Export limit exceeded: 345456 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345456 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-1104 | 1 Sonicwall | 2 Soho, Soho Firmware | 2026-04-16 | N/A |
| SonicWALL SOHO uses easily predictable TCP sequence numbers, which allows remote attackers to spoof or hijack sessions. | ||||
| CVE-2006-3663 | 1 Finjan | 1 Vital Security | 2026-04-16 | N/A |
| Finjan Vital Security Appliance 5100/8100 NG 8.3.5 stores passwords in plaintext in a backup file, which allows local users to gain privileges. NOTE: the vendor has notified CVE that this issue was fixed in 8.3.6. | ||||
| CVE-1999-0687 | 4 Cde, Digital, Ibm and 1 more | 5 Cde, Unix, Aix and 2 more | 2026-04-16 | N/A |
| The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands. | ||||
| CVE-2000-0201 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| The window.showHelp() method in Internet Explorer 5.x does not restrict HTML help files (.chm) to be executed from the local host, which allows remote attackers to execute arbitrary commands via Microsoft Networking. | ||||
| CVE-2000-0828 | 1 Mobius | 1 Documentdirect For The Internet | 2026-04-16 | N/A |
| Buffer overflow in ddicgi.exe in Mobius DocumentDirect for the Internet 1.2 allows remote attackers to execute arbitrary commands via a long User-Agent parameter. | ||||
| CVE-2001-1103 | 1 Rhinosoft | 1 Ftp Voyager | 2026-04-16 | N/A |
| FTP Voyager ActiveX control before 8.0, when it is marked as safe for scripting (the default) or if allowed by the IObjectSafety interface, allows remote attackers to execute arbitrary commands. | ||||
| CVE-2001-1106 | 1 Sambar | 1 Sambar Server | 2026-04-16 | N/A |
| The default configuration of Sambar Server 5 and earlier uses a symmetric key that is compiled into the binary program for encrypting passwords, which could allow local users to break all user passwords by cracking the key or modifying a copy of the sambar program to call the decryption procedure. | ||||
| CVE-2001-1107 | 1 Snapstream | 1 Pvs | 2026-04-16 | N/A |
| SnapStream PVS 1.2a stores its passwords in plaintext in the file SSD.ini, which could allow a remote attacker to gain privileges on the server. | ||||
| CVE-2006-3664 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Unspecified vulnerability in NIS server on Sun Solaris 8, 9, and 10 allows local and remote attackers to cause a denial of service (ypserv hang) via unknown vectors. | ||||
| CVE-2006-3632 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2026-04-16 | N/A |
| Buffer overflow in Wireshark (aka Ethereal) 0.8.16 to 0.99.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the NFS dissector. | ||||
| CVE-1999-1501 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| (1) ipxchk and (2) ipxlink in SGI OS2 IRIX 6.3 does not properly clear the IFS environmental variable before executing system calls, which allows local users to execute arbitrary commands. | ||||
| CVE-1999-1484 | 1 Microsoft | 1 Msn Setup Bulletin Board Services | 2026-04-16 | N/A |
| Buffer overflow in MSN Setup BBS 4.71.0.10 ActiveX control (setupbbs.ocx) allows a remote attacker to execute arbitrary commands via the methods (1) vAddNewsServer or (2) bIsNewsServerConfigured. | ||||
| CVE-2006-3573 | 1 Milan Mimica | 1 Sparklet | 2026-04-16 | N/A |
| Format string vulnerability in the WriteText function in agl_text.cpp in Milan Mimica Sparklet 0.9.4 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a player nickname. | ||||
| CVE-1999-0576 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| A Windows NT system's file audit policy does not log an event success or failure for security-critical files or directories. | ||||
| CVE-1999-0577 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| A Windows NT system's file audit policy does not log an event success or failure for non-critical files or directories. | ||||
| CVE-2006-3915 | 1 Microsoft | 2 Internet Explorer, Windows Xp | 2026-04-16 | N/A |
| Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by iterating over any native function, as demonstrated with the window.alert function, which triggers a null dereference. | ||||
| CVE-1999-0578 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| A Windows NT system's registry audit policy does not log an event success or failure for security-critical registry keys. | ||||
| CVE-2006-3916 | 1 Solucija | 1 Snews | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in snews.php in sNews (aka Solucija News) 1.4 allows remote attackers to inject arbitrary web script or HTML via the search_query parameter. | ||||
| CVE-1999-0579 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| A Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys. | ||||
| CVE-2006-3917 | 1 R. Corson | 1 Php Forge | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in inc/gabarits.php in R. Corson PHP Forge 3 beta 2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cfg_racine parameter. | ||||