Export limit exceeded: 345788 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345788 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-3832 | 1 Gerrit Van Aaken | 1 Loudblog | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in Gerrit van Aaken Loudblog 0.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-1999-0074 | 4 Freebsd, Linux, Microsoft and 1 more | 4 Freebsd, Linux Kernel, Windows Nt and 1 more | 2026-04-16 | N/A |
| Listening TCP ports are sequentially allocated, allowing spoofing attacks. | ||||
| CVE-2006-3831 | 1 Kailash Nadh | 1 Boastmachine | 2026-04-16 | N/A |
| The Backup selection in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier uses predicable filenames for database backups and stores the files under the web root with insufficient access control, which allows remote attackers to obtain sensitive information by downloading a backup file. | ||||
| CVE-2006-3830 | 1 Kailash Nadh | 1 Boastmachine | 2026-04-16 | N/A |
| The Languages selection in the admin interface in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier allows remote authenticated administrators to upload files with arbitrary extensions to the bmc/Inc/Lang directory. NOTE: because the uploaded files cannot be accessed through HTTP, this issue is a vulnerability only if there is a likely usage pattern in which the files would be opened or executed by local users, e.g., malware files with names that entice local users to open the files. | ||||
| CVE-2006-3829 | 1 Kailash Nadh | 1 Boastmachine | 2026-04-16 | N/A |
| Cross-site request forgery (CSRF) vulnerability in bmc/admin.php in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier allows remote attackers to perform unauthorized actions as an administrator and delete arbitrary user accounts via a delete_user action. | ||||
| CVE-1999-1079 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Vulnerability in ptrace in AIX 4.3 allows local users to gain privileges by attaching to a setgid program. | ||||
| CVE-1999-1078 | 1 Ipswitch | 1 Ws Ftp Pro | 2026-04-16 | N/A |
| WS_FTP Pro 6.0 uses weak encryption for passwords in its initialization files, which allows remote attackers to easily decrypt the passwords and gain privileges. | ||||
| CVE-1999-0072 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Buffer overflow in AIX xdat gives root access to local users. | ||||
| CVE-1999-0071 | 1 Apache | 1 Http Server | 2026-04-16 | N/A |
| Apache httpd cookie buffer overflow for versions 1.1.1 and earlier. | ||||
| CVE-2006-3827 | 1 Kailash Nadh | 1 Boastmachine | 2026-04-16 | N/A |
| SQL injection vulnerability in bmc/Inc/core/admin/search.inc.php in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier allows remote authenticated administrators to execute arbitrary SQL commands via the blog parameter. | ||||
| CVE-2006-3826 | 1 Kailash Nadh | 1 Boastmachine | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) user_login, (2) full_name, and (3) URL parameters in register.php; and allow remote authenticated administrators to inject arbitrary web script or HTML via the (4) cat_list and (5) key parameters in a certain portion of the admin interface. | ||||
| CVE-1999-1076 | 1 Apple | 1 Macos | 2026-04-16 | N/A |
| Idle locking function in MacOS 9 allows local users to bypass the password protection of idled sessions by selecting the "Log Out" option and selecting a "Cancel" option in the dialog box for an application that attempts to verify that the user wants to log out, which returns the attacker into the locked session. | ||||
| CVE-2006-3737 | 1 Swsoft | 1 Plesk Control Panel | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in filemanager/filemanager.php in the control panel in SWsoft Plesk 8.0 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the file parameter. | ||||
| CVE-2001-1081 | 2 Lucent, Simon Horms | 2 Radius, Radius | 2026-04-16 | N/A |
| Format string vulnerabilities in Livingston/Lucent RADIUS before 2.1.va.1 may allow local or remote attackers to cause a denial of service and possibly execute arbitrary code via format specifiers that are injected into log messages. | ||||
| CVE-2001-1009 | 2 Fetchmail, Redhat | 2 Fetchmail, Linux | 2026-04-16 | N/A |
| Fetchmail (aka fetchmail-ssl) before 5.8.17 allows a remote malicious (1) IMAP server or (2) POP/POP3 server to overwrite arbitrary memory and possibly gain privileges via a negative index number as part of a response to a LIST request. | ||||
| CVE-2001-1105 | 2 Cisco, Dell | 2 Icdn, Bsafe Ssl-j | 2026-04-16 | N/A |
| RSA BSAFE SSL-J 3.0, 3.0.1 and 3.1, as used in Cisco iCND 2.0, caches session IDs from failed login attempts, which could allow remote attackers to bypass SSL client authentication and gain access to sensitive data by logging in after an initial failure. | ||||
| CVE-1999-1017 | 1 Seattle Lab Software | 1 Emurl | 2026-04-16 | N/A |
| Seattle Labs Emurl 2.0, and possibly earlier versions, stores e-mail attachments in a specific directory with scripting enabled, which allows a malicious ASP file attachment to execute when the recipient opens the message. | ||||
| CVE-2000-0689 | 1 Cgi Script Center | 1 Account Manager | 2026-04-16 | N/A |
| Account Manager LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the amadmin.pl script with the setpasswd parameter. | ||||
| CVE-2002-0013 | 2 Redhat, Snmp | 3 Linux, Powertools, Snmp | 2026-04-16 | N/A |
| Vulnerabilities in the SNMPv1 request handling of a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via (1) GetRequest, (2) GetNextRequest, and (3) SetRequest messages, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available. | ||||
| CVE-2002-1702 | 1 Deltascripts | 1 Php Classifieds | 2026-04-16 | N/A |
| Cross-site scripting vulnerability (XSS) in DeltaScripts PHP Classifieds 6.0.5 allows remote attackers to execute arbitrary script as other users via the URL parameter. | ||||