CVE-2002-2313

Eudora email client 5.1.1, with "use Microsoft viewer" enabled, allows remote attackers to execute arbitrary programs via an HTML email message containing a META refresh tag that references an embedded .mhtml file with ActiveX controls that execute a second embedded program, which is processed by...

CVE-2005-3254

The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID to determine whether it can perform a seteuid operation, which could allow attackers to execute code as other system UIDs that are greater than the minimum value, which should be 1000 on Debian...

CVE-2005-4412

Citrix Program Neighborhood client before 9.150 caches the user password in plaintext in the GUI while asterisks are used to visually obfuscate the password, which allows attackers with access to the session to obtain the password by using a tool to directly access the field...

CVE-1999-0236

ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs...

CVE-1999-0605

An incorrect configuration of the Order Form 1.0 shopping cart CGI program could disclose private information...

CVE-1999-0308

HP-UX gwind program allows users to modify arbitrary files...

CVE-1999-0137

The dip program on many Linux systems allows local users to gain root access via a buffer overflow...

CVE-1999-0785

The INN inndstart program allows local users to gain root privileges via the "pathrun" parameter in the inn.conf file...

CVE-1999-0713

The dtlogin program in Compaq Tru64 UNIX allows local users to gain root privileges...

CVE-1999-0341

Buffer overflow in the Linux mail program "deliver" allows local users to gain root access...

CVE-1999-0327

SGI syserr program allows local users to corrupt files...

CVE-1999-0264

htmlscript CGI program allows remote read access to files...

CVE-1999-0177

The uploader program in the WebSite web server allows a remote attacker to execute arbitrary programs...

CVE-1999-0057

Vacation program allows command execution by remote users through a sendmail command...

CVE-1999-0056

Buffer overflow in Sun's ping program can give root access to local users...

CVE-1999-0705

Buffer overflow in INN inews program...

SUSE CVE-2025-37963

In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users Support for eBPF programs loaded by unprivileged users is typically disabled. This means only cBPF programs need to be mitigated for BHB. In addition, only...

BountyBench: Dollar Impact of AI Agent Attackers and Defenders on Real-World Cybersecurity Systems

AI agents have the potential to significantly alter the cybersecurity landscape. To help us understand this change, we introduce the first framework to capture offensive and defensive cyber-capabilities in evolving real-world systems. Instantiating this framework with BountyBench, we set up 25...

DEBIAN-CVE-2025-37948

In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs A malicious BPF program may manipulate the branch history to influence what the hardware speculates will happen next. On exit from a BPF program, emit the BHB...

CVE-2025-37948

CVE-2025-37948 affects the Linux kernel arm64 and is fixed by adding a BHB mitigation in the epilogue of BPF programs (cBPF) loaded via seccomp. The vulnerability arises when a classic cBPF program manipulates the branch history to influence speculative execution. The published details indicate t...