Export limit exceeded: 349608 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29914 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29914 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-0512 | 2026-04-16 | N/A | ||
| A mail server is explicitly configured to allow SMTP mail relay, which allows abuse by spammers. | ||||
| CVE-2006-4984 | 1 Grayscale | 1 Bandsite Cms | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Grayscale BandSite CMS allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[root_path] parameter in (1) adminpanel/includes/mailinglist/mlist_xls.php and (2) adminpanel/includes/add_forms/addmp3.php. NOTE: the other vectors from the original disclosure are already covered by CVE-2006-3193. | ||||
| CVE-1999-0522 | 2026-04-16 | N/A | ||
| The permissions for a system-critical NIS+ table (e.g. passwd) are inappropriate. | ||||
| CVE-2005-3555 | 1 Tincan | 1 Phplist | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in PHPlist 2.10.1 and earlier allow authenticated remote attackers with administrator privileges to execute arbitrary SQL commands via the id parameter in the (1) editattributes or (2) admin page. | ||||
| CVE-2006-4990 | 1 Photopost | 1 Photopost Php Pro | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in PhotoPost allow remote attackers to execute arbitrary PHP code via a URL in the PP_PATH parameter in (1) addfav.php, (2) adm-admlog.php, (3) adm-approve.php, (4) adm-backup.php, (5) adm-cats.php, (6) adm-cinc.php, (7) adm-db.php, (8) adm-editcfg.php, (9) adm-inc.php, (10) adm-index.php, (11) adm-modcom.php, (12) adm-move.php, (13) adm-options.php, (14) adm-order.php, (15) adm-pa.php, (16) adm-photo.php, (17) adm-purge.php, (18) adm-style.php, (19) adm-templ.php, (20) adm-userg.php, (21) adm-users.php, (22) bulkupload.php, (23) cookies.php, (24) comments.php, (25) ecard.php, (26) editphoto.php, (27) register.php, (28) showgallery.php, (29) showmembers.php, (30) useralbums.php, (31) uploadphoto.php, (32) search.php, or (33) adm-menu.php, different vectors than CVE-2006-4828. | ||||
| CVE-1999-0549 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Windows NT automatically logs in an administrator upon rebooting. | ||||
| CVE-1999-0550 | 2026-04-16 | N/A | ||
| A router's routing tables can be obtained from arbitrary hosts. | ||||
| CVE-1999-0551 | 1 Hp | 1 Openmail | 2026-04-16 | N/A |
| HP OpenMail can be misconfigured to allow users to run arbitrary commands using malicious print requests. | ||||
| CVE-1999-0565 | 2026-04-16 | N/A | ||
| A Sendmail alias allows input to be piped to a program. | ||||
| CVE-2005-3559 | 1 Digium | 1 Asterisk | 2026-04-16 | N/A |
| Directory traversal vulnerability in vmail.cgi in Asterisk 1.0.9 through 1.2.0-beta1 allows remote attackers to access WAV files via a .. (dot dot) in the folder parameter. | ||||
| CVE-2006-4991 | 1 Rsa | 1 Keon Certificate Authority Manager | 2026-04-16 | N/A |
| RSA Keon Certificate Authority (KeonCA) Manager 6.5.1 and 6.6 allows privileged local users to hide malicious Certificate Authority (CA) activities by modifying CA auditor logs without detection by (1) modifying or deleting a <LOG BLOCK> and its signature from the XML log in a way that is not detected by the integrity check function that operates on the entire pool, or (2) modifying entries in the live log file, which is only signed during rotation. | ||||
| CVE-2005-3560 | 1 Zonelabs | 4 Zonealarm, Zonealarm Anti-spyware, Zonealarm Antivirus and 1 more | 2026-04-16 | N/A |
| Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite 6.0, (3) ZoneAlarm Anti-Virus 6.0, (4) ZoneAlarm Anti-Spyware 6.0 through 6.1, and (5) ZoneAlarm 6.0 allow remote attackers to bypass the "Advanced Program Control and OS Firewall filters" setting via URLs in "HTML Modal Dialogs" (window.location.href) contained within JavaScript tags. | ||||
| CVE-2006-4992 | 1 Joomla | 1 Jd-wordpress | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in JD-WordPress for Joomla! (com_jd-wp) 2.0-1.0 RC2 allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter in (1) wp-comments-post.php, (2) wp-feed.php, or (3) wp-trackback.php. | ||||
| CVE-2005-3564 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| envd daemon in HP-UX B.11.00 through B.11.11 allows local users to obtain privileges via unknown attack vectors. | ||||
| CVE-1999-0588 | 2026-04-16 | N/A | ||
| A filter in a router or firewall allows unusual fragmented packets. | ||||
| CVE-2006-4993 | 1 Allmyguests Project | 1 Allmyguests | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in AllMyGuests 0.4.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the _AMGconfig[cfg_serverpath] parameter in (1) modules/AllMyGuests/signin.php (aka the Nuke module) and (2) AllMyGuests/signin.php (aka the standalone). | ||||
| CVE-2005-3565 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Unknown vulnerability in remshd daemon in HP-UX B.11.00, B.11.11, and B.11.23 while running in "Trusted Mode" allows remote attackers to gain unauthorized system access via unknown attack vectors. | ||||
| CVE-2006-4994 | 1 Apachefriends | 1 Xampp | 2026-04-16 | N/A |
| Multiple unquoted Windows search path vulnerabilities in Apache Friends XAMPP 1.5.2 might allow local users to gain privileges via a malicious program file in %SYSTEMDRIVE%, which is run when XAMPP attempts to execute (1) FileZillaServer.exe, (2) mysqld-nt.exe, (3) Perl.exe, or (4) xamppcontrol.exe with an unquoted "Program Files" pathname. | ||||
| CVE-1999-0598 | 2026-04-16 | N/A | ||
| A network intrusion detection system (IDS) does not properly handle packets that are sent out of order, allowing an attacker to escape detection. | ||||
| CVE-1999-0608 | 1 Pdgsoft | 1 Pdg Shopping Cart | 2026-04-16 | N/A |
| An incorrect configuration of the PDG Shopping Cart CGI program "shopper.cgi" could disclose private information. | ||||