Export limit exceeded: 345014 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345014 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-3618 | 1 Pixelated By Lev | 1 Pixelated By Lev Guestbook | 2026-04-16 | N/A |
| SQL injection vulnerability in pblguestbook.php in Pixelated By Lev (PBL) Guestbook 1.32 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) name, (2) email, (3) website, (4) comments, (5) rate, and (6) private parameters. | ||||
| CVE-1999-0661 | 2026-04-16 | N/A | ||
| A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail 8.12.6. | ||||
| CVE-2000-0141 | 1 Infopop | 1 Ultimate Bulletin Board | 2026-04-16 | N/A |
| Infopop Ultimate Bulletin Board (UBB) allows remote attackers to execute commands via shell metacharacters in the topic hidden field. | ||||
| CVE-2000-0824 | 1 Gnu | 1 Glibc | 2026-04-16 | N/A |
| The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LD_PRELOAD or LD_LIBRARY_PATH. | ||||
| CVE-2006-3619 | 2 Fastjar, Redhat | 2 Fastjar, Enterprise Linux | 2026-04-16 | N/A |
| Directory traversal vulnerability in FastJar 0.93, as used in Gnu GCC 4.1.1 and earlier, and 3.4.6 and earlier, allows user-assisted attackers to overwrite arbitrary files via a .jar file containing filenames with "../" sequences. | ||||
| CVE-2006-3620 | 1 Dream4 | 1 Koobi Pro | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the showtopic module in Koobi Pro CMS 5.6 allows remote attackers to inject arbitrary web script or HTML via the toid parameter. | ||||
| CVE-2006-3621 | 1 Dream4 | 1 Koobi Pro | 2026-04-16 | N/A |
| SQL injection vulnerability in the showtopic module in Koobi Pro CMS 5.6 allows remote attackers to execute arbitrary SQL commands via the toid parameter. | ||||
| CVE-1999-0662 | 2026-04-16 | N/A | ||
| A system-critical program or library does not have the appropriate patch, hotfix, or service pack installed, or is outdated or obsolete. | ||||
| CVE-2006-3622 | 1 Dream4 | 1 Koobi Pro | 2026-04-16 | N/A |
| The showtopic module in Koobi Pro CMS 5.6 allows remote attackers to obtain sensitive information via a ' (single quote) in the p parameter, which displays the path in an error message. NOTE: it is not clear whether this is SQL injection or a forced SQL error. | ||||
| CVE-1999-0663 | 2026-04-16 | N/A | ||
| A system-critical program, library, or file has a checksum or other integrity measurement that indicates that it has been modified. | ||||
| CVE-1999-0449 | 1 Microsoft | 1 Internet Information Server | 2026-04-16 | N/A |
| The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3) search.asp scripts. | ||||
| CVE-2006-3623 | 1 Mcafee | 1 Epolicy Orchestrator Agent | 2026-04-16 | N/A |
| Directory traversal vulnerability in Framework Service component in McAfee ePolicy Orchestrator agent 3.5.0.x and earlier allows remote attackers to create arbitrary files via a .. (dot dot) in the directory and filename in a PropsResponse (PackageType) request. | ||||
| CVE-1999-0668 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| The scriptlet.typelib ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy. | ||||
| CVE-1999-0670 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Buffer overflow in the Eyedog ActiveX control allows a remote attacker to execute arbitrary commands. | ||||
| CVE-2006-3625 | 1 Flv | 1 Flv Player | 2026-04-16 | N/A |
| FLV Players 8 allows remote attackers to obtain sensitive information via (1) a direct request to paginate.php or (2) an invalid p parameter to player.php, which reveal the path in an error message. | ||||
| CVE-1999-1294 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Office Shortcut Bar (OSB) in Windows 3.51 enables backup and restore permissions, which are inherited by programs such as File Manager that are started from the Shortcut Bar, which could allow local users to read folders for which they do not have permission. | ||||
| CVE-1999-1511 | 1 Artisoft | 1 Xtramail | 2026-04-16 | N/A |
| Buffer overflows in Xtramail 1.11 allow attackers to cause a denial of service (crash) and possibly execute arbitrary commands via (1) a long PASS command in the POP3 service, (2) a long HELO command in the SMTP service, or (3) a long user name in the Control Service. | ||||
| CVE-1999-0673 | 1 Crear | 1 Almail32 | 2026-04-16 | N/A |
| Buffer overflow in ALMail32 POP3 client via From: or To: headers. | ||||
| CVE-2006-3626 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| Race condition in Linux kernel 2.6.17.4 and earlier allows local users to gain root privileges by using prctl with PR_SET_DUMPABLE in a way that causes /proc/self/environ to become setuid root. | ||||
| CVE-1999-1109 | 1 Sendmail | 1 Sendmail | 2026-04-16 | N/A |
| Sendmail before 8.10.0 allows remote attackers to cause a denial of service by sending a series of ETRN commands then disconnecting from the server, while Sendmail continues to process the commands after the connection has been terminated. | ||||