Export limit exceeded: 345210 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345210 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-3246 | 1 Gl-sh | 1 Deaf Forum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in show.php in GL-SH Deaf Forum 6.4.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the sort parameter. | ||||
| CVE-2000-0731 | 1 Jeremy Arnold | 1 Worm Webserver | 2026-04-16 | N/A |
| Directory traversal vulnerability in Worm HTTP server allows remote attackers to read arbitrary files via a .. (dot dot) attack. | ||||
| CVE-2006-3247 | 1 Gl-sh | 1 Deaf Forum | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in show.php in GL-SH Deaf Forum 6.4.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) search, (2) page, and (3) action parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-1999-0131 | 8 Bsdi, Digital, Eric Allman and 5 more | 9 Bsd Os, Osf 1, Sendmail and 6 more | 2026-04-16 | N/A |
| Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users. | ||||
| CVE-1999-1124 | 1 Allaire | 1 Coldfusion | 2026-04-16 | N/A |
| HTTP Client application in ColdFusion allows remote attackers to bypass access restrictions for web pages on other ports by providing the target page to the mainframeset.cfm application, which requests the page from the server, making it look like the request is coming from the local host. | ||||
| CVE-2000-0733 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans user-injected format strings, which allows remote attackers to execute arbitrary commands via a long RLD variable in the IAC-SB-TELOPT_ENVIRON request. | ||||
| CVE-2006-1681 | 1 Cherokee | 1 Cherokee Httpd | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Cherokee HTTPD 0.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a malformed request that generates an HTTP 400 error, which is not properly handled when the error message is generated. | ||||
| CVE-1999-0132 | 2 Hp, Sun | 3 Hp-ux, Solaris, Sunos | 2026-04-16 | N/A |
| Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root access. | ||||
| CVE-1999-0133 | 1 Adobe | 1 Framemaker | 2026-04-16 | N/A |
| fm_fls license server for Adobe Framemaker allows local users to overwrite arbitrary files and gain root access. | ||||
| CVE-2000-0734 | 2 Eeye Digital Security, Spynet | 2 Iris, Capturenet | 2026-04-16 | N/A |
| eEye IRIS 1.01 beta allows remote attackers to cause a denial of service via a large number of UDP connections. | ||||
| CVE-1999-0134 | 1 Sun | 1 Sunos | 2026-04-16 | N/A |
| vold in Solaris 2.x allows local users to gain root access. | ||||
| CVE-1999-0135 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| admintool in Solaris allows a local user to write to arbitrary files and gain root access. | ||||
| CVE-1999-0136 | 1 Sun | 1 Sunos | 2026-04-16 | N/A |
| Kodak Color Management System (KCMS) on Solaris allows a local user to write to arbitrary files and gain root access. | ||||
| CVE-2001-1483 | 1 Nrl.navy | 1 One-time Passwords In Everything | 2026-04-16 | N/A |
| One-Time Passwords In Everything (a.k.a OPIE) 2.32 and 2.4 allows remote attackers to determine the existence of user accounts by printing random passphrases if the user account does not exist and static passphrases if the user account does exist. | ||||
| CVE-2006-3249 | 1 Phorum | 1 Phorum | 2026-04-16 | N/A |
| SQL injection vulnerability in search.php in Phorum 5.1.14 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter. NOTE: the vendor has disputed this report, stating "If a non positive integer or non-integer is used for the page parameter for a search URL, the search query will use a negative number for the LIMIT clause. This causes the query to break, showing no results. It IS NOT however a sql injection error." While the original report is from a researcher with mixed accuracy, as of 20060703, CVE does not have any additional information regarding this issue | ||||
| CVE-2002-1428 | 1 Dotproject | 1 Dotproject | 2026-04-16 | N/A |
| index.php in dotProject 0.2.1.5 allows remote attackers to bypass authentication via a cookie or URL with the user_cookie parameter set to 1. | ||||
| CVE-2006-3250 | 1 Microsoft | 1 Windows Live Messenger | 2026-04-16 | N/A |
| Heap-based buffer overflow in Windows Live Messenger 8.0 allows user-assisted attackers to execute arbitrary code via a crafted Contact List (.ctt) file, which triggers the overflow when it is imported by the user. | ||||
| CVE-1999-0137 | 1 Fred N. Van Kempen | 1 Dip | 2026-04-16 | N/A |
| The dip program on many Linux systems allows local users to gain root access via a buffer overflow. | ||||
| CVE-2006-3251 | 1 Hashcash | 1 Hashcash | 2026-04-16 | N/A |
| Heap-based buffer overflow in the array_push function in hashcash.c for Hashcash before 1.21 might allow attackers to execute arbitrary code via crafted entries. | ||||
| CVE-2006-3252 | 1 Algorithmic Research | 1 Privatewire Gateway | 2026-04-16 | N/A |
| Buffer overflow in the Online Registration Facility for Algorithmic Research PrivateWire VPN software up to 3.7 allows remote attackers to execute arbitrary code via a long GET request. | ||||