Export limit exceeded: 345089 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345089 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-0817 | 1 Microsoft | 1 Network Monitor | 2026-04-16 | N/A |
| Buffer overflow in the HTTP protocol parser for Microsoft Network Monitor (Netmon) allows remote attackers to execute arbitrary commands via malformed data, aka the "Netmon Protocol Parsing" vulnerability. | ||||
| CVE-1999-0636 | 2026-04-16 | N/A | ||
| The discard service is running. | ||||
| CVE-2006-3611 | 1 Phorum | 1 Phorum | 2026-04-16 | N/A |
| Directory traversal vulnerability in pm.php in Phorum 5 allows remote authenticated users to include and execute arbitrary local files via directory traversal sequences in the GLOBALS[template] parameter, as demonstrated by injecting PHP sequences into a log file, which is then included by pm.php. | ||||
| CVE-1999-0637 | 2026-04-16 | N/A | ||
| The systat service is running. | ||||
| CVE-1999-0640 | 2026-04-16 | N/A | ||
| The Gopher service is running. | ||||
| CVE-2006-3612 | 1 Phorum | 1 Phorum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Phorum 5.1.14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-1999-0641 | 2026-04-16 | N/A | ||
| The UUCP service is running. | ||||
| CVE-1999-0651 | 2026-04-16 | N/A | ||
| The rsh/rlogin service is running. | ||||
| CVE-2000-0116 | 1 Checkpoint | 1 Firewall-1 | 2026-04-16 | N/A |
| Firewall-1 does not properly filter script tags, which allows remote attackers to bypass the "Strip Script Tags" restriction by including an extra < in front of the SCRIPT tag. | ||||
| CVE-1999-0653 | 2026-04-16 | N/A | ||
| A component service related to NIS+ is running. | ||||
| CVE-1999-0168 | 1 Sun | 1 Sunos | 2026-04-16 | N/A |
| The portmapper may act as a proxy and redirect service requests from an attacker, making the request appear to come from the local host, possibly bypassing authentication that would otherwise have taken place. For example, NFS file systems could be mounted through the portmapper despite export restrictions. | ||||
| CVE-1999-0654 | 2026-04-16 | N/A | ||
| The OS/2 or POSIX subsystem in NT is enabled. | ||||
| CVE-2000-0117 | 1 Sun | 3 Cobalt Raq, Cobalt Raq 2, Cobalt Raq 3i | 2026-04-16 | N/A |
| The siteUserMod.cgi program in Cobalt RaQ2 servers allows any Site Administrator to modify passwords for other users, site administrators, and possibly admin (root). | ||||
| CVE-2000-0818 | 1 Oracle | 1 Listener | 2026-04-16 | N/A |
| The default installation for the Oracle listener program 7.3.4, 8.0.6, and 8.1.6 allows an attacker to cause logging information to be appended to arbitrary files and execute commands via the SET TRC_FILE or SET LOG_FILE commands. | ||||
| CVE-2001-0330 | 1 Mozilla | 1 Bugzilla | 2026-04-16 | N/A |
| Bugzilla 2.10 allows remote attackers to access sensitive information, including the database username and password, via an HTTP request for the globals.pl file, which is normally returned by the web server without being executed. | ||||
| CVE-1999-0438 | 1 Ramp Networks | 2 Webramp 200i, Webramp M3 | 2026-04-16 | N/A |
| Remote attackers can perform a denial of service in WebRamp systems by sending a malicious UDP packet to port 5353, changing its IP address. | ||||
| CVE-2001-0037 | 1 Keware Technologies | 1 Homeseer | 2026-04-16 | N/A |
| Directory traversal vulnerability in HomeSeer before 1.4.29 allows remote attackers to read arbitrary files via a URL containing .. (dot dot) specifiers. | ||||
| CVE-2001-0207 | 1 Pierre Beyssac | 1 Bing | 2026-04-16 | N/A |
| Buffer overflow in bing allows remote attackers to execute arbitrary commands via a long hostname, which is copied to a small buffer after a reverse DNS lookup using the gethostbyaddr function. | ||||
| CVE-2006-3613 | 1 Chamberland Technology | 1 Ezwaiter Online | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Chamberland Technology ezWaiter 3.0 Online and possibly Enterprise Software (aka enterprise edition) allow remote attackers to inject arbitrary web script or HTML via the (1) itemfor (aka "Who is this item for?") and (2) special (aka "Special Instructions") parameters to item.php, which is accessed from showorder.php, or (3) unspecified parameters to the login form at login.php. | ||||
| CVE-2006-3614 | 1 Orbitcoders | 1 Orbitmatrix | 2026-04-16 | N/A |
| index.php in Orbitcoders OrbitMATRIX 1.0 allows remote attackers to trigger a SQL error via the page_name parameter, possibly due to a SQL injection vulnerability. | ||||