Export limit exceeded: 346615 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346615 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-1091 | 1 Netbsd | 1 Netbsd | 2026-04-16 | N/A |
| The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges, which could allow local users to gain privileges via the RCMD_CMD environment variable. | ||||
| CVE-2001-1104 | 1 Sonicwall | 2 Soho, Soho Firmware | 2026-04-16 | N/A |
| SonicWALL SOHO uses easily predictable TCP sequence numbers, which allows remote attackers to spoof or hijack sessions. | ||||
| CVE-2006-3663 | 1 Finjan | 1 Vital Security | 2026-04-16 | N/A |
| Finjan Vital Security Appliance 5100/8100 NG 8.3.5 stores passwords in plaintext in a backup file, which allows local users to gain privileges. NOTE: the vendor has notified CVE that this issue was fixed in 8.3.6. | ||||
| CVE-1999-0687 | 4 Cde, Digital, Ibm and 1 more | 5 Cde, Unix, Aix and 2 more | 2026-04-16 | N/A |
| The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands. | ||||
| CVE-2000-0201 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| The window.showHelp() method in Internet Explorer 5.x does not restrict HTML help files (.chm) to be executed from the local host, which allows remote attackers to execute arbitrary commands via Microsoft Networking. | ||||
| CVE-2000-0828 | 1 Mobius | 1 Documentdirect For The Internet | 2026-04-16 | N/A |
| Buffer overflow in ddicgi.exe in Mobius DocumentDirect for the Internet 1.2 allows remote attackers to execute arbitrary commands via a long User-Agent parameter. | ||||
| CVE-2001-1103 | 1 Rhinosoft | 1 Ftp Voyager | 2026-04-16 | N/A |
| FTP Voyager ActiveX control before 8.0, when it is marked as safe for scripting (the default) or if allowed by the IObjectSafety interface, allows remote attackers to execute arbitrary commands. | ||||
| CVE-2006-3632 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2026-04-16 | N/A |
| Buffer overflow in Wireshark (aka Ethereal) 0.8.16 to 0.99.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the NFS dissector. | ||||
| CVE-1999-1501 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| (1) ipxchk and (2) ipxlink in SGI OS2 IRIX 6.3 does not properly clear the IFS environmental variable before executing system calls, which allows local users to execute arbitrary commands. | ||||
| CVE-1999-1484 | 1 Microsoft | 1 Msn Setup Bulletin Board Services | 2026-04-16 | N/A |
| Buffer overflow in MSN Setup BBS 4.71.0.10 ActiveX control (setupbbs.ocx) allows a remote attacker to execute arbitrary commands via the methods (1) vAddNewsServer or (2) bIsNewsServerConfigured. | ||||
| CVE-1999-1456 | 1 Thttpd | 1 Thttpd Http Server | 2026-04-16 | N/A |
| thttpd HTTP server 2.03 and earlier allows remote attackers to read arbitrary files via a GET request with more than one leading / (slash) character in the filename. | ||||
| CVE-1999-1445 | 1 Slackware | 1 Slackware Linux | 2026-04-16 | N/A |
| Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadowing enabled, and possibly other operating systems, allows remote attackers to cause a core dump via a short sequence of USER and PASS commands that do not provide valid usernames or passwords. | ||||
| CVE-2006-3573 | 1 Milan Mimica | 1 Sparklet | 2026-04-16 | N/A |
| Format string vulnerability in the WriteText function in agl_text.cpp in Milan Mimica Sparklet 0.9.4 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a player nickname. | ||||
| CVE-1999-0576 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| A Windows NT system's file audit policy does not log an event success or failure for security-critical files or directories. | ||||
| CVE-1999-0577 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| A Windows NT system's file audit policy does not log an event success or failure for non-critical files or directories. | ||||
| CVE-2006-3915 | 1 Microsoft | 2 Internet Explorer, Windows Xp | 2026-04-16 | N/A |
| Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by iterating over any native function, as demonstrated with the window.alert function, which triggers a null dereference. | ||||
| CVE-1999-0578 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| A Windows NT system's registry audit policy does not log an event success or failure for security-critical registry keys. | ||||
| CVE-2006-3916 | 1 Solucija | 1 Snews | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in snews.php in sNews (aka Solucija News) 1.4 allows remote attackers to inject arbitrary web script or HTML via the search_query parameter. | ||||
| CVE-1999-0579 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| A Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys. | ||||
| CVE-2006-3917 | 1 R. Corson | 1 Php Forge | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in inc/gabarits.php in R. Corson PHP Forge 3 beta 2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cfg_racine parameter. | ||||