Search

Expected end of text, found ',' (at char 31), (line:1, col:32)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (345023 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2004-0787 1 Openca 1 Openca 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the web frontend in OpenCA 0.9.1-8 and earlier, and 0.9.2 RC6 and earlier, allows remote attackers to inject arbitrary web script or HTML via the form input fields.
CVE-1999-0283 2026-04-16 N/A
The Java Web Server would allow remote users to obtain the source code for CGI programs.
CVE-1999-0284 2 Ibm, Microsoft 2 Lotus Domino Mail Server, Exchange Server 2026-04-16 N/A
Denial of service to NT mail servers including Ipswitch, Mdaemon, and Exchange through a buffer overflow in the SMTP HELO command.
CVE-1999-0285 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Denial of service in telnet from the Windows NT Resource Kit, by opening then immediately closing a connection.
CVE-1999-0286 2026-04-16 N/A
In some NT web servers, appending a space at the end of a URL may allow attackers to read source code for active pages.
CVE-1999-0287 1 Webcom 1 Cgi Guestbook 2026-04-16 N/A
Vulnerability in the Wguest CGI program.
CVE-1999-1240 1 Gracenote 1 Cddbd 2026-04-16 N/A
Buffer overflow in cddbd CD database server allows remote attackers to execute arbitrary commands via a long log message.
CVE-2000-0759 1 Apache 1 Tomcat 2026-04-16 N/A
Jakarta Tomcat 3.1 under Apache reveals physical path information when a remote attacker requests a URL that does not exist, which generates an error message that includes the physical path.
CVE-2000-0760 1 Apache 1 Tomcat 2026-04-16 N/A
The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension.
CVE-1999-0288 1 Microsoft 1 Windows Nt 2026-04-16 N/A
The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service (process termination) via invalid UDP frames to port 137 (NETBIOS Name Service), as demonstrated via a flood of random packets.
CVE-1999-0289 2 Apache, Microsoft 2 Http Server, Windows 2026-04-16 N/A
The Apache web server for Win32 may provide access to restricted files when a . (dot) is appended to a requested URL.
CVE-1999-0291 1 Qbik 1 Wingate 2026-04-16 N/A
The WinGate proxy is installed without a password, which allows remote attackers to redirect connections without authentication.
CVE-1999-0292 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Denial of service through Winpopup using large user names.
CVE-1999-1250 1 Blue World Communications 1 Lasso Cgi 2026-04-16 N/A
Vulnerability in CGI program in the Lasso application by Blue World, as used on WebSTAR and other servers, allows remote attackers to read arbitrary files.
CVE-1999-0293 1 Cisco 1 Ios 2026-04-16 N/A
AAA authentication on Cisco systems allows attackers to execute commands without authorization.
CVE-1999-0294 1 Microsoft 1 Wins 2026-04-16 N/A
All records in a WINS database can be deleted through SNMP for a denial of service.
CVE-2000-0761 1 Ibm 1 Os2 Ftp Server 2026-04-16 N/A
OS2/Warp 4.5 FTP server allows remote attackers to cause a denial of service via a long username.
CVE-1999-0295 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Solaris sysdef command allows local users to read kernel memory, potentially leading to root privileges.
CVE-1999-0296 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Solaris volrmmount program allows attackers to read any file.
CVE-1999-1254 1 Microsoft 3 Windows 95, Windows 98, Windows Nt 2026-04-16 N/A
Windows 95, 98, and NT 4.0 allow remote attackers to cause a denial of service by spoofing ICMP redirect messages from a router, which causes Windows to change its routing tables.