Export limit exceeded: 345785 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345785 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-1078 | 1 Ipswitch | 1 Ws Ftp Pro | 2026-04-16 | N/A |
| WS_FTP Pro 6.0 uses weak encryption for passwords in its initialization files, which allows remote attackers to easily decrypt the passwords and gain privileges. | ||||
| CVE-1999-0072 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Buffer overflow in AIX xdat gives root access to local users. | ||||
| CVE-1999-0071 | 1 Apache | 1 Http Server | 2026-04-16 | N/A |
| Apache httpd cookie buffer overflow for versions 1.1.1 and earlier. | ||||
| CVE-2006-3827 | 1 Kailash Nadh | 1 Boastmachine | 2026-04-16 | N/A |
| SQL injection vulnerability in bmc/Inc/core/admin/search.inc.php in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier allows remote authenticated administrators to execute arbitrary SQL commands via the blog parameter. | ||||
| CVE-2006-3826 | 1 Kailash Nadh | 1 Boastmachine | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) user_login, (2) full_name, and (3) URL parameters in register.php; and allow remote authenticated administrators to inject arbitrary web script or HTML via the (4) cat_list and (5) key parameters in a certain portion of the admin interface. | ||||
| CVE-1999-1076 | 1 Apple | 1 Macos | 2026-04-16 | N/A |
| Idle locking function in MacOS 9 allows local users to bypass the password protection of idled sessions by selecting the "Log Out" option and selecting a "Cancel" option in the dialog box for an application that attempts to verify that the user wants to log out, which returns the attacker into the locked session. | ||||
| CVE-2006-3737 | 1 Swsoft | 1 Plesk Control Panel | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in filemanager/filemanager.php in the control panel in SWsoft Plesk 8.0 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the file parameter. | ||||
| CVE-2001-1081 | 2 Lucent, Simon Horms | 2 Radius, Radius | 2026-04-16 | N/A |
| Format string vulnerabilities in Livingston/Lucent RADIUS before 2.1.va.1 may allow local or remote attackers to cause a denial of service and possibly execute arbitrary code via format specifiers that are injected into log messages. | ||||
| CVE-2001-1009 | 2 Fetchmail, Redhat | 2 Fetchmail, Linux | 2026-04-16 | N/A |
| Fetchmail (aka fetchmail-ssl) before 5.8.17 allows a remote malicious (1) IMAP server or (2) POP/POP3 server to overwrite arbitrary memory and possibly gain privileges via a negative index number as part of a response to a LIST request. | ||||
| CVE-2001-1105 | 2 Cisco, Dell | 2 Icdn, Bsafe Ssl-j | 2026-04-16 | N/A |
| RSA BSAFE SSL-J 3.0, 3.0.1 and 3.1, as used in Cisco iCND 2.0, caches session IDs from failed login attempts, which could allow remote attackers to bypass SSL client authentication and gain access to sensitive data by logging in after an initial failure. | ||||
| CVE-1999-1017 | 1 Seattle Lab Software | 1 Emurl | 2026-04-16 | N/A |
| Seattle Labs Emurl 2.0, and possibly earlier versions, stores e-mail attachments in a specific directory with scripting enabled, which allows a malicious ASP file attachment to execute when the recipient opens the message. | ||||
| CVE-2000-0689 | 1 Cgi Script Center | 1 Account Manager | 2026-04-16 | N/A |
| Account Manager LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the amadmin.pl script with the setpasswd parameter. | ||||
| CVE-2002-0013 | 2 Redhat, Snmp | 3 Linux, Powertools, Snmp | 2026-04-16 | N/A |
| Vulnerabilities in the SNMPv1 request handling of a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via (1) GetRequest, (2) GetNextRequest, and (3) SetRequest messages, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available. | ||||
| CVE-2002-1702 | 1 Deltascripts | 1 Php Classifieds | 2026-04-16 | N/A |
| Cross-site scripting vulnerability (XSS) in DeltaScripts PHP Classifieds 6.0.5 allows remote attackers to execute arbitrary script as other users via the URL parameter. | ||||
| CVE-1999-1018 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| IPChains in Linux kernels 2.2.10 and earlier does not reassemble IP fragments before checking the header information, which allows a remote attacker to bypass the filtering rules using several fragments with 0 offsets. | ||||
| CVE-2000-0690 | 1 Cgi Script Center | 1 Auction Weaver | 2026-04-16 | N/A |
| Auction Weaver CGI script 1.02 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the fromfile parameter. | ||||
| CVE-1999-1019 | 1 Cabletron | 1 Spectrum Enterprise Manager | 2026-04-16 | N/A |
| SpectroSERVER in Cabletron Spectrum Enterprise Manager 5.0 installs a directory tree with insecure permissions, which allows local users to replace a privileged executable (processd) with a Trojan horse, facilitating a root or Administrator compromise. | ||||
| CVE-2005-4438 | 1 Dec2rar.dll | 1 Dec2rar.dll | 2026-04-16 | N/A |
| Heap-based buffer overflow in Dec2Rar.dll 3.2.14.3, as distributed in the Symantec Antivirus Library and used by various Symantec products, allows remote attackers to execute arbitrary code via RAR archives with sub-block headers that contain incorrect values in the length field. | ||||
| CVE-2006-4144 | 2 Imagemagick, Redhat | 2 Imagemagick, Enterprise Linux | 2026-04-16 | N/A |
| Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via large (1) bytes_per_pixel, (2) columns, and (3) rows values, which trigger a heap-based buffer overflow. | ||||
| CVE-2004-0460 | 5 Infoblox, Isc, Mandrakesoft and 2 more | 11 Dns One Appliance, Dhcpd, Mandrake Linux and 8 more | 2026-04-16 | N/A |
| Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file. | ||||