Export limit exceeded: 345788 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 345788 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345788 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-0724 | 1 Helix Code | 1 Go-gnome Pre-installer | 2026-04-16 | N/A |
| The go-gnome Helix GNOME pre-installer allows local users to overwrite arbitrary files via a symlink attack on various files in /tmp, including uudecode, snarf, and some installer files. | ||||
| CVE-2006-3227 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Interpretation conflict between Internet Explorer and other web browsers such as Mozilla, Opera, and Firefox might allow remote attackers to modify the visual presentation of web pages and possibly bypass protection mechanisms such as content filters via ASCII characters with the 8th bit set, which could be stripped by Internet Explorer to render legible text, but not when using other browsers. NOTE: there has been significant discussion about this issue, and as of 20060625, it is not clear where the responsibility for this issue lies, although it might be due to vagueness within the associated standards. NOTE: this might only be exploitable with certain encodings. | ||||
| CVE-2006-3229 | 1 Open Webmail | 1 Open Webmail | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Open WebMail (OWM) 2.52, and other versions released before 05/12/2006, allows remote attackers to inject arbitrary web script or HTML via the (1) To and (2) From fields in openwebmail-main.pl, and possibly (3) other unspecified vectors related to "openwebmailerror calls that need to display HTML." | ||||
| CVE-2006-3232 | 1 Ibm | 1 Websphere Application Server | 2026-04-16 | N/A |
| Unspecified vulnerability in IBM WebSphere Application Server before 6.0.2.11 has unknown impact and attack vectors because the "UserNameToken cache was improperly used." | ||||
| CVE-2006-3233 | 1 Open Webmail | 1 Open Webmail | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in openwebmail-read.pl in Open WebMail (OWM) 2.52, and other versions released before 06/18/2006, allows remote attackers to inject arbitrary web script or HTML via the from field. NOTE: some third party sources have mentioned the "to" and "from" fields, although CVE analysis shows that these are associated with the previous version, a different executable, and a different CVE. | ||||
| CVE-2006-3234 | 1 Looknet | 1 Fineshop | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in index.php in FineShop 3.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) produkt, (2) id_produc, and (3) id_kat parameters. | ||||
| CVE-1999-0107 | 1 Apache | 1 Http Server | 2026-04-16 | N/A |
| Buffer overflow in Apache 1.2.5 and earlier allows a remote attacker to cause a denial of service with a large number of GET requests containing a large number of / characters. | ||||
| CVE-2006-3198 | 1 Opera | 1 Opera Browser | 2026-04-16 | N/A |
| Integer overflow in Opera 8.54 and earlier allows remote attackers to execute arbitrary code via a JPEG image with large height and width values, which causes less memory to be allocated than intended. | ||||
| CVE-1999-0077 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Predictable TCP sequence numbers allow spoofing. | ||||
| CVE-2000-0712 | 1 Lids | 1 Lids | 2026-04-16 | N/A |
| Linux Intrusion Detection System (LIDS) 0.9.7 allows local users to gain root privileges when LIDS is disabled via the security=0 boot option. | ||||
| CVE-2006-3197 | 1 Invision Power Services | 1 Invision Power Board | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB) 2.1.6 and earlier allows remote attackers to inject arbitrary web script or HTML via a POST that contains hexadecimal-encoded HTML. | ||||
| CVE-1999-0076 | 1 Washington University | 1 Wu-ftpd | 2026-04-16 | N/A |
| Buffer overflow in wu-ftp from PASV command causes a core dump. | ||||
| CVE-2006-3196 | 1 Singapore | 1 Singapore | 2026-04-16 | N/A |
| index.php in singapore 0.10.0 and earlier allows remote attackers to obtain the installation path via an invalid template parameter, which reveals the path in an error message. | ||||
| CVE-2006-3195 | 1 Singapore | 1 Singapore | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in singapore 0.10.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the template parameter. | ||||
| CVE-2006-3194 | 1 Singapore | 1 Singapore | 2026-04-16 | N/A |
| Directory traversal vulnerability in index.php in singapore 0.10.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) sequence and trailing null (%00) byte in the (1) gallery and (2) template parameter. | ||||
| CVE-2006-3193 | 1 Grayscale | 1 Bandsite Cms | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Grayscale BandSite CMS 1.1.1, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) includes/content/contact_content.php; multiple files in adminpanel/includes/add_forms/ including (2) addbioform.php, (3) addfliersform.php, (4) addgenmerchform.php, (5) addinterviewsform.php, (6) addlinksform.php, (7) addlyricsform.php, (8) addmembioform.php, (9) addmerchform.php, (10) addmerchpicform.php, (11) addnewsform.php, (12) addphotosform.php, (13) addreleaseform.php, (14) addreleasepicform.php, (15) addrelmerchform.php, (16) addreviewsform.php, (17) addshowsform.php, (18) addwearmerchform.php; (19) adminpanel/includes/mailinglist/disphtmltbl.php, and (20) adminpanel/includes/mailinglist/dispxls.php. | ||||
| CVE-2000-0711 | 2 Microsoft, Netscape | 2 Virtual Machine, Communicator | 2026-04-16 | N/A |
| Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim's system via a malicious applet, as demonstrated by Brown Orifice. | ||||
| CVE-1999-0075 | 1 Washington University | 1 Wu-ftpd | 2026-04-16 | N/A |
| PASV core dump in wu-ftpd daemon when attacker uses a QUOTE PASV command after specifying a username and password. | ||||
| CVE-2006-3834 | 1 Ej3 | 1 Topo | 2026-04-16 | N/A |
| EJ3 TOPo 2.2.178 includes the password in cleartext in the ID field to index.php, which allows context-dependent attackers to obtain entry passwords via log files, referrers, or other vectors. | ||||
| CVE-2006-3833 | 1 Ej3 | 1 Topo | 2026-04-16 | N/A |
| index.php in EJ3 TOPo 2.2.178 allows remote attackers to overwrite existing entries and establish new passwords for the overwritten entries via a URL with a modified entry ID. | ||||