Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-1378 1 Dbmlparser.exe 1 Dbmlparser.exe 2026-04-16 N/A
dbmlparser.exe CGI guestbook program does not perform a chroot operation properly, which allows remote attackers to read arbitrary files.
CVE-1999-1379 1 Dnstools Software 1 Dnstools 2026-04-16 N/A
DNS allows remote attackers to use DNS name servers as traffic amplifiers via a UDP DNS query with a spoofed source address, which produces more traffic to the victim than was sent by the attacker.
CVE-2001-1190 1 Mandrakesoft 1 Mandrake Linux 2026-04-16 N/A
The default PAM files included with passwd in Mandrake Linux 8.1 do not support MD5 passwords, which could result in a lower level of password security than intended.
CVE-2002-0320 1 Yahoo 1 Messenger 2026-04-16 N/A
Buffer overflow in Yahoo! Messenger 5.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long (1) message or (2) IMvironment field.
CVE-1999-1380 1 Symantec 1 Norton Utilities 2026-04-16 N/A
Symantec Norton Utilities 2.0 for Windows 95 marks the TUNEOCX.OCX ActiveX control as safe for scripting, which allows remote attackers to execute arbitrary commands via the run option through malicious web pages that are accessed by browsers such as Internet Explorer 3.0.
CVE-2001-1191 1 Ibm 1 Tivoli Secureway Policy Director 2026-04-16 N/A
WebSeal in IBM Tivoli SecureWay Policy Director 3.8 allows remote attackers to cause a denial of service (crash) via a URL that ends in %2e.
CVE-2002-0322 1 Yahoo 1 Messenger 2026-04-16 N/A
Yahoo! Messenger 4.0 sends user passwords in cleartext, which could allow remote attackers to gain privileges of other users via sniffing.
CVE-1999-1430 1 Royal 1 Davinci 2026-04-16 N/A
PIM software for Royal daVinci does not properly password-protext access to data stored in the .mdb (Microsoft Access) file, which allows local users to read the data without a password by directly accessing the files with a different application, such as Access.
CVE-1999-1434 1 Slackware 1 Slackware Linux 2026-04-16 N/A
login in Slackware Linux 3.2 through 3.5 does not properly check for an error when the /etc/group file is missing, which prevents it from dropping privileges, causing it to assign root privileges to any local user who logs on to the server.
CVE-1999-1438 1 Sun 1 Sunos 2026-04-16 N/A
Vulnerability in /bin/mail in SunOS 4.1.1 and earlier allows local users to gain root privileges via certain command line arguments.
CVE-2001-1206 1 Matrixs Cgi Vault 1 Last Lines 2026-04-16 N/A
Matrix CGI vault Last Lines 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the $error_log variable.
CVE-1999-1439 1 Gcc 1 Gcc 2026-04-16 N/A
gcc 2.7.2 allows local users to overwrite arbitrary files via a symlink attack on temporary .i, .s, or .o files.
CVE-1999-1440 1 Mirabilis 1 Icq 98a 2026-04-16 N/A
Win32 ICQ 98a 1.30, and possibly other versions, does not display the entire portion of long filenames, which could allow attackers to send an executable file with a long name that contains so many spaces that the .exe extension is not displayed, which could make the user believe that the file is safe to open from the client.
CVE-1999-1443 1 Micah Software 1 Full Armor 2026-04-16 N/A
Micah Software Full Armor Network Configurator and Zero Administration allow local users with physical access to bypass the desktop protection by (1) using <CTRL><ALT><DEL> and kill the process using the task manager, (2) booting the system from a separate disk, or (3) interrupting certain processes that execute while the system is booting.
CVE-1999-1445 1 Slackware 1 Slackware Linux 2026-04-16 N/A
Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadowing enabled, and possibly other operating systems, allows remote attackers to cause a core dump via a short sequence of USER and PASS commands that do not provide valid usernames or passwords.
CVE-1999-1448 1 Qualcomm 2 Eudora, Eudora Light 2026-04-16 N/A
Eudora and Eudora Light before 3.05 allows remote attackers to cause a crash and corrupt the user's mailbox via an e-mail message with certain dates, such as (1) dates before 1970, which cause a Divide By Zero error, or (2) dates that are 100 years after the current date, which causes a segmentation fault.
CVE-1999-1453 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 4 allows remote attackers (malicious web site operators) to read the contents of the clipboard via the Internet WebBrowser ActiveX object.
CVE-2001-1207 1 Daydream 1 Daydream Bbs 2026-04-16 N/A
Buffer overflows in DayDream BBS 2.9 through 2.13 allow remote attackers to possibly execute arbitrary code via the control codes (1) ~#MC, (2) ~#TF, or (3) ~#RA.
CVE-1999-1455 1 Microsoft 1 Windows Nt 2026-04-16 N/A
RSH service utility RSHSVC in Windows NT 3.5 through 4.0 does not properly restrict access as specified in the .Rhosts file when a user comes from an authorized host, which could allow unauthorized users to access the service by logging in from an authorized host.
CVE-1999-1460 1 Bmc 1 Patrol Agent 2026-04-16 N/A
BMC PATROL SNMP Agent before 3.2.07 allows local users to create arbitrary world-writeable files as root by specifying the target file as the second argument to the snmpmagt program.