Export limit exceeded: 348995 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29911 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29911 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1714 | 1 Netwin | 1 Surgemail | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in NetWin SurgeMail 3.0c2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2006-3384 | 1 Vincent Leclercq | 1 News | 2026-04-16 | N/A |
| SQL injection vulnerability in divers.php in Vincent Leclercq News 5.2 allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) texte parameters. | ||||
| CVE-2006-3843 | 1 Mambo | 1 Mambo Calendar | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in com_calendar.php in Calendar Mambo Module 1.5.7 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the absolute_path parameter. | ||||
| CVE-1999-0437 | 1 Ramp Networks | 1 Webramp | 2026-04-16 | N/A |
| Remote attackers can perform a denial of service in WebRamp systems by sending a malicious string to the HTTP port. | ||||
| CVE-1999-1546 | 1 Ibm | 1 Navio Nc Browser | 2026-04-16 | N/A |
| netstation.navio-com.rte 1.1.0.1 configuration script for Navio NC on IBM AIX exports /tmp over NFS as world-readable and world-writable. | ||||
| CVE-2006-3385 | 1 Vincent Leclercq | 1 News | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in divers.php in Vincent Leclercq News 5.2 allows remote attackers to inject arbitrary web script or HTML via the (1) id and (2) disabled parameters. | ||||
| CVE-2006-3844 | 1 Pablo Software Solutions | 1 Quick N Easy Ftp Server | 2026-04-16 | N/A |
| Buffer overflow in Quick 'n Easy FTP Server 3.0 allows remote authenticated users to execute arbitrary commands via a long argument to the LIST command, a different issue than CVE-2006-2027. | ||||
| CVE-2006-3386 | 1 Vincent Leclercq | 1 News | 2026-04-16 | N/A |
| index.php in Vincent Leclercq News 5.2 allows remote attackers to obtain sensitive information, such as the installation path, via a mail[] parameter with invalid values. | ||||
| CVE-2006-3845 | 1 Rarlab | 1 Winrar | 2026-04-16 | N/A |
| Stack-based buffer overflow in lzh.fmt in WinRAR 3.00 through 3.60 beta 6 allows remote attackers to execute arbitrary code via a long filename in a LHA archive. | ||||
| CVE-1999-0440 | 2 Netscape, Sun | 3 Communicator, Navigator, Java | 2026-04-16 | N/A |
| The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages. | ||||
| CVE-2006-3387 | 1 Fusionphp | 1 Fusion News | 2026-04-16 | N/A |
| Directory traversal vulnerability in sources/post.php in Fusion News 1.0, when register_globals is enabled, allows remote attackers to include arbitrary files via a .. (dot dot) sequence in the fil_config parameter, which can be used to execute PHP code that has been injected into a log file. | ||||
| CVE-2000-1187 | 1 Netscape | 2 Communicator, Navigator | 2026-04-16 | N/A |
| Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password value in a form field. | ||||
| CVE-2006-3388 | 1 Phpmyadmin | 1 Phpmyadmin | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via the table parameter. | ||||
| CVE-1999-0441 | 1 Qbik | 1 Wingate | 2026-04-16 | N/A |
| Remote attackers can perform a denial of service in WinGate machines using a buffer overflow in the Winsock Redirector Service. | ||||
| CVE-1999-0442 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Solaris ff.core allows local users to modify files. | ||||
| CVE-2006-3411 | 1 Tor | 1 Tor | 2026-04-16 | N/A |
| TLS handshakes in Tor before 0.1.1.20 generate public-private keys based on TLS context rather than the connection, which makes it easier for remote attackers to conduct brute force attacks on the encryption keys. | ||||
| CVE-2006-3878 | 1 Opsware | 1 Network Automation System | 2026-04-16 | N/A |
| Opsware Network Automation System (NAS) 6.0 installs /etc/init.d/mysql with insecure permissions, which allows local users to read the root password for the MySQL MAX database or gain privileges by modifying /etc/init.d/mysql. | ||||
| CVE-2006-3412 | 1 Tor | 1 Tor | 2026-04-16 | N/A |
| Tor before 0.1.1.20 does not sufficiently obey certain firewall options, which allows remote attackers to bypass intended access restrictions for dirservers, direct connections, or proxy servers. | ||||
| CVE-2000-1194 | 1 Argosoft | 1 Ftp Server | 2026-04-16 | N/A |
| Argosoft FRP server 1.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to the (1) USER or (2) CWD commands. | ||||
| CVE-2000-0192 | 1 Caldera | 1 Openlinux | 2026-04-16 | N/A |
| The default installation of Caldera OpenLinux 2.3 includes the CGI program rpm_query, which allows remote attackers to determine what packages are installed on the system. | ||||