Filtered by NVD-CWE-Other
Total 29947 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-1999-0570 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Windows NT is not using a password filter utility, e.g. PASSFILT.DLL.
CVE-2000-0808 1 Checkpoint 1 Firewall-1 2026-04-16 N/A
The seed generation mechanism in the inter-module S/Key authentication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass authentication via a brute force attack, aka "One-time (s/key) Password Authentication."
CVE-2000-0825 1 Ipswitch 1 Imail 2026-04-16 N/A
Ipswitch Imail 6.0 allows remote attackers to cause a denial of service via a large number of connections in which a long Host: header is sent, which causes a thread to crash.
CVE-2004-2210 1 Express-web 1 Express-web Content Management System 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Express-Web Content Management System (CMS) allow remote attackers to steal cookie-based authentication information and possibly perform other exploits via the (1) n, (2) b, (3) e, or (4) a parameters to default.asp, (5) the Referer header in an HTTP request to login.asp, or (6) the email parameter to subscribe/default.asp.
CVE-2004-2294 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
Canonicalize-before-filter error in the send_review function in the Reviews module for PHP-Nuke 6.0 to 7.3 allows remote attackers to inject arbitrary web script or HTML via hex-encoded XSS sequences in the text parameter, which is checked for dangerous sequences before it is canonicalized, leading to a cross-site scripting (XSS) vulnerability.
CVE-2001-0273 1 Holger Lamm 1 Pgp4pine 2026-04-16 N/A
pgp4pine Pine/PGP interface version 1.75-6 does not properly check to see if a public key has expired when obtaining the keys via Gnu Privacy Guard (GnuPG), which causes the message to be sent in cleartext.
CVE-2004-2306 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Sun Solaris 7 through 9, when Basic Security Module (BSM) is enabled and the SUNWscpu package has been removed as a result of security hardening, disables mail alerts from the audit_warn script, which might allow attackers to escape detection.
CVE-2006-2958 1 Filzip 1 Filzip 2026-04-16 N/A
Directory traversal vulnerability in FilZip 3.05 allows remote attackers to write arbitrary files via a .. (dot dot) in a (1) .rar, (2) .tar, (3) .jar, or (4) .gz file. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
CVE-2001-0281 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Format string vulnerability in DbgPrint function, used in debug messages for some Windows NT drivers (possibly when called through DebugMessage), may allow local users to gain privileges.
CVE-2001-0285 1 A1webserver 1 Http Server 2026-04-16 N/A
Buffer overflow in A1 HTTP server 1.0a allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP request.
CVE-2001-0311 1 Hp 2 Hp-ux, Omniback Ii 2026-04-16 N/A
Vulnerability in OmniBackII A.03.50 in HP 11.x and earlier allows attackers to gain unauthorized access to an OmniBack client.
CVE-2006-3003 1 Easy Ad-manager 1 Easy Ad-manager 2026-04-16 N/A
details.php in Easy Ad-Manager allows remote attackers to obtain the full installation path via an invalid mbid parameter, which leaks the path in an error message. NOTE: this might be resultant from another vulnerability, since this vector also produces cross-site scripting (XSS). NOTE: on 20060829, the vendor notified CVE that this issue has been fixed.
CVE-2001-0322 1 Microsoft 3 Internet Explorer, Outlook, Outlook Express 2026-04-16 N/A
MSHTML.DLL HTML parser in Internet Explorer 4.0, and other versions, allows remote attackers to cause a denial of service (application crash) via a script that creates and deletes an object that is associated with the browser window object.
CVE-2001-0326 1 Oracle 2 Application Server, Oracle8i 2026-04-16 N/A
Oracle Java Virtual Machine (JVM ) for Oracle 8.1.7 and Oracle Application Server 9iAS Release 1.0.2.0.1 allows remote attackers to read arbitrary files via the .jsp and .sqljsp file extensions when the server is configured to use the <<ALL FILES>> FilePermission.
CVE-2004-2445 1 Jaws 1 Jaws 2026-04-16 N/A
Directory traversal vulnerability in index.php in Jaws 0.3 BETA allows remote attackers to view arbitrary files via a .. (dot dot) in the gadget parameter.
CVE-2004-2446 1 1st Class Internet Solutions 1 1st Class Mail Server 2026-04-16 N/A
Directory traversal vulnerability in 1st Class Mail Server 4.01 allows remote attackers to read arbitrary files via a ".." (dot dot) sequences in unknown vectors.
CVE-2001-0346 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Handle leak in Microsoft Windows 2000 telnet service allows attackers to cause a denial of service by starting a large number of sessions and terminating them.
CVE-2006-3021 1 Blue-collar Productions 1 I-gallery 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in BlueCollar i-Gallery 4.1 PLUS and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) n and (2) d parameters in (a) login.asp and the d parameter in (b) igallery.asp.
CVE-2006-3031 1 Fipsasp 1 Fipscms 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.asp in fipsCMS 4.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) w, (2) phcat, (3) dayid, and (4) calw parameters.
CVE-1999-0608 1 Pdgsoft 1 Pdg Shopping Cart 2026-04-16 N/A
An incorrect configuration of the PDG Shopping Cart CGI program "shopper.cgi" could disclose private information.