Export limit exceeded: 347269 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347269 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-1211 | 2 Redhat, Zope | 2 Powertools, Zope | 2026-04-16 | N/A |
| Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow attackers to perform unauthorized activities. | ||||
| CVE-2004-1635 | 1 Mozilla | 1 Bugzilla | 2026-04-16 | N/A |
| Bugzilla 2.17.1 through 2.18rc2 and 2.19 from cvs, when using the insidergroup feature, does not sufficiently protect private attachments when there are changes to the metadata, such as filename, description, MIME type, or review flags, which allows remote authenticated users to obtain sensitive information when (1) viewing the bug activity log or (2) receiving bug change notification mails. | ||||
| CVE-2005-3085 | 1 Riverdark Studios | 1 Rss Syndicator Module | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in rss.php in Riverdark Studios RSS Syndicator module 2.1.7 allow remote attackers to inject arbitrary web script or HTML via the (1) forum or (2) topic parameters. | ||||
| CVE-2005-3640 | 1 Floosietek | 1 Ftgate | 2026-04-16 | N/A |
| Multiple buffer overflows in the IMAP Groupware Mail server of Floosietek FTGate (FTGate4) 4.1 allow remote attackers to execute arbitrary code via long arguments to various IMAP commands, as demonstrated with the EXAMINE command. | ||||
| CVE-2000-1212 | 2 Redhat, Zope | 2 Powertools, Zope | 2026-04-16 | N/A |
| Zope 2.2.0 through 2.2.4 does not properly protect a data updating method on Image and File objects, which allows attackers with DTML editing privileges to modify the raw data of these objects. | ||||
| CVE-2004-1640 | 1 Xoops | 1 Xoops Dictionary | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 0.94 and 1.0 allow remote attackers to execute arbitrary web script and HTML via the (1) terme parameter to search.php or (2) letter parameter to letter.php. | ||||
| CVE-2005-3086 | 1 Contentserv | 1 Contentserv | 2026-04-16 | N/A |
| Directory traversal vulnerability in admin/about.php in contentServ 3.1 allows remote attackers to read or include arbitrary files via ".." sequences in the ctsWebsite parameter. | ||||
| CVE-2005-3883 | 2 Php, Redhat | 2 Php, Enterprise Linux | 2026-04-16 | N/A |
| CRLF injection vulnerability in the mb_send_mail function in PHP before 5.1.0 might allow remote attackers to inject arbitrary e-mail headers via line feeds (LF) in the "To" address argument. | ||||
| CVE-2000-1214 | 3 Immunix, Iputils, Redhat | 3 Immunix, Iputils, Linux | 2026-04-16 | N/A |
| Buffer overflows in the (1) outpack or (2) buf variables of ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, may allow local users to gain privileges. | ||||
| CVE-2004-1641 | 1 South River Technologies | 1 Titan Ftp Server | 2026-04-16 | N/A |
| Heap-based buffer overflow in Titan FTP 3.21 and earlier allows remote attackers to cause a denial of service (crash) via a long FTP command such as (1) CWD, (2) STAT, or (3) LIST. | ||||
| CVE-2000-1216 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Buffer overflow in portmir for AIX 4.3.0 allows local users to corrupt lock files and gain root privileges via the echo_error routine. | ||||
| CVE-2004-1642 | 1 Texas Imperial Software | 1 Wftpd | 2026-04-16 | N/A |
| WFTPD Pro Server 3.21 allows remote authenticated users to cause a denial of service (crash) via a series of long MLIST commands. | ||||
| CVE-2000-1217 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| Microsoft Windows 2000 before Service Pack 2 (SP2), when running in a non-Windows 2000 domain and using NTLM authentication, and when credentials of an account are locally cached, allows local users to bypass account lockout policies and make an unlimited number of login attempts, aka the "Domain Account Lockout" vulnerability. | ||||
| CVE-2004-1643 | 1 Progress | 1 Ws Ftp Server | 2026-04-16 | N/A |
| WS_FTP 5.0.2 allows remote authenticated users to cause a denial of service (CPU consumption) via a CD command that contains an invalid path with a "../" sequence. | ||||
| CVE-2000-1218 | 1 Microsoft | 5 Windows 2000, Windows 98, Windows 98se and 2 more | 2026-04-16 | 9.8 Critical |
| The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and XP sets the QueryIpMatching parameter to 0, which causes Windows to accept DNS updates from hosts that it did not query, which allows remote attackers to poison the DNS cache. | ||||
| CVE-2000-1219 | 1 Gnu | 2 G\+\+, Gcc | 2026-04-16 | N/A |
| The -ftrapv compiler option in gcc and g++ 3.3.3 and earlier does not handle all types of integer overflows, which may leave applications vulnerable to vulnerabilities related to overflows. | ||||
| CVE-2000-1220 | 2 Redhat, Sgi | 2 Linux, Irix | 2026-04-16 | N/A |
| The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file. | ||||
| CVE-2004-1644 | 1 Jerod Moemeka | 1 Xedus | 2026-04-16 | N/A |
| Xedus 1.0 allows remote attackers to cause a denial of service (refuse connections) by connecting multiple times from the same IP address. | ||||
| CVE-2004-1645 | 1 Jerod Moemeka | 1 Xedus | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Xedus 1.0 allows remote attackers to execute arbitrary web script or HTML via the (1) username parameter to test.x, (2) username parameter to TestServer.x, or (3) param parameter to testgetrequest.x. | ||||
| CVE-2000-1221 | 3 Debian, Redhat, Sgi | 3 Debian Linux, Linux, Irix | 2026-04-16 | N/A |
| The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP. | ||||