Export limit exceeded: 344983 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344983 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-0525 | 2026-04-16 | N/A | ||
| IP traceroute is allowed from arbitrary hosts. | ||||
| CVE-1999-1590 | 1 Wwwcount | 1 Wwwcount | 2026-04-16 | N/A |
| Directory traversal vulnerability in Muhammad A. Muquit wwwcount (Count.cgi) 2.3 allows remote attackers to read arbitrary GIF files via ".." sequences in the image parameter, a different vulnerability than CVE-1999-0021. | ||||
| CVE-2000-0792 | 1 Alan Cox | 1 Gnome-lokkit | 2026-04-16 | N/A |
| Gnome Lokkit firewall package before 0.41 does not properly restrict access to some ports, even if a user does not make any services available. | ||||
| CVE-2006-3530 | 1 Joomla | 1 Pc Cookbook | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in com_pccookbook/pccookbook.php in the PccookBook Component for Mambo and Joomla 0.3 and possibly up to 1.3.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the mosConfig_absolute_path parameter. | ||||
| CVE-2006-3531 | 1 Pivot | 1 Pivot | 2026-04-16 | N/A |
| includes/editor/insert_image.php in Pivot 1.30 RC2 and earlier creates the authentication credentials from parameters, which allows remote attackers to obtain privileges and upload arbitrary files via modified (1) pass and (2) session parameters, and (3) pass and (4) userlevel indices of the (a) Pivot_Vars[] or (b) Users[] array parameters. | ||||
| CVE-1999-0526 | 1 X.org | 1 X11 | 2026-04-16 | N/A |
| An X server's access control is disabled (e.g. through an "xhost +" command) and allows anyone to connect to the server. | ||||
| CVE-2001-0256 | 1 Fastream | 1 Ftp\+\+ Server | 2026-04-16 | N/A |
| FaSTream FTP++ Server 2.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long username. | ||||
| CVE-2001-0299 | 1 Nokia | 1 Ip440 Firewall Vpn Appliance | 2026-04-16 | N/A |
| Buffer overflow in Voyager web administration server for Nokia IP440 allows local users to cause a denial of service, and possibly execute arbitrary commands, via a long URL. | ||||
| CVE-2001-0389 | 1 Ibm | 2 Net.commerce, Websphere Application Server | 2026-04-16 | N/A |
| IBM Websphere/NetCommerce3 3.1.2 allows remote attackers to determine the real path of the server by directly calling the macro.d2w macro with a NOEXISTINGHTMLBLOCK argument. | ||||
| CVE-2001-0015 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| Network Dynamic Data Exchange (DDE) in Windows 2000 allows local users to gain SYSTEM privileges via a "WM_COPYDATA" message to an invisible window that is running with the privileges of the WINLOGON process. | ||||
| CVE-2001-0076 | 1 Ikonboard.com | 1 Ikonboard | 2026-04-16 | N/A |
| register.cgi in Ikonboard 2.1.7b and earlier allows remote attackers to execute arbitrary commands via the SEND_MAIL parameter, which overwrites an internal program variable that references a program to be executed. | ||||
| CVE-2001-0107 | 1 Symantec Veritas | 1 Backup | 2026-04-16 | N/A |
| Veritas Backup agent on Linux allows remote attackers to cause a denial of service by establishing a connection without sending any data, which causes the process to hang. | ||||
| CVE-2000-0003 | 1 Sco | 1 Unixware | 2026-04-16 | N/A |
| Buffer overflow in UnixWare rtpm program allows local users to gain privileges via a long environmental variable. | ||||
| CVE-2000-0795 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| Buffer overflow in lpstat in IRIX 6.2 and 6.3 allows local users to gain root privileges via a long -n option. | ||||
| CVE-2001-0140 | 3 Immunix, Mandrakesoft, Redhat | 3 Immunix, Mandrake Linux, Linux | 2026-04-16 | N/A |
| arpwatch 2.1a4 allows local users to overwrite arbitrary files via a symlink attack in some configurations. | ||||
| CVE-2006-3532 | 1 Pivot | 1 Pivot | 2026-04-16 | N/A |
| PHP file inclusion vulnerability in includes/edit_new.php in Pivot 1.30 RC2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a FTP URL or full file path in the Paths[extensions_path] parameter. | ||||
| CVE-2006-3533 | 1 Pivot | 1 Pivot | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Pivot 1.30 RC2 and earlier, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) fg, (2) line1, (3) line2, (4) bg, (5) c1, (6) c2, (7) c3, and (8) c4 parameters in (a) includes/blogroll.php; (9) name and (10) js_name parameters in (b) includes/editor/edit_menu.php; and, even if register_globals is not enabled, the (11) h and (12) w parameters in (c) includes/photo.php. | ||||
| CVE-2006-3880 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2026-04-16 | N/A |
| Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Small Business Server 2003 allow remote attackers to cause a denial of service (IP stack hang) via a continuous stream of packets on TCP port 135 that have incorrect TCP header checksums and random numbers in certain TCP header fields, as demonstrated by the Achilles Windows Attack Tool. NOTE: the researcher reports that the Microsoft Security Response Center has stated "Our investigation which has included code review, review of the TCPDump, and attempts on reproing the issue on multiple fresh installs of various Windows Operating Systems have all resulted in non confirmation. | ||||
| CVE-2006-3534 | 1 Nullsoft | 1 Shoutcast Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Nullsoft SHOUTcast DSP before 1.9.6 filters directory traversal sequences before decoding, which allows remote attackers to read arbitrary files via encoded dot dot (%2E%2E) sequences in an HTTP GET request for a file path containing "/content". | ||||
| CVE-1999-0527 | 2026-04-16 | N/A | ||
| The permissions for system-critical data in an anonymous FTP account are inappropriate. For example, the root directory is writeable by world, a real password file is obtainable, or executable commands such as "ls" can be overwritten. | ||||