Search Results (9546 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-1524 1 Pgpi 1 Pgpdisk 2026-04-16 N/A
PGPi PGPDisk 6.0.2i does not unmount a PGP partition when the switch user function in Windows XP is used, which could allow local users to access data on another user's PGP partition.
CVE-2006-3815 1 Linux-ha 1 Heartbeat 2026-04-16 N/A
heartbeat.c in heartbeat before 2.0.6 sets insecure permissions in a shmget call for shared memory, which allows local users to cause an unspecified denial of service via unknown vectors, possibly during a short time window on startup.
CVE-2003-1515 1 Origo 2 Asr-8100, Asr-8400 2026-04-16 N/A
Origo ASR-8100 ADSL Router 3.21 has an administration service running on port 254 that does not require a password, which allows remote attackers to cause a denial of service by restoring the factory defaults.
CVE-2004-0041 1 Mod Auth Shadow 1 Mod Auth Shadow 2026-04-16 N/A
The mod_auth_shadow module 1.4 and earlier does not properly enforce the expiration of a user account and password, which could allow remote authenticated users to bypass intended access restrictions.
CVE-2005-0244 2 Postgresql, Redhat 2 Postgresql, Enterprise Linux 2026-04-16 N/A
PostgreSQL 8.0.0 and earlier allows local users to bypass the EXECUTE permission check for functions by using the CREATE AGGREGATE command.
CVE-2005-2929 2 Redhat, University Of Kansas 2 Enterprise Linux, Lynx 2026-04-16 N/A
Lynx 2.8.5, and other versions before 2.8.6dev.15, allows remote attackers to execute arbitrary commands via (1) lynxcgi:, (2) lynxexec, and (3) lynxprog links, which are not properly restricted in the default configuration in some environments.
CVE-2006-0553 1 Postgresql 1 Postgresql 2026-04-16 N/A
PostgreSQL 8.1.0 through 8.1.2 allows authenticated database users to gain additional privileges via "knowledge of the backend protocol" using a crafted SET ROLE to other database users, a different vulnerability than CVE-2006-0678.
CVE-2003-0857 1 Redhat 1 Enterprise Linux 2026-04-16 N/A
The (1) ipq_read and (2) ipulog_read functions in iptables allow local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.
CVE-1999-0496 1 Microsoft 1 Windows Nt 2026-04-16 N/A
A Windows NT 4.0 user can gain administrative rights by forcing NtOpenProcessToken to succeed regardless of the user's permissions, aka GetAdmin.
CVE-2006-0700 1 Imagevue 1 Imagevue 2026-04-16 N/A
imageVue 16.1 allows remote attackers to obtain folder permission settings via a direct request to dir.php, which returns an XML document that lists folders and their permissions.
CVE-1999-0728 1 Microsoft 1 Windows Nt 2026-04-16 N/A
A Windows NT user can disable the keyboard or mouse by directly calling the IOCTLs which control them.
CVE-2002-0049 1 Microsoft 1 Exchange Server 2026-04-16 N/A
Microsoft Exchange Server 2000 System Attendant gives "Everyone" group privileges to the WinReg key, which could allow remote attackers to read or modify registry keys.
CVE-2003-1081 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Aspppls for Solaris 8 allows local users to overwrite arbitrary files via a symlink attack on the .asppp.fifo temporary file.
CVE-2006-2112 2 Dell, Fuji Xerox 19 3000cn, 3010cn, 3100cn and 16 more 2026-04-16 N/A
Fuji Xerox Printing Systems (FXPS) print engine, as used in products including (1) Dell 3000cn through 5110cn and (2) Fuji Xerox DocuPrint firmware before 20060628 and Network Option Card firmware before 5.13, allows remote attackers to use the FTP printing interface as a proxy ("FTP bounce") by using arbitrary PORT arguments to connect to systems for which access would be otherwise restricted.
CVE-2001-1009 2 Fetchmail, Redhat 2 Fetchmail, Linux 2026-04-16 N/A
Fetchmail (aka fetchmail-ssl) before 5.8.17 allows a remote malicious (1) IMAP server or (2) POP/POP3 server to overwrite arbitrary memory and possibly gain privileges via a negative index number as part of a response to a LIST request.
CVE-2006-2784 2 Mozilla, Redhat 2 Firefox, Enterprise Linux 2026-04-16 N/A
The PLUGINSPAGE functionality in Mozilla Firefox before 1.5.0.4 allows remote user-assisted attackers to execute privileged code by tricking a user into installing missing plugins and selecting the "Manual Install" button, then using nested javascript: URLs. NOTE: the manual install button is used for downloading software from a remote web site, so this issue would not cross privilege boundaries if the user progresses to the point of installing malicious software from the attacker-controlled site.
CVE-2006-3561 1 Bt 1 Voyager 2091 Wireless Adsl Router 2026-04-16 N/A
BT Voyager 2091 Wireless firmware 2.21.05.08m_A2pB018c1.d16d and earlier, and 3.01m and earlier, allow remote attackers to bypass the authentication process and gain sensitive information, such as configuration information via (1) /btvoyager_getconfig.sh, PPP credentials via (2) btvoyager_getpppcreds.sh, and decode configuration credentials via (3) btvoyager_decoder.c.
CVE-2006-3443 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Untrusted search path vulnerability in Winlogon in Microsoft Windows 2000 SP4, when SafeDllSearchMode is disabled, allows local users to gain privileges via a malicious DLL in the UserProfile directory, aka "User Profile Elevation of Privilege Vulnerability."
CVE-1999-0777 1 Microsoft 2 Commercial Internet System, Internet Information Server 2026-04-16 N/A
IIS FTP servers may allow a remote attacker to read or delete files on the server, even if they have "No Access" permissions.
CVE-2002-1590 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
The Web-Based Enterprise Management (WBEM) packages (1) SUNWwbdoc, (2) SUNWwbcou, (3) SUNWwbdev and (4) SUNWmgapp packages, when installed using Solaris 8 Update 1/01 or later, install files with world or group write permissions, which allows local users to gain root privileges or cause a denial of service.