Export limit exceeded: 344908 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344908 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-0085 | 1 Microsoft | 1 Hotmail | 2026-04-16 | N/A |
| Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute code via the LOWSRC or DYNRC parameters in the IMG tag. | ||||
| CVE-2000-1193 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| Performance Metrics Collector Daemon (PMCD) in Performance Copilot in IRIX 6.x allows remote attackers to cause a denial of service (resource exhaustion) via an extremely long string to the PMCD port. | ||||
| CVE-2006-3396 | 1 Miro International | 1 Galleria | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in galleria.html.php in Galleria Mambo Module 1.0 and earlier for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| CVE-2006-3397 | 1 Pkr Internet | 1 Taskjitsu | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Taskjitsu before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via multiple unspecified parameters, including the (1) title and (2) description parameters when creating a task. | ||||
| CVE-1999-0455 | 1 Allaire | 1 Coldfusion Server | 2026-04-16 | N/A |
| The Expression Evaluator sample application in ColdFusion allows remote attackers to read or delete files on the server via exprcalc.cfm, which does not restrict access to the server properly. | ||||
| CVE-2000-0787 | 1 Xchat | 1 Xchat | 2026-04-16 | N/A |
| IRC Xchat client versions 1.4.2 and earlier allows remote attackers to execute arbitrary commands by encoding shell metacharacters into a URL which XChat uses to launch a web browser. | ||||
| CVE-1999-0458 | 1 L0pht | 1 L0phtcrack | 2026-04-16 | N/A |
| L0phtcrack 2.5 used temporary files in the system TEMP directory which could contain password information. | ||||
| CVE-2006-3399 | 1 Moniwiki | 1 Moniwiki | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in wiki.php in MoniWiki before 1.1.2-20060702 allows remote attackers to inject arbitrary Javascript via the URL, which is reflected back in an error message, a variant of CVE-2004-1632. | ||||
| CVE-1999-0459 | 2026-04-16 | N/A | ||
| Local users can perform a denial of service in Alpha Linux, using MILO to force a reboot. | ||||
| CVE-2000-0788 | 1 Microsoft | 2 Access, Word | 2026-04-16 | N/A |
| The Mail Merge tool in Microsoft Word does not prompt the user before executing Visual Basic (VBA) scripts in an Access database, which could allow an attacker to execute arbitrary commands. | ||||
| CVE-2005-1752 | 1 Gforge | 1 Gforge | 2026-04-16 | N/A |
| viewFile.php in the scm component of Gforge before 4.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the file_name parameter. | ||||
| CVE-2006-3400 | 2 Id Software, Raven Software | 2 Quake 3 Engine, Soldier Of Fortune 2 | 2026-04-16 | N/A |
| Stack-based buffer overflow in the CG_ServerCommand function in Quake 3 Engine as used by Soldier of Fortune 2 (SOF2MP) GOLD 1.03 allows remote attackers to cause a denial of service and possibly execute code by sending a long command from the server. | ||||
| CVE-2006-3401 | 1 Id Software | 1 Quake 3 Engine | 2026-04-16 | N/A |
| Stack-based buffer overflow in Quake 3 Engine as used by Quake 3: Arena 1.32b and 1.32c allows remote attackers to cause a denial of service and possibly execute code via long CS_ITEMS values. | ||||
| CVE-1999-0462 | 1 Suse | 1 Suse Linux | 2026-04-16 | N/A |
| suidperl in Linux Perl does not check the nosuid mount option on file systems, allowing local users to gain root access by placing a setuid script in a mountable file system, e.g. a CD-ROM or floppy disk. | ||||
| CVE-2000-0789 | 1 Bardon Data Systems | 1 Winu | 2026-04-16 | N/A |
| WinU 5.x and earlier uses weak encryption to store its configuration password, which allows local users to decrypt the password and gain privileges. | ||||
| CVE-2006-3402 | 1 Virtuastore | 1 Virtuastore | 2026-04-16 | N/A |
| SQL injection vulnerability in VirtuaStore 2.0 allows remote attackers to execute arbitrary SQL commands via the password parameter when logging in. | ||||
| CVE-1999-0463 | 1 L0pht | 1 L0phtcrack | 2026-04-16 | N/A |
| Remote attackers can perform a denial of service using IRIX fcagent. | ||||
| CVE-2006-3403 | 2 Redhat, Samba | 2 Enterprise Linux, Samba | 2026-04-16 | N/A |
| The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of share connection requests. | ||||
| CVE-2005-1820 | 1 Zeroboard | 1 Zeroboard | 2026-04-16 | N/A |
| zboard.php in Zeroboard version 4.1pl2 to 4.1pl5 allows remote attackers to execute arbitrary PHP code via improper quoting when using the preg_replace function. | ||||
| CVE-1999-0464 | 1 Tripwire | 1 Tripwire | 2026-04-16 | N/A |
| Local users can perform a denial of service in Tripwire 1.2 and earlier using long filenames. | ||||