Export limit exceeded: 345038 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 345038 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345038 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-2790 | 1 Sun | 1 Storage Automated Diagnostic Environment | 2026-04-16 | N/A |
| A package component in Sun Storage Automated Diagnostic Environment (StorADE) 2.4 uses world-writable permissions for certain critical files and directories, which allows local users to gain privileges. | ||||
| CVE-2006-2795 | 1 Xiti | 1 Xiti Tracking Script | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in XiTi Tracking Script 6 and 7 RC allow remote attackers to inject arbitrary web script or HTML via (1) the xtref parameter in xiti.js and (2) an HTTP Referer header field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-2803 | 1 Deltascripts | 1 Php Manualmaker | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PHP ManualMaker 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) id parameter to index.php, (2) search field (possibly the s parameter), or (3) comment field. | ||||
| CVE-2006-2958 | 1 Filzip | 1 Filzip | 2026-04-16 | N/A |
| Directory traversal vulnerability in FilZip 3.05 allows remote attackers to write arbitrary files via a .. (dot dot) in a (1) .rar, (2) .tar, (3) .jar, or (4) .gz file. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-1999-0856 | 1 Slackware | 1 Slackware Linux | 2026-04-16 | N/A |
| login in Slackware 7.0 allows remote attackers to identify valid users on the system by reporting an encryption error when an account is locked or does not exist. | ||||
| CVE-1999-0857 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| FreeBSD gdc program allows local users to modify files via a symlink attack. | ||||
| CVE-1999-0881 | 1 Blueface | 1 Falcon Web Server | 2026-04-16 | N/A |
| Falcon web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. | ||||
| CVE-2000-0477 | 1 Symantec | 1 Norton Antivirus | 2026-04-16 | N/A |
| Buffer overflow in Norton Antivirus for Exchange (NavExchange) allows remote attackers to cause a denial of service via a .zip file that contains long file names. | ||||
| CVE-2006-2959 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2026-04-16 | N/A |
| SQL injection vulnerability in inc_header.asp in Snitz Forum 3.4.05 and earlier allows remote attackers to execute arbitrary SQL commands via the %strCookieURL%.GROUP parameter in a cookie. | ||||
| CVE-1999-0859 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly. | ||||
| CVE-1999-0882 | 1 Falcon | 1 Falcon Web Server | 2026-04-16 | N/A |
| Falcon web server allows remote attackers to determine the absolute path of the web root via long file names. | ||||
| CVE-1999-0860 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental variable and a symlink attack. | ||||
| CVE-1999-0862 | 1 Postgresql | 1 Postgresql | 2026-04-16 | N/A |
| Insecure directory permissions in RPM distribution for PostgreSQL allows local users to gain privileges by reading a plaintext password file. | ||||
| CVE-1999-0883 | 1 Zeus Technologies | 1 Zeus Web Server | 2026-04-16 | N/A |
| Zeus web server allows remote attackers to read arbitrary files by specifying the file name in an option to the search engine. | ||||
| CVE-2006-2960 | 1 Joomla | 1 Joomla | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in includes/joomla.php in Joomla! 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the includepath parameter. | ||||
| CVE-1999-0863 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| Buffer overflow in FreeBSD seyon via HOME environmental variable, -emulator argument, -modems argument, or the GUI. | ||||
| CVE-2006-2851 | 1 Dotproject | 1 Dotproject | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in dotProject 2.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, which are not properly handled when the client is using Internet Explorer. | ||||
| CVE-1999-0864 | 1 Sco | 1 Unixware | 2026-04-16 | N/A |
| UnixWare programs that dump core allow a local user to modify files via a symlink attack on the ./core.pid file. | ||||
| CVE-2006-2858 | 1 Locazo | 1 Locazolist Classifieds | 2026-04-16 | N/A |
| SQL injection vulnerability in viewmsg.asp in LocazoList Classifieds 1.05e allows remote attackers to execute arbitrary SQL commands via the msgid parameter. | ||||
| CVE-1999-0865 | 1 Stalker | 1 Communigate Pro | 2026-04-16 | N/A |
| Buffer overflow in CommuniGatePro via a long string to the HTTP configuration port. | ||||