Export limit exceeded: 344900 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 344900 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344900 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-0529 | 1 Ca | 1 Messaging | 2026-04-16 | N/A |
| Computer Associates (CA) Message Queuing (CAM / CAFT) before 1.07 Build 220_16 and 1.11 Build 29_20, as used in multiple CA products, allows remote attackers to cause a denial of service via a crafted message to TCP port 4105. | ||||
| CVE-2006-0579 | 1 Mplayer | 1 Mplayer | 2026-04-16 | N/A |
| Multiple integer overflows in (1) the new_demux_packet function in demuxer.h and (2) the demux_asf_read_packet function in demux_asf.c in MPlayer 1.0pre7try2 and earlier allow remote attackers to execute arbitrary code via an ASF file with a large packet length value. NOTE: the provenance of this information is unknown; portions of the details are obtained from third party information. | ||||
| CVE-2006-4848 | 1 Hitweb | 1 Hitweb | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Brian Fraval Hitweb 3.0 allow remote attackers to execute arbitrary PHP code via a URL in the REP_CLASS parameter to (1) index.php, (2) arbo.php, (3) framepoint.php, (4) genpage.php, (5) lienvalider.php, (6) appreciation.php, (7) partenariat.php, (8) rechercher.php, (9) projet.php, (10) propoexample.php, (11) refererpoint.php, or (12) top50.php. NOTE: this issue has been disputed by a third party researcher, stating that REP_CLASS is initialized in an included file before being used | ||||
| CVE-2006-4862 | 1 Easypagecms | 1 Easypagecms | 2026-04-16 | N/A |
| SQL injection vulnerability in default.aspx in easypage allows remote attackers to execute arbitrary SQL commands via the srch parameter in the Search page. | ||||
| CVE-2006-4874 | 1 Jupiter Cms | 1 Jupiter Cms | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Jupiter CMS allow remote attackers to inject arbitrary web script or HTML via the (1) language[Admin name] and (2) language[Admin back] parameters in (a) modules/blocks.php; the (3) language[Register title] and (4) language[Register title2] parameters in (b) modules/register.php; the (5) language[Mass-Email form title], (6) language[Mass-Email form desc], (7) language[Mass-Email form desc2] (8) language[Mass-Email form desc3], and (9) language[Mass-Email form desc4] parameters in (c) modules/mass-email.php; the (10) language[Forgotten title], (11) language[Forgotten desc], (12) language[Forgotten desc2], (13) language[Forgotten desc3], (14) language[Forgotten desc4], and (15) language[Forgotten desc5] parameters in (d) modules/register.php; and the (16) language[Search view desc], (17) language[Search view desc2], (18) language[Search view desc3], (19) language[Search view desc4], (20) language[Search view desc5], (21) language[Search view desc6], (22) language[Search view desc7], and (23) language[Search view desc8] parameters in (e) modules/search.php. | ||||
| CVE-2001-1191 | 1 Ibm | 1 Tivoli Secureway Policy Director | 2026-04-16 | N/A |
| WebSeal in IBM Tivoli SecureWay Policy Director 3.8 allows remote attackers to cause a denial of service (crash) via a URL that ends in %2e. | ||||
| CVE-2001-1192 | 1 Citrix | 1 Ica Client | 2026-04-16 | N/A |
| Citrix Independent Computing Architecture (ICA) Client for Windows 6.1 allows remote malicious web sites to execute arbitrary code via a .ICA file, which is downloaded and automatically executed by the client. | ||||
| CVE-2001-1193 | 1 Khamil Landross And Zack Jones | 1 Eftp | 2026-04-16 | N/A |
| Directory traversal vulnerability in EFTP 2.0.8.346 allows local users to read directories via a ... (modified dot dot) in the CWD command. | ||||
| CVE-2001-1194 | 1 Zyxel | 2 Prestige 1600, Prestige 681 | 2026-04-16 | N/A |
| Zyxel Prestige 681 and 1600 SDSL Routers allow remote attackers to cause a denial of service via malformed packets with (1) an IP length less than actual packet size, or (2) fragmented packets whose size exceeds 64 kilobytes after reassembly. | ||||
| CVE-2001-1196 | 1 Webmin | 1 Webmin | 2026-04-16 | N/A |
| Directory traversal vulnerability in edit_action.cgi of Webmin Directory 0.91 allows attackers to gain privileges via a '..' (dot dot) in the argument. | ||||
| CVE-2001-1197 | 1 Kde | 1 Kdeutils | 2026-04-16 | N/A |
| klprfax_filter in KDE2 KDEUtils allows local users to overwrite arbitrary files via a symlink attack on the klprfax.filter temporary file. | ||||
| CVE-2001-1198 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbitrary files and gain privileges by specifying the target file in the -L option. | ||||
| CVE-2001-1199 | 1 Steve Kneizys | 1 Agora.cgi | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in agora.cgi for Agora 3.0a through 4.0g, when debug mode is enabled, allows remote attackers to execute Javascript on other clients via the cart_id parameter. | ||||
| CVE-2001-1200 | 1 Microsoft | 1 Windows Xp | 2026-04-16 | N/A |
| Microsoft Windows XP allows local users to bypass a locked screen and run certain programs that are associated with Hot Keys. | ||||
| CVE-2001-1202 | 1 Delegate | 1 Delegate | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in DeleGate 7.7.0 and 7.7.1 does not quote scripting commands within a "403 Forbidden" error page, which allows remote attackers to execute arbitrary Javascript on other clients via a URL that generates an error. | ||||
| CVE-2001-1203 | 1 Alessandro Rubini | 1 Gpm | 2026-04-16 | N/A |
| Format string vulnerability in gpm-root in gpm 1.17.8 through 1.17.18 allows local users to gain root privileges. | ||||
| CVE-2001-1204 | 1 Total Pc Solutions | 1 Php Rocket Add-in | 2026-04-16 | N/A |
| Directory traversal vulnerability in phprocketaddin in Total PC Solutions PHP Rocket Add-in for FrontPage 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. | ||||
| CVE-2002-0415 | 1 Realnetworks | 1 Realplayer | 2026-04-16 | N/A |
| Directory traversal vulnerability in the web server used in RealPlayer 6.0.7, and possibly other versions, may allow local users to read files that are accessible to RealPlayer via a .. (dot dot) in an HTTP GET request to port 1275. | ||||
| CVE-2001-1206 | 1 Matrixs Cgi Vault | 1 Last Lines | 2026-04-16 | N/A |
| Matrix CGI vault Last Lines 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the $error_log variable. | ||||
| CVE-2001-1210 | 1 Cisco | 3 Ubr920, Ubr924, Ubr925 | 2026-04-16 | N/A |
| Cisco ubr900 series routers that conform to the Data-over-Cable Service Interface Specifications (DOCSIS) standard must ship without SNMP access restrictions, which can allow remote attackers to read and write information to the MIB using arbitrary community strings. | ||||