Export limit exceeded: 345044 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345044 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-0568 | 1 Sun | 1 Solaris | 2026-04-16 | N/A |
| rpc.admind in Solaris is not running in a secure mode. | ||||
| CVE-2006-3909 | 1 Wired Community Software | 1 Wwwthreads | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in calendar.php in WWWthreads allows remote attackers to inject arbitrary web script or HTML via the week parameter. | ||||
| CVE-1999-0566 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| An attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities. | ||||
| CVE-1999-0562 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-04-16 | N/A |
| The registry in Windows NT can be accessed remotely by users who are not administrators. | ||||
| CVE-2001-0028 | 1 Igor Khasilev | 1 Oops Proxy Server | 2026-04-16 | N/A |
| Buffer overflow in the HTML parsing code in oops WWW proxy server 1.5.2 and earlier allows remote attackers to execute arbitrary commands via a large number of " (quotation) characters. | ||||
| CVE-2005-2967 | 1 Xine | 1 Xine-lib | 2026-04-16 | N/A |
| Format string vulnerability in input_cdda.c in xine-lib 1-beta through 1-beta 3, 1-rc, 1.0 through 1.0.2, and 1.1.1 allows remote servers to execute arbitrary code via format string specifiers in metadata in CDDB server responses when the victim plays a CD. | ||||
| CVE-2005-0963 | 1 Toshiba | 1 Acpi Flash Bios | 2026-04-16 | N/A |
| An error in the Toshiba ACPI BIOS 1.6 causes the BIOS to only examine the first slot in the Master Boot Record (MBR) table for an active partition, which prevents the system from booting even though the MBR is not malformed. NOTE: it has been debated as to whether or not this issue poses a security vulnerability, since administrative privileges would be required, and other DoS attacks are possible with such privileges. | ||||
| CVE-2006-0057 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to bypass the Kill bit settings for dangerous ActiveX controls via unknown vectors involving crafted HTML, which can expose the browser to attacks that would otherwise be prevented by the Kill bit setting. NOTE: CERT/CC claims that MS05-054 fixes this issue, but it is not described in MS05-054. | ||||
| CVE-2005-4584 | 1 Bzflag | 1 Bzflag Server | 2026-04-16 | N/A |
| BZFlag server 2.0.4 and earlier allows remote attackers to cause a denial of service (application crash) via a callsign that is not followed by a NULL (\0) character. | ||||
| CVE-2004-0583 | 3 Debian, Usermin, Webmin | 3 Debian Linux, Usermin, Webmin | 2026-04-16 | N/A |
| The account lockout functionality in (1) Webmin 1.140 and (2) Usermin 1.070 does not parse certain character strings, which allows remote attackers to conduct a brute force attack to guess user IDs and passwords. | ||||
| CVE-2004-0492 | 6 Apache, Hp, Ibm and 3 more | 8 Http Server, Virtualvault, Vvos and 5 more | 2026-04-16 | N/A |
| Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied. | ||||
| CVE-2002-2019 | 1 Oscommerce | 1 Oscommerce | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in include_once.php in osCommerce (a.k.a. Exchange Project) 2.1 allows remote attackers to execute arbitrary PHP code via the include_file parameter. | ||||
| CVE-2000-0693 | 1 Tech-source | 1 Raptor Gfx Pgx32 | 2026-04-16 | N/A |
| pgxconfig in the Raptor GFX configuration tool uses a relative path name for a system call to the "cp" program, which allows local users to execute arbitrary commands by modifying their path to point to an alternate "cp" program. | ||||
| CVE-2000-0494 | 1 Symantec Veritas | 1 Volume Manager | 2026-04-16 | N/A |
| Veritas Volume Manager creates a world writable .server_pids file, which allows local users to add arbitrary commands into the file, which is then executed by the vmsa_server script. | ||||
| CVE-1999-0681 | 1 Microsoft | 2 Frontpage, Personal Web Server | 2026-04-16 | N/A |
| Buffer overflow in Microsoft FrontPage Server Extensions (PWS) 3.0.2.926 on Windows 95, and possibly other versions, allows remote attackers to cause a denial of service via a long URL. | ||||
| CVE-2006-3563 | 1 Winged Gallery | 1 Winged Gallery | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in gallery/thumb.php in Winged Gallery 1.0 allows remote attackers to inject arbitrary web script or HTML via the image parameter. | ||||
| CVE-2006-3562 | 1 Plume-cms | 1 Plume Cms | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerabilities in plume cms 1.0.4 allow remote attackers to execute arbitrary PHP code via a URL in the _PX_config[manager_path] parameter to (1) index.php, (2) rss.php, or (3) search.php, a different set of vectors and versions than CVE-2006-2645 and CVE-2006-0725. | ||||
| CVE-2006-3561 | 1 Bt | 1 Voyager 2091 Wireless Adsl Router | 2026-04-16 | N/A |
| BT Voyager 2091 Wireless firmware 2.21.05.08m_A2pB018c1.d16d and earlier, and 3.01m and earlier, allow remote attackers to bypass the authentication process and gain sensitive information, such as configuration information via (1) /btvoyager_getconfig.sh, PPP credentials via (2) btvoyager_getpppcreds.sh, and decode configuration credentials via (3) btvoyager_decoder.c. | ||||
| CVE-1999-0561 | 2026-04-16 | N/A | ||
| IIS has the #exec function enabled for Server Side Include (SSI) files. | ||||
| CVE-2001-0027 | 1 Proftpd Project | 1 Proftpd | 2026-04-16 | N/A |
| mod_sqlpw module in ProFTPD does not reset a cached password when a user uses the "user" command to change accounts, which allows authenticated attackers to gain privileges of other users. | ||||