Export limit exceeded: 345798 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345798 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-4855 | 1 Symantec | 7 Client Security, Host Ids, Norton Antivirus and 4 more | 2026-04-16 | N/A |
| The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, and 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0, and 10.1, Symantec pcAnywhere 11.5 only, and Symantec Host, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data. | ||||
| CVE-2006-4881 | 1 David Bennett | 1 Php-post | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in David Bennett PHP-Post (PHPp) 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the replyuser parameter in (a) pm.php; (2) the txt_jumpto parameter in (b) dropdown.php; the (3) txt_error and (4) txt_templatenotexist parameters in (c) template.php; the (5) split parameter in certain files, as demonstrated by (d) editprofile.php, (e) search.php, (f) index.php, and (g) pm.php; and the (6) txt_login parameter in (h) loginline.php; and allow remote authenticated users to inject arbitrary web script or HTML via the (7) txt_logout parameter in (i) loginline.php. | ||||
| CVE-1999-0904 | 1 Byte Fusion | 1 Bftelnet | 2026-04-16 | N/A |
| Buffer overflow in BFTelnet allows remote attackers to cause a denial of service via a long username. | ||||
| CVE-2006-4910 | 1 Cisco | 2 Ids Sensor Software, Ips Sensor Software | 2026-04-16 | N/A |
| The web administration interface (mainApp) to Cisco IDS before 4.1(5c), and IPS 5.0 before 5.0(6p1) and 5.1 before 5.1(2) allows remote attackers to cause a denial of service (unresponsive device) via a crafted SSLv2 Client Hello packet. | ||||
| CVE-2006-4914 | 1 A.l-pifou | 1 A.l-pifou | 2026-04-16 | N/A |
| Directory traversal vulnerability in A.l-Pifou 1.8p2 allows remote attackers to read arbitrary files via ".." sequences in the ze_langue_02 cookie, as demonstrated by using the choix_lng parameter to choix_langue.php to indirectly set the cookie, then accessing livre_dor.php to trigger the inclusion from inc/change_lang_ck.php, possibly related to livre_livre.php. NOTE: the livre_livre.php relationship has been reported by some third party sources. | ||||
| CVE-2006-4919 | 1 Siteatschool | 1 Siteatschool | 2026-04-16 | N/A |
| Directory traversal vulnerability in starnet/editors/htmlarea/popups/images.php in Site@School (S@S) 2.4.02 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the dir parameter. | ||||
| CVE-1999-0905 | 1 Axent | 1 Raptor Firewall | 2026-04-16 | N/A |
| Denial of service in Axent Raptor firewall via malformed zero-length IP options. | ||||
| CVE-2006-4951 | 1 Neosys | 1 Neon Webmail | 2026-04-16 | N/A |
| Neon WebMail for Java before 5.08 allows remote attackers to execute arbitrary Java (JSP) code by sending an e-mail message with a JSP file attachment, which is stored under the web root with a predictable filename. | ||||
| CVE-2006-4967 | 1 Nextage | 1 Nextage Shopping Cart | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in NextAge Cart allow remote attackers to inject arbitrary web script or HTML via (1) the CatId parameter in a product category action in index.php or (2) the SearchWd parameter in an index search action in index.php. | ||||
| CVE-2006-4975 | 1 Yahoo | 1 Messenger | 2026-04-16 | N/A |
| Yahoo! Messenger for WAP permits saving messages that contain JavaScript, which allows user-assisted remote attackers to inject arbitrary web script or HTML via a URL at the online service. | ||||
| CVE-2006-4989 | 1 Patrick Michaelis | 1 Wili-cms | 2026-04-16 | N/A |
| Patrick Michaelis Wili-CMS allows remote attackers to obtain sensitive information via a direct request for (1) thumbnail.php, (2) functions/admin/all.php, (3) functions/admin/init_session.php, (4) functions/all.php, and (5) certain files in example-view/admin_templates/, which reveals the path in various error messages. | ||||
| CVE-1999-0906 | 1 Suse | 1 Suse Linux | 2026-04-16 | N/A |
| Buffer overflow in sccw allows local users to gain root access via the HOME environmental variable. | ||||
| CVE-1999-0907 | 1 Steven J. Merrifield | 1 Soundcard Cw | 2026-04-16 | N/A |
| sccw allows local users to read arbitrary files. | ||||
| CVE-2000-0543 | 1 Pgp | 1 Certificate Server | 2026-04-16 | N/A |
| The command port for PGP Certificate Server 2.5.0 and 2.5.1 allows remote attackers to cause a denial of service if their hostname does not have a reverse DNS entry and they connect to port 4000. | ||||
| CVE-1999-0910 | 1 Microsoft | 3 Commercial Internet System, Site Server, Site Server Commerce | 2026-04-16 | N/A |
| Microsoft Site Server and Commercial Internet System (MCIS) do not set an expiration for a cookie, which could then be cached by a proxy and inadvertently used by a different user. | ||||
| CVE-1999-0911 | 1 Proftpd Project | 1 Proftpd | 2026-04-16 | N/A |
| Buffer overflow in ProFTPD, wu-ftpd, and beroftpd allows remote attackers to gain root access via a series of MKD and CWD commands that create nested directories. | ||||
| CVE-1999-0912 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| FreeBSD VFS cache (vfs_cache) allows local users to cause a denial of service by opening a large number of files. | ||||
| CVE-1999-0913 | 1 Network Security Wizards | 1 Dragon-fire Ids | 2026-04-16 | N/A |
| dfire.cgi script in Dragon-Fire IDS allows remote users to execute commands via shell metacharacters. | ||||
| CVE-1999-0914 | 1 Debian | 1 Debian Linux | 2026-04-16 | N/A |
| Buffer overflow in the FTP client in the Debian GNU/Linux netstd package. | ||||
| CVE-1999-0916 | 1 Webtrends | 5 Webtrends Enterprise Suite, Webtrends For Firewalls, Webtrends Log Analyzer and 2 more | 2026-04-16 | N/A |
| WebTrends software stores account names and passwords in a file which does not have restricted access permissions. | ||||