectors, aka Oracle Vuln# OCS01.
CVE-2004-1028 1 Ibm 1 Aix 2026-04-16 N/A
Untrusted execution path vulnerability in chcod on AIX IBM 5.1.0, 5.2.0, and 5.3.0 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious "grep" program, which is executed from chcod.
CVE-2005-3403 1 Adaptive Technology Resource Centre 1 Atutor 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.4.1 through 1.5.1-pl1 allow remote attackers to inject arbitrary web script or HTML via (1) the _base_href parameter in translate.php, (2) the _base_path parameter in news.inc.php, and (3) the p parameter in add_note.php.
CVE-1999-0687 4 Cde, Digital, Ibm and 1 more 5 Cde, Unix, Aix and 2 more 2026-04-16 N/A
The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.
CVE-2005-3411 1 Snitz Communications 1 Snitz Forums 2000 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in post.asp in Snitz Forums 2000 3.4.05 allows remote attackers to inject arbitrary web script or HTML via the type parameter in a Topic method.
CVE-2005-4813 1 Businessobjects 4 Crystal Enterprise Xi, Crystal Reports Server Xi, Crystal Reports Xi and 1 more 2026-04-16 N/A
Unspecified vulnerability in Report Application Server (Crystalras.exe) before 11.0.0.1370, as used in Business Objects Crystal Reports XI, Crystal Reports Server XI, and BusinessObjects Enterprise XI, allows remote attackers to cause a denial of service (application hang) via certain network traffic, possibly involving multiple simultaneous TCP connections.
CVE-2006-3722 1 Oracle 1 Peoplesoft Enterprise 2026-04-16 N/A
Unspecified vulnerability in PeopleSoft Enterprise Portal for Oracle PeopleSoft Enterprise Portal 8.4 Bundle #16, 8.8 Bundle #10, and 8.9 Bundle #3 has unknown impact and attack vectors, aka Oracle Vuln# PSE01.
CVE-2005-3421 1 Hyper Estraier 1 Hyper Estraier 2026-04-16 N/A
estcmd in Hyper Estraier 1.0.1 on Windows systems allows remote attackers to read unauthorized files via a crafted search request for a filename that contains Unicode characters.
CVE-2005-4828 1 Kolab 1 Kolab Groupware Server 2026-04-16 N/A
Kolab Server 2.0.0 and 2.0.1 does not properly handle when a large email is sent with a "." in the wrong place, which causes kolabfilter to add another ".", which might break clear-text signatures and attachments. NOTE: it is not clear whether this issue crosses privilege boundaries, so this might not be a vulnerability.
CVE-1999-0692 2 Cray, Sgi 2 Unicos, Irix 2026-04-16 N/A
The default configuration of the Array Services daemon (arrayd) disables authentication, allowing remote users to gain root privileges.
CVE-2005-3426 1 Cisco 1 Content Services Switch 11500 2026-04-16 N/A
Cisco CSS 11500 Content Services Switch (CSS) with SSL termination services allows remote attackers to cause a denial of service (memory corruption and device reload) via a malformed client certificate during SSL session negotiation.
CVE-2006-3731 1 Mozilla 1 Firefox 2026-04-16 N/A
Mozilla Firefox 1.5.0.4 and earlier allows remote user-assisted attackers to cause a denial of service (crash) via a form with a multipart/form-data encoding and a user-uploaded file. NOTE: a third party has claimed that this issue might be related to the LiveHTTPHeaders extension.
CVE-2004-1107 1 Gentoo 1 Linux 2026-04-16 N/A
dispatch-conf in Portage 2.0.51-r2 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-1999-0698 2026-04-16 N/A
Denial of service in IP protocol logger (ippl) on Red Hat and Debian Linux.
CVE-2004-1108 1 Gentoo 1 Linux 2026-04-16 N/A
qpkg in Gentoolkit 0.2.0_pre10 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary directory.