Export limit exceeded: 345031 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345031 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-0534 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-04-16 | N/A |
| A Windows NT user has inappropriate rights or privileges, e.g. Act as System, Add Workstation, Backup, Change System Time, Create Pagefile, Create Permanent Object, Create Token Name, Debug, Generate Security Audit, Increase Priority, Increase Quota, Load Driver, Lock Memory, Profile Single Process, Remote Shutdown, Replace Process Token, Restore, System Environment, Take Ownership, or Unsolicited Input. | ||||
| CVE-2001-0318 | 1 Proftpd Project | 1 Proftpd | 2026-04-16 | N/A |
| Format string vulnerability in ProFTPD 1.2.0rc2 may allow attackers to execute arbitrary commands by shutting down the FTP server while using a malformed working directory (cwd). | ||||
| CVE-2001-1156 | 1 Typsoft | 1 Typsoft Ftp Server | 2026-04-16 | N/A |
| TYPSoft FTP 0.95 allows remote attackers to cause a denial of service (CPU consumption) via a "../../*" argument to (1) STOR or (2) RETR. | ||||
| CVE-2001-1423 | 1 Advanced Poll | 1 Advanced Poll | 2026-04-16 | N/A |
| Advanced Poll before 1.61, when using a flat file database, allows remote attackers to gain privileges by setting the logged_in parameter. | ||||
| CVE-2001-0023 | 1 Leif M. Wright | 1 Everythingform.cgi | 2026-04-16 | N/A |
| everythingform.cgi CGI program by Leif Wright allows remote attackers to execute arbitrary commands via shell metacharacters in the config parameter. | ||||
| CVE-2001-1209 | 1 Abe Timmerman | 1 Zml.cgi | 2026-04-16 | N/A |
| Directory traversal vulnerability in zml.cgi allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | ||||
| CVE-2001-1504 | 1 Ibm | 1 Lotus Notes | 2026-04-16 | N/A |
| Lotus Notes R5 Client 4.6 allows remote attackers to execute arbitrary commands via a Lotus Notes object with code in an event, which is automatically executed when the user processes the e-mail message. | ||||
| CVE-2002-0050 | 1 Microsoft | 1 Commerce Server | 2026-04-16 | N/A |
| Buffer overflow in AuthFilter ISAPI filter on Microsoft Commerce Server 2000 allows remote attackers to execute arbitrary code via long authentication data. | ||||
| CVE-2002-0145 | 1 Scott Parish | 1 Chuid | 2026-04-16 | N/A |
| chuid 1.2 and earlier does not properly verify the ownership of files that will be changed, which allows remote attackers to change files owned by other users, such as root. | ||||
| CVE-2001-0024 | 1 Leif M. Wright | 1 Simplestmail.cgi | 2026-04-16 | N/A |
| simplestmail.cgi CGI program by Leif Wright allows remote attackers to execute arbitrary commands via shell metacharacters in the MyEmail parameter. | ||||
| CVE-2001-1424 | 1 Alcatel | 1 Speed Touch Home | 2026-04-16 | N/A |
| Alcatel Speed Touch ADSL modem running firmware KHDSAA.108, KHDSAA.132, KHDSBA.133, and KHDSAA.134 has a blank default password, which allows remote attackers to gain unauthorized access. | ||||
| CVE-2001-1527 | 1 Easyscripts | 1 Easynews | 2026-04-16 | N/A |
| easyNews 1.5 and earlier stores administration passwords in cleartext in settings.php, which allows local users to obtain the passwords and gain access. | ||||
| CVE-2002-0276 | 1 Ettercap | 1 Ettercap | 2026-04-16 | N/A |
| Buffer overflow in various decoders in Ettercap 0.6.3.1 and earlier, when running on networks with an MTU greater than 2000, allows remote attackers to execute arbitrary code via large packets. | ||||
| CVE-2000-0051 | 1 Allaire | 1 Spectra | 2026-04-16 | N/A |
| The Allaire Spectra Configuration Wizard allows remote attackers to cause a denial of service by repeatedly resubmitting data collections for indexing via a URL. | ||||
| CVE-2006-3900 | 1 Tobias Kloy | 1 Tp-book | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in guestbook.php in TP-Book 1.00 and earlier allows remote attackers to inject arbitrary web script or HTML via the name parameter. | ||||
| CVE-2006-3547 | 1 Vmware | 1 Player | 2026-04-16 | 5.5 Medium |
| EMC VMware Player allows user-assisted attackers to cause a denial of service (unrecoverable application failure) via a long value of the ide1:0.fileName parameter in the .vmx file of a virtual machine. NOTE: third parties have disputed this issue, saying that write access to the .vmx file enables other ways of stopping the virtual machine, so no privilege boundaries are crossed | ||||
| CVE-2006-3548 | 1 Horde | 1 Horde | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Horde Application Framework 3.0.0 through 3.0.10 and 3.1.0 through 3.1.1 allow remote attackers to inject arbitrary web script or HTML via a (1) javascript URI or an external (2) http, (3) https, or (4) ftp URI in the url parameter in services/go.php (aka the dereferrer), (5) a javascript URI in the module parameter in services/help (aka the help viewer), and (6) the name parameter in services/problem.php (aka the problem reporting screen). | ||||
| CVE-2006-3901 | 1 Tumbleweed | 1 Mailgate Email Firewall | 2026-04-16 | N/A |
| Multiple stack-based buffer overflows in Tumbleweed Email Firewall (EMF) allow remote attackers to execute arbitrary code via an email attachment with an LHA archive that contains a (1) file or (2) directory with a long LHA extended header, (3) an LHA archive in which the "temporary pathname" field for decompressed output is greater than 2 bytes, or (4) an LHA archive with a long filename. | ||||
| CVE-1999-0535 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-04-16 | N/A |
| A Windows NT account policy for passwords has inappropriate, security-critical settings, e.g. for password length, password age, or uniqueness. | ||||
| CVE-2006-3902 | 1 Phpfaber | 1 Topsites | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in phpFaber TopSites 2.0.9 allows remote attackers to inject arbitrary web script or HTML via the i_cat parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||