Export limit exceeded: 344940 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344940 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-4729 | 1 Vbzoom | 1 Vbzoom | 2026-04-16 | N/A |
| SQL injection vulnerability in show.php in VBZooM Forum allows remote attackers to execute arbitrary SQL commands via the SubjectID parameter. | ||||
| CVE-2006-4384 | 1 Apple | 1 Quicktime | 2026-04-16 | N/A |
| Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via the COLOR_64 chunk in a FLIC (FLC) movie. | ||||
| CVE-2005-1874 | 1 Evan Wagner | 1 Dzip | 2026-04-16 | N/A |
| Directory traversal vulnerability in Dzip before 2.9 allows remote attackers to create arbitrary files via a filename containing a .. (dot dot) in a .dz archive. | ||||
| CVE-2005-2210 | 1 Tonec Inc. | 1 Internet Download Manager | 2026-04-16 | N/A |
| Stack-based buffer overflow in Internet Download Manager 4.05 allows remote attackers to execute arbitrary code via a long URL. | ||||
| CVE-2006-3409 | 1 Tor | 1 Tor | 2026-04-16 | N/A |
| Integer overflow in Tor before 0.1.1.20 allows remote attackers to execute arbitrary code via crafted large inputs, which result in a buffer overflow when elements are added to smartlists. | ||||
| CVE-2006-3852 | 1 Phptoys | 1 Micro Guestbook | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Micro GuestBook allows remote attackers to execute arbitrary SQL commands via the (1) name or (2) comment ("text") fields. | ||||
| CVE-2006-3410 | 1 Tor | 1 Tor | 2026-04-16 | N/A |
| Tor before 0.1.1.20 creates "internal circuits" primarily consisting of nodes with "useful exit nodes," which allows remote attackers to conduct unspecified statistical attacks. | ||||
| CVE-2000-0118 | 2 Redhat, Sun | 3 Linux, Solaris, Sunos | 2026-04-16 | N/A |
| The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing. | ||||
| CVE-2006-3411 | 1 Tor | 1 Tor | 2026-04-16 | N/A |
| TLS handshakes in Tor before 0.1.1.20 generate public-private keys based on TLS context rather than the connection, which makes it easier for remote attackers to conduct brute force attacks on the encryption keys. | ||||
| CVE-2006-3878 | 1 Opsware | 1 Network Automation System | 2026-04-16 | N/A |
| Opsware Network Automation System (NAS) 6.0 installs /etc/init.d/mysql with insecure permissions, which allows local users to read the root password for the MySQL MAX database or gain privileges by modifying /etc/init.d/mysql. | ||||
| CVE-2006-3412 | 1 Tor | 1 Tor | 2026-04-16 | N/A |
| Tor before 0.1.1.20 does not sufficiently obey certain firewall options, which allows remote attackers to bypass intended access restrictions for dirservers, direct connections, or proxy servers. | ||||
| CVE-2000-1194 | 1 Argosoft | 1 Ftp Server | 2026-04-16 | N/A |
| Argosoft FRP server 1.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to the (1) USER or (2) CWD commands. | ||||
| CVE-2000-0192 | 1 Caldera | 1 Openlinux | 2026-04-16 | N/A |
| The default installation of Caldera OpenLinux 2.3 includes the CGI program rpm_query, which allows remote attackers to determine what packages are installed on the system. | ||||
| CVE-2006-3413 | 1 Tor | 1 Tor | 2026-04-16 | N/A |
| The privoxy configuration file in Tor before 0.1.1.20, when run on Apple OS X, logs all data via the "logfile", which allows attackers to obtain potentially sensitive information. | ||||
| CVE-1999-0466 | 1 Netbsd | 1 Netbsd | 2026-04-16 | N/A |
| The SVR4 /dev/wabi special device file in NetBSD 1.3.3 and earlier allows a local user to read or write arbitrary files on the disk associated with that device. | ||||
| CVE-2006-3414 | 1 Tor | 1 Tor | 2026-04-16 | N/A |
| Tor before 0.1.1.20 supports server descriptors that contain hostnames instead of IP addresses, which allows remote attackers to arbitrarily group users by providing preferential address resolution. | ||||
| CVE-2006-3415 | 1 Tor | 1 Tor | 2026-04-16 | N/A |
| Tor before 0.1.1.20 uses improper logic to validate the "OR" destination, which allows remote attackers to perform a man-in-the-middle (MITM) attack via unspecified vectors. | ||||
| CVE-2006-3879 | 1 Miod Vallat | 1 Mikmod | 2026-04-16 | N/A |
| Integer overflow in the loadChunk function in loaders/load_gt2.c in libmikmod in Mikmod Sound System 3.2.2 allows remote attackers to cause a denial of service via a GRAOUMF TRACKER (GT2) module file with a large (0xffffffff) comment length value in an XCOM chunk. | ||||
| CVE-2006-3416 | 1 Tor | 1 Tor | 2026-04-16 | N/A |
| Tor before 0.1.1.20 kills the circuit when it receives an unrecognized relay command, which causes network circuits to be disbanded. NOTE: while this item is listed under the "Security fixes" section of the developer changelog, the developer clarified on 20060707 that this is only a self-DoS. Therefore this issue should not be included in CVE | ||||
| CVE-1999-0467 | 1 Webcom | 1 Cgi Guestbook | 2026-04-16 | N/A |
| The Webcom CGI Guestbook programs wguest.exe and rguest.exe allow a remote attacker to read arbitrary files using the "template" parameter. | ||||