Search Results (363423 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0699 1 Bluestone 1 Sapphire Web 2026-04-16 N/A
The Bluestone Sapphire web server allows session hijacking via easily guessable session IDs.
CVE-1999-0700 1 Microsoft 2 Windows 2000, Windows Nt 2026-04-16 N/A
Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malformed dialer entry in the dialer.ini file.
CVE-1999-0701 1 Microsoft 1 Windows Nt 2026-04-16 N/A
After an unattended installation of Windows NT 4.0, an installation file could include sensitive information such as the local Administrator password.
CVE-1999-0717 1 Microsoft 5 Excel, Windows 2000, Windows 95 and 2 more 2026-04-16 N/A
A remote attacker can disable the virus warning mechanism in Microsoft Excel 97.
CVE-2001-1005 1 Starfish 1 Truesync Desktop 2026-04-16 N/A
Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA uses weak encryption to store the user password in a registry key, which allows attackers who have access to the registry key to decrypt the password and gain privileges.
CVE-1999-0719 1 Gnu 1 Gnumeric 2026-04-16 N/A
The Guile plugin for the Gnumeric spreadsheet package allows attackers to execute arbitrary code.
CVE-2001-1007 1 Starfish 1 Truesync Desktop 2026-04-16 N/A
Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA uses a small keyspace for device keys and does not impose a delay when an incorrect key is entered, which allows attackers to more quickly guess the key via a brute force attack.
CVE-2002-0171 1 Sgi 1 Irisconsole 2026-04-16 N/A
IRISconsole 2.0 may allow users to log into the icadmin account with an incorrect password in some circumstances, which could allow users to gain privileges.
CVE-2006-2943 1 Cgi-rescue 1 Webform 2026-04-16 N/A
Unspecified vulnerability in CGI-RESCUE WebFORM 4.1 and earlier allows remote attackers to inject email headers, which facilitates sending spam messages. NOTE: the details for this issue are obtained from third party information.
CVE-1999-0639 2026-04-16 N/A
The chargen service is running.
CVE-1999-0638 2026-04-16 N/A
The daytime service is running.
CVE-2001-0990 1 Inter7 1 Vpopmail 2026-04-16 N/A
Inter7 vpopmail 4.10.35 and earlier, when using the MySQL module, compiles authentication information in cleartext into the libvpopmail.a library, which allows local users to obtain the MySQL username and password by inspecting the vpopmail programs that use the library.
CVE-1999-0637 2026-04-16 N/A
The systat service is running.
CVE-1999-0630 2026-04-16 N/A
The NT Alerter and Messenger services are running.
CVE-1999-0627 1 Ibm 1 Aix 2026-04-16 N/A
The rexd service is running, which uses weak authentication that can allow an attacker to execute commands.
CVE-1999-0607 1 I-soft 1 Quikstore 2026-04-16 N/A
quikstore.cgi in QuikStore shopping cart stores quikstore.cfg under the web document root with insufficient access control, which allows remote attackers to obtain the cleartext administrator password and gain privileges.
CVE-1999-0590 3 Apple, Linux, Microsoft 6 Macos, Linux Kernel, Windows 2000 and 3 more 2026-04-16 N/A
A system does not present an appropriate legal message or warning to a user who is accessing it.
CVE-1999-0554 2026-04-16 N/A
NFS exports system-critical data to the world, e.g. / or a password file.
CVE-2006-2916 2 Kde, Linux 2 Arts, Linux Kernel 2026-04-16 7.8 High
artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check the return value of the setuid function call, which allows local users to gain root privileges by causing setuid to fail, which prevents artsd from dropping privileges.
CVE-2002-0166 2 Redhat, Stephen Turner 2 Powertools, Analog 2026-04-16 N/A
Cross-site scripting vulnerability in analog before 5.22 allows remote attackers to execute Javascript via an HTTP request containing the script, which is entered into a web logfile and not properly filtered by analog during display.