Export limit exceeded: 348802 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 348802 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (348802 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-2857 | 1 Lifetype | 1 Lifetype | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in LifeType 1.0.4 allows remote attackers to execute arbitrary SQL commands via the articleId parameter in a ViewArticle action (viewarticleaction.class.php). | ||||
| CVE-2006-3087 | 1 Ezgallery | 1 Ezgallery | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in EZGallery 1.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) pUserID, (2) aid, (3) aname, (4) uid, and (5) m parameter in (a) common/galleries.asp; (6) aid, (7) aname, (8) uid, (9) m, (10) gp, and (11) g parameter in (b) common/pupload.asp; and (12) msg, (13) fn and (14) gp parameter in (c) common/upload.asp. | ||||
| CVE-2006-3088 | 1 Cescripts | 1 Car Classifieds | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Car Classifieds allows remote attackers to inject arbitrary web script or HTML via the make_id parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2005-0195 | 1 Cisco | 1 Ios | 2026-04-16 | N/A |
| Cisco IOS 12.0S through 12.3YH allows remote attackers to cause a denial of service (device restart) via a crafted IPv6 packet. | ||||
| CVE-2005-0884 | 1 Digitalhive | 1 Digitalhive | 2026-04-16 | N/A |
| DigitalHive 2.0 allows remote attackers to re-install the product by directly accessing the install script. | ||||
| CVE-2006-2859 | 1 Mywebland | 1 Mybloggie | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in MyBloggie 2.1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mybloggie_root_path parameter to (1) admin.php or (2) scode.php. NOTE: this issue has been disputed in multiple third party followups, which say that the MyBloggie source code does not demonstrate the issue, so it might be the result of another module. CVE analysis as of 20060605 agrees with the dispute. In addition, scode.php is not part of the MyBloggie distribution | ||||
| CVE-2006-2861 | 1 Particle Soft | 1 Particle Wiki | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in Particle Wiki 1.0.2 and earlier allows remote attackers to execute arbitrary SQL commands via the version parameter. | ||||
| CVE-2006-2862 | 1 Particle Soft | 1 Particle Gallery | 2026-04-16 | N/A |
| SQL injection vulnerability in viewimage.php in Particle Gallery 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the imageid parameter. | ||||
| CVE-2005-1408 | 1 Apple | 1 Keynote | 2026-04-16 | N/A |
| Apple Keynote 2.0 and 2.0.1 allows remote attackers to read arbitrary files via the keynote: URI handler in a crafted Keynote presentation. | ||||
| CVE-2006-2863 | 1 Cs-cart | 1 Cs-cart | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in class.cs_phpmailer.php in CS-Cart 1.3.3 allows remote attackers to execute arbitrary PHP code via a URL in the classes_dir parameter. | ||||
| CVE-1999-0103 | 2026-04-16 | N/A | ||
| Echo and chargen, or other combinations of UDP services, can be used in tandem to flood the server, a.k.a. UDP bomb or UDP packet storm. | ||||
| CVE-2005-1411 | 1 Cybration | 1 Icuii | 2026-04-16 | N/A |
| Cybration ICUII 7.0 stores passwords in plaintext in the world-readable icuii.ini file, which allows local users to gain privileges. | ||||
| CVE-1999-0843 | 1 Cisco | 1 Router | 2026-04-16 | N/A |
| Denial of service in Cisco routers running NAT via a PORT command from an FTP client to a Telnet port. | ||||
| CVE-2003-1529 | 1 Seagull Software Systems | 1 J Walk Application Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Seagull Software Systems J Walk application server 3.2C9, and other versions before 3.3c4, allows remote attackers to read arbitrary files via a ".%252e" (encoded dot dot) in the URL. | ||||
| CVE-2004-0246 | 1 Laurent Adda | 1 Les Commentaires | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in (1) fonctions.lib.php, (2) derniers_commentaires.php, and (3) admin.php in Les Commentaires 2.0 allow remote attackers to execute arbitrary PHP code via the rep parameter. | ||||
| CVE-2004-2747 | 1 Pablo Software Solutions | 1 Quick N Easy Ftp Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Pablo Software Solutions Quick 'n Easy FTP Server 1.77, and possibly earlier versions, allows remote authenticated users to determine the existence of arbitrary files via a .. (dot dot) in the DEL command, which triggers different error messages depending on whether the file exists or not. | ||||
| CVE-1999-0125 | 3 Redhat, Sgi, Sun | 4 Linux, Irix, Solaris and 1 more | 2026-04-16 | N/A |
| Buffer overflow in SGI IRIX mailx program. | ||||
| CVE-1999-0667 | 1 Arp Protocol | 1 Arp Protocol | 2026-04-16 | N/A |
| The ARP protocol allows any host to spoof ARP replies and poison the ARP cache to conduct IP address spoofing or a denial of service. | ||||
| CVE-1999-1086 | 1 Novell | 1 Netware | 2026-04-16 | N/A |
| Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote attackers to gain administrator privileges by spoofing the MAC address in IPC fragmented packets that make NetWare Core Protocol (NCP) calls. | ||||
| CVE-1999-0871 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 4.0 and 4.01 allow a remote attacker to read files via IE's cross frame security, aka the "Cross Frame Navigate" vulnerability. | ||||