Export limit exceeded: 345221 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345221 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-3841 | 1 Owasp | 1 Webscarab | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in WebScarab before 20060718-1904, when used with Microsoft Internet Explorer 6 SP2 or Konqueror 3.5.3, allows remote attackers to inject arbitrary web script or HTML via the URL, which is not sanitized before being returned in an error message when WebScarab is not able to access the URL. | ||||
| CVE-1999-0435 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| MC/ServiceGuard and MC/LockManager in HP-UX allows local users to gain privileges through SAM. | ||||
| CVE-1999-1513 | 1 3com | 1 Superstack Ii Hub | 2026-04-16 | N/A |
| Management information base (MIB) for a 3Com SuperStack II hub running software version 2.10 contains an object identifier (.1.3.6.1.4.1.43.10.4.2) that is accessible by a read-only community string, but lists the entire table of community strings, which could allow attackers to conduct unauthorized activities. | ||||
| CVE-2006-3383 | 1 Mads | 1 Mads | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in mAds 1.0 allows remote attackers to inject arbitrary web script or HTML via Javascript events such as onmouseover within a URL. NOTE: the provenance of this information is unknown; the details are obtained solely from third party reports. | ||||
| CVE-2006-3842 | 1 Adventnet | 1 Zoho Virtual Office | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Zoho Virtual Office 3.2 Build 3210 allows remote attackers to execute arbitrary web script or HTML via an HTML message. | ||||
| CVE-1999-0436 | 1 Hp | 2 Desms, Hp-ux | 2026-04-16 | N/A |
| Domain Enterprise Server Management System (DESMS) in HP-UX allows local users to gain privileges. | ||||
| CVE-2005-1714 | 1 Netwin | 1 Surgemail | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in NetWin SurgeMail 3.0c2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2006-3384 | 1 Vincent Leclercq | 1 News | 2026-04-16 | N/A |
| SQL injection vulnerability in divers.php in Vincent Leclercq News 5.2 allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) texte parameters. | ||||
| CVE-2006-3843 | 1 Mambo | 1 Mambo Calendar | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in com_calendar.php in Calendar Mambo Module 1.5.7 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the absolute_path parameter. | ||||
| CVE-1999-0437 | 1 Ramp Networks | 1 Webramp | 2026-04-16 | N/A |
| Remote attackers can perform a denial of service in WebRamp systems by sending a malicious string to the HTTP port. | ||||
| CVE-1999-1546 | 1 Ibm | 1 Navio Nc Browser | 2026-04-16 | N/A |
| netstation.navio-com.rte 1.1.0.1 configuration script for Navio NC on IBM AIX exports /tmp over NFS as world-readable and world-writable. | ||||
| CVE-2006-3385 | 1 Vincent Leclercq | 1 News | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in divers.php in Vincent Leclercq News 5.2 allows remote attackers to inject arbitrary web script or HTML via the (1) id and (2) disabled parameters. | ||||
| CVE-2006-3844 | 1 Pablo Software Solutions | 1 Quick N Easy Ftp Server | 2026-04-16 | N/A |
| Buffer overflow in Quick 'n Easy FTP Server 3.0 allows remote authenticated users to execute arbitrary commands via a long argument to the LIST command, a different issue than CVE-2006-2027. | ||||
| CVE-2006-3386 | 1 Vincent Leclercq | 1 News | 2026-04-16 | N/A |
| index.php in Vincent Leclercq News 5.2 allows remote attackers to obtain sensitive information, such as the installation path, via a mail[] parameter with invalid values. | ||||
| CVE-2006-3845 | 1 Rarlab | 1 Winrar | 2026-04-16 | N/A |
| Stack-based buffer overflow in lzh.fmt in WinRAR 3.00 through 3.60 beta 6 allows remote attackers to execute arbitrary code via a long filename in a LHA archive. | ||||
| CVE-1999-0440 | 2 Netscape, Sun | 3 Communicator, Navigator, Java | 2026-04-16 | N/A |
| The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages. | ||||
| CVE-1999-1568 | 1 Ncftp | 1 Ncftpd Server | 2026-04-16 | 7.5 High |
| Off-by-one error in NcFTPd FTP server before 2.4.1 allows a remote attacker to cause a denial of service (crash) via a long PORT command. | ||||
| CVE-2006-3387 | 1 Fusionphp | 1 Fusion News | 2026-04-16 | N/A |
| Directory traversal vulnerability in sources/post.php in Fusion News 1.0, when register_globals is enabled, allows remote attackers to include arbitrary files via a .. (dot dot) sequence in the fil_config parameter, which can be used to execute PHP code that has been injected into a log file. | ||||
| CVE-2000-1187 | 1 Netscape | 2 Communicator, Navigator | 2026-04-16 | N/A |
| Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password value in a form field. | ||||
| CVE-2006-3388 | 1 Phpmyadmin | 1 Phpmyadmin | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via the table parameter. | ||||