Export limit exceeded: 345221 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345221 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-0397 | 2026-04-16 | N/A | ||
| The demo version of the Quakenbush NT Password Appraiser sends passwords across the network in plaintext. | ||||
| CVE-1999-1386 | 1 Perl | 1 Perl | 2026-04-16 | 5.5 Medium |
| Perl 5.004_04 and earlier follows symbolic links when running with the -e option, which allows local users to overwrite arbitrary files via a symlink attack on the /tmp/perl-eaXXXXX file. | ||||
| CVE-1999-0400 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| Denial of service in Linux 2.2.0 running the ldd command on a core file. | ||||
| CVE-1999-1411 | 1 Debian | 1 Debian Linux | 2026-04-16 | N/A |
| The installation of the fsp package 2.71-10 in Debian GNU/Linux 2.0 adds the anonymous FTP user without notifying the administrator, which could automatically enable anonymous FTP on some servers such as wu-ftp. | ||||
| CVE-2000-1131 | 1 Bill Kendrick | 1 Gbook.cgi | 2026-04-16 | N/A |
| Bill Kendrick web site guestbook (GBook) allows remote attackers to execute arbitrary commands via shell metacharacters in the _MAILTO form variable. | ||||
| CVE-1999-0401 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| A race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files. | ||||
| CVE-1999-0402 | 1 Gnu | 1 Wget | 2026-04-16 | N/A |
| wget 1.5.3 follows symlinks to change permissions of the target file instead of the symlink itself. | ||||
| CVE-1999-0403 | 1 Cyrix | 1 Linux | 2026-04-16 | N/A |
| A bug in Cyrix CPUs on Linux allows local users to perform a denial of service. | ||||
| CVE-1999-1429 | 1 Dit | 1 Transferpro | 2026-04-16 | N/A |
| DIT TransferPro installs devices with world-readable and world-writable permissions, which could allow local users to damage disks through the ff device driver. | ||||
| CVE-1999-0404 | 1 Smartmax Software | 1 Mailmax | 2026-04-16 | N/A |
| Buffer overflow in the Mail-Max SMTP server for Windows systems allows remote command execution. | ||||
| CVE-1999-1432 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Power management (Powermanagement) on Solaris 2.4 through 2.6 does not start the xlock process until after the sys-suspend has completed, which allows an attacker with physical access to input characters to the last active application from the keyboard for a short period after the system is restoring, which could lead to increased privileges. | ||||
| CVE-2000-0778 | 1 Microsoft | 1 Internet Information Services | 2026-04-16 | N/A |
| IIS 5.0 allows remote attackers to obtain source code for .ASP files and other scripts via an HTTP GET request with a "Translate: f" header, aka the "Specialized Header" vulnerability. | ||||
| CVE-1999-1447 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 4.0 allows remote attackers to cause a denial of service (crash) via HTML code that contains a long CLASSID parameter in an OBJECT tag. | ||||
| CVE-1999-0405 | 4 Debian, Freebsd, Redhat and 1 more | 4 Debian Linux, Freebsd, Linux and 1 more | 2026-04-16 | N/A |
| A buffer overflow in lsof allows local users to obtain root privilege. | ||||
| CVE-2000-0779 | 1 Checkpoint | 1 Firewall-1 | 2026-04-16 | N/A |
| Checkpoint Firewall-1 with the RSH/REXEC setting enabled allows remote attackers to bypass access restrictions and connect to a RSH/REXEC client via malformed connection requests. | ||||
| CVE-2006-3352 | 1 Mozilla | 1 Firefox | 2026-04-16 | N/A |
| Cross-domain vulnerability in Mozilla Firefox allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object. NOTE: this description was based on a report that has since been retracted by the original authors. The authors misinterpreted their test results. Other third parties also disputed the original report. Therefore, this is not a vulnerability. It is being assigned a candidate number to provide a clear indication of its status | ||||
| CVE-1999-0406 | 1 Digital | 1 Unix | 2026-04-16 | N/A |
| Digital Unix Networker program nsralist has a buffer overflow which allows local users to obtain root privilege. | ||||
| CVE-2006-3275 | 1 Yabb | 1 Yabb | 2026-04-16 | N/A |
| SQL injection vulnerability in profile.php in YaBB SE 1.5.5 and earlier allows remote attackers to execute SQL commands via a double-encoded user parameter in a viewprofile action. | ||||
| CVE-2006-3274 | 1 Webmin | 1 Webmin | 2026-04-16 | N/A |
| Directory traversal vulnerability in Webmin before 1.280, when run on Windows, allows remote attackers to read arbitrary files via \ (backslash) characters in the URL to certain directories under the web root, such as the image directory. | ||||
| CVE-2006-3271 | 1 Softbiz | 1 Dating Script | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Softbiz Dating 1.0 allow remote attackers to execute SQL commands via the (1) country and (2) sort_by parameters in (a) search_results.php; (3) browse parameter in (b) featured_photos.php; (4) cid parameter in (c) products.php, (d) index.php, and (e) news_desc.php. | ||||