Export limit exceeded: 345143 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345143 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-0044 | 1 Jgaa | 1 Warftpd | 2026-04-16 | N/A |
| Macros in War FTP 1.70 and 1.67b2 allow local or remote attackers to read arbitrary files or execute commands. | ||||
| CVE-2006-3899 | 1 Microsoft | 2 Internet Explorer, Windows Xp | 2026-04-16 | N/A |
| Microsoft Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to cause a denial of service (application crash) by calling the stringToBinary function of the CEnroll.CEnroll.2 ActiveX object with a long second argument, which triggers an invalid memory access inside the SysAllocStringLen function. | ||||
| CVE-2001-0318 | 1 Proftpd Project | 1 Proftpd | 2026-04-16 | N/A |
| Format string vulnerability in ProFTPD 1.2.0rc2 may allow attackers to execute arbitrary commands by shutting down the FTP server while using a malformed working directory (cwd). | ||||
| CVE-2001-1156 | 1 Typsoft | 1 Typsoft Ftp Server | 2026-04-16 | N/A |
| TYPSoft FTP 0.95 allows remote attackers to cause a denial of service (CPU consumption) via a "../../*" argument to (1) STOR or (2) RETR. | ||||
| CVE-2001-1423 | 1 Advanced Poll | 1 Advanced Poll | 2026-04-16 | N/A |
| Advanced Poll before 1.61, when using a flat file database, allows remote attackers to gain privileges by setting the logged_in parameter. | ||||
| CVE-2001-0023 | 1 Leif M. Wright | 1 Everythingform.cgi | 2026-04-16 | N/A |
| everythingform.cgi CGI program by Leif Wright allows remote attackers to execute arbitrary commands via shell metacharacters in the config parameter. | ||||
| CVE-2001-1209 | 1 Abe Timmerman | 1 Zml.cgi | 2026-04-16 | N/A |
| Directory traversal vulnerability in zml.cgi allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | ||||
| CVE-2001-1504 | 1 Ibm | 1 Lotus Notes | 2026-04-16 | N/A |
| Lotus Notes R5 Client 4.6 allows remote attackers to execute arbitrary commands via a Lotus Notes object with code in an event, which is automatically executed when the user processes the e-mail message. | ||||
| CVE-2002-0050 | 1 Microsoft | 1 Commerce Server | 2026-04-16 | N/A |
| Buffer overflow in AuthFilter ISAPI filter on Microsoft Commerce Server 2000 allows remote attackers to execute arbitrary code via long authentication data. | ||||
| CVE-2002-0145 | 1 Scott Parish | 1 Chuid | 2026-04-16 | N/A |
| chuid 1.2 and earlier does not properly verify the ownership of files that will be changed, which allows remote attackers to change files owned by other users, such as root. | ||||
| CVE-2001-0024 | 1 Leif M. Wright | 1 Simplestmail.cgi | 2026-04-16 | N/A |
| simplestmail.cgi CGI program by Leif Wright allows remote attackers to execute arbitrary commands via shell metacharacters in the MyEmail parameter. | ||||
| CVE-2001-1424 | 1 Alcatel | 1 Speed Touch Home | 2026-04-16 | N/A |
| Alcatel Speed Touch ADSL modem running firmware KHDSAA.108, KHDSAA.132, KHDSBA.133, and KHDSAA.134 has a blank default password, which allows remote attackers to gain unauthorized access. | ||||
| CVE-2001-1527 | 1 Easyscripts | 1 Easynews | 2026-04-16 | N/A |
| easyNews 1.5 and earlier stores administration passwords in cleartext in settings.php, which allows local users to obtain the passwords and gain access. | ||||
| CVE-2002-0276 | 1 Ettercap | 1 Ettercap | 2026-04-16 | N/A |
| Buffer overflow in various decoders in Ettercap 0.6.3.1 and earlier, when running on networks with an MTU greater than 2000, allows remote attackers to execute arbitrary code via large packets. | ||||
| CVE-2000-0051 | 1 Allaire | 1 Spectra | 2026-04-16 | N/A |
| The Allaire Spectra Configuration Wizard allows remote attackers to cause a denial of service by repeatedly resubmitting data collections for indexing via a URL. | ||||
| CVE-2006-3900 | 1 Tobias Kloy | 1 Tp-book | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in guestbook.php in TP-Book 1.00 and earlier allows remote attackers to inject arbitrary web script or HTML via the name parameter. | ||||
| CVE-2006-3547 | 1 Vmware | 1 Player | 2026-04-16 | 5.5 Medium |
| EMC VMware Player allows user-assisted attackers to cause a denial of service (unrecoverable application failure) via a long value of the ide1:0.fileName parameter in the .vmx file of a virtual machine. NOTE: third parties have disputed this issue, saying that write access to the .vmx file enables other ways of stopping the virtual machine, so no privilege boundaries are crossed | ||||
| CVE-1999-0535 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-04-16 | N/A |
| A Windows NT account policy for passwords has inappropriate, security-critical settings, e.g. for password length, password age, or uniqueness. | ||||
| CVE-2006-3548 | 1 Horde | 1 Horde | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Horde Application Framework 3.0.0 through 3.0.10 and 3.1.0 through 3.1.1 allow remote attackers to inject arbitrary web script or HTML via a (1) javascript URI or an external (2) http, (3) https, or (4) ftp URI in the url parameter in services/go.php (aka the dereferrer), (5) a javascript URI in the module parameter in services/help (aka the help viewer), and (6) the name parameter in services/problem.php (aka the problem reporting screen). | ||||
| CVE-2006-3901 | 1 Tumbleweed | 1 Mailgate Email Firewall | 2026-04-16 | N/A |
| Multiple stack-based buffer overflows in Tumbleweed Email Firewall (EMF) allow remote attackers to execute arbitrary code via an email attachment with an LHA archive that contains a (1) file or (2) directory with a long LHA extended header, (3) an LHA archive in which the "temporary pathname" field for decompressed output is greater than 2 bytes, or (4) an LHA archive with a long filename. | ||||