Export limit exceeded: 349412 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (349412 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0212 | 1 His | 1 Auktion | 2026-04-16 | N/A |
| Directory traversal vulnerability in HIS Auktion 1.62 allows remote attackers to read arbitrary files via a .. (dot dot) in the menue parameter, and possibly execute commands via shell metacharacters. | ||||
| CVE-2006-3347 | 1 Devilz Clanportal | 1 Devilz Clanportal | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in deV!Lz Clanportal DZCP 1.3.4 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2006-3348 | 1 Swsoft | 1 Hspcomplete | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in HSPcomplete 3.2.2 and 3.3 Beta and earlier allow remote attackers to execute arbitrary SQL commands via the (1) type parameter in report.php and (2) level parameter in custom_buttons.php. | ||||
| CVE-1999-0394 | 2026-04-16 | N/A | ||
| DPEC Online Courseware allows an attacker to change another user's password without knowing the original password. | ||||
| CVE-2006-3349 | 1 Sms Script | 1 Sms Script | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in SmS Script allow remote attackers to execute arbitrary SQL commands via the CatID parameter in (1) cat.php and (2) add.php. | ||||
| CVE-2005-1329 | 1 Oneworldstore | 1 Oneworldstore | 2026-04-16 | N/A |
| owOfflineCC.asp in OneWorldStore allows remote attackers to obtain sensitive information by modifying the idOrder parameter. | ||||
| CVE-1999-0395 | 1 Backweb Technologies | 1 Backweb Polite Agent Protocol | 2026-04-16 | N/A |
| A race condition in the BackWeb Polite Agent Protocol allows an attacker to spoof a BackWeb server. | ||||
| CVE-1999-0396 | 2 Netbsd, Openbsd | 2 Netbsd, Openbsd | 2026-04-16 | N/A |
| A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service. | ||||
| CVE-2000-0777 | 1 Microsoft | 1 Money | 2026-04-16 | N/A |
| The password protection feature of Microsoft Money can store the password in plaintext, which allows attackers with physical access to the system to obtain the password, aka the "Money Password" vulnerability. | ||||
| CVE-2006-3350 | 1 Cimmetry Systems | 1 Autovue Solidmodel Professional | 2026-04-16 | N/A |
| Stack-based buffer overflow in AutoVue SolidModel Professional Desktop Edition 19.1 Build 5993 allows user-assisted remote attackers to execute arbitrary code via a long filename in a (1) ARJ, (2) RAR, or (3) ZIP archive. | ||||
| CVE-2006-3351 | 1 Microsoft | 2 Windows 2003 Server, Windows Xp | 2026-04-16 | N/A |
| Buffer overflow in Windows Explorer (explorer.exe) on Windows XP and 2003 allows user-assisted attackers to cause a denial of service (repeated crash) and possibly execute arbitrary code via a .url file with an InternetShortcut tag containing a long URL and a large number of "file:" specifiers. | ||||
| CVE-1999-0397 | 2026-04-16 | N/A | ||
| The demo version of the Quakenbush NT Password Appraiser sends passwords across the network in plaintext. | ||||
| CVE-1999-0400 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| Denial of service in Linux 2.2.0 running the ldd command on a core file. | ||||
| CVE-1999-1411 | 1 Debian | 1 Debian Linux | 2026-04-16 | N/A |
| The installation of the fsp package 2.71-10 in Debian GNU/Linux 2.0 adds the anonymous FTP user without notifying the administrator, which could automatically enable anonymous FTP on some servers such as wu-ftp. | ||||
| CVE-2000-1131 | 1 Bill Kendrick | 1 Gbook.cgi | 2026-04-16 | N/A |
| Bill Kendrick web site guestbook (GBook) allows remote attackers to execute arbitrary commands via shell metacharacters in the _MAILTO form variable. | ||||
| CVE-1999-0401 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| A race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files. | ||||
| CVE-1999-0402 | 1 Gnu | 1 Wget | 2026-04-16 | N/A |
| wget 1.5.3 follows symlinks to change permissions of the target file instead of the symlink itself. | ||||
| CVE-1999-0403 | 1 Cyrix | 1 Linux | 2026-04-16 | N/A |
| A bug in Cyrix CPUs on Linux allows local users to perform a denial of service. | ||||
| CVE-1999-1429 | 1 Dit | 1 Transferpro | 2026-04-16 | N/A |
| DIT TransferPro installs devices with world-readable and world-writable permissions, which could allow local users to damage disks through the ff device driver. | ||||
| CVE-1999-0404 | 1 Smartmax Software | 1 Mailmax | 2026-04-16 | N/A |
| Buffer overflow in the Mail-Max SMTP server for Windows systems allows remote command execution. | ||||