Export limit exceeded: 345233 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10331 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29894 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-1522 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in im.php in IMessenger for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via a message. | ||||
| CVE-2006-2230 | 1 Xine | 1 Xine | 2026-04-16 | N/A |
| Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine 0.99.4 might allow attackers to cause a denial of service via format string specifiers in an MP3 filename specified on the command line. NOTE: this is a different vulnerability than CVE-2006-1905. In addition, if the only attack vectors involve a user-assisted, local command line argument of a non-setuid program, this issue might not be a vulnerability. | ||||
| CVE-2004-2003 | 1 Delegate | 1 Delegate | 2026-04-16 | N/A |
| Buffer overflow in the ssl_prcert function in the SSLway filter (sslway.c) for DeleGate 8.9.2 and earlier allows remote attackers to execute arbitrary code via a certificate with a long (1) subject or (2) issuer name field. | ||||
| CVE-2006-2278 | 1 Arabless | 1 Saphplesson | 2026-04-16 | N/A |
| SaphpLesson 3.0 does not initialize array variables, which allows remote attackers to obtain the full path via an non-array (1) hrow parameter to (a) show.php or (b) index.php; the (2) Lsnrow parameter to (c) showcat.php; or the (3) rows parameter to index.php. | ||||
| CVE-1999-0381 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2026-04-16 | N/A |
| super 3.11.6 and other versions have a buffer overflow in the syslog utility which allows a local user to gain root access. | ||||
| CVE-2006-2279 | 1 Arabless | 1 Saphplesson | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in SaphpLesson 3.0 allow remote attackers to execute arbitrary SQL commands via (1) the Find parameter in (a) search.php, and the (2) LID and (3) Rate parameters in (b) misc.php. | ||||
| CVE-1999-0382 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| The screen saver in Windows NT does not verify that its security context has been changed properly, allowing attackers to run programs with elevated privileges. | ||||
| CVE-2001-1516 | 1 Hans Wolters | 1 Phpreview | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in phpReview 0.9.0 rc2 and earlier allows remote attackers to inject arbitrary web script or HTML via user-submitted reviews. | ||||
| CVE-2004-2002 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| Unknown vulnerability in SGI IRIX 6.5 through 6.5.22m allows remote attackers to cause a denial of service via a certain UDP packet. | ||||
| CVE-2001-1513 | 1 Macromedia | 1 Jrun | 2026-04-16 | N/A |
| Macromedia JRun 3.0 and 3.1 allows remote attackers to obtain duplicate active user session IDs and perform actions as other users via a URL request for the web application directory without the trailing '/' (slash), as demonstrated using ctx. | ||||
| CVE-2001-1510 | 1 Macromedia | 1 Jrun | 2026-04-16 | N/A |
| Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS 4.0 and 5.0, iPlanet, Apache, JRun web server (JWS), and possibly other web servers allows remote attackers to read arbitrary files and directories by appending (1) "%3f.jsp", (2) "?.jsp" or (3) "?" to the requested URL. | ||||
| CVE-2006-2282 | 1 X7 Group | 1 X7 Chat | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in X7 Chat 2.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via a javascript URI in the URL of an avatar, possibly related to the avatar parameter in register.php. | ||||
| CVE-2004-2001 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| ifconfig "-arp" in SGI IRIX 6.5 through 6.5.22m does not properly disable ARP requests from being sent or received. | ||||
| CVE-2001-1508 | 1 Sco | 1 Openserver | 2026-04-16 | N/A |
| Buffer overflow in lpstat in SCO OpenServer 5.0 through 5.0.6a allows local users to execute arbitrary code as group bin via a long command line argument. | ||||
| CVE-2001-1499 | 1 Checkpoint | 1 Vpn-1 | 2026-04-16 | N/A |
| Check Point VPN-1 4.1SP4 using SecuRemote returns different error messages for valid and invalid users, with prompts that vary depending on the authentication method being used, which makes it easier for remote attackers to conduct brute force attacks. | ||||
| CVE-2004-2000 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| SQL injection vulnerability in the Downloads module in Php-Nuke 6.x through 7.2 allows remote attackers to execute arbitrary SQL via the (1) orderby or (2) sid parameters to modules.php. | ||||
| CVE-2001-1490 | 1 Mozilla | 1 Mozilla | 2026-04-16 | N/A |
| Mozilla 0.9.6 allows remote attackers to cause a denial of service (CPU consumption and memory leak) via a web page with a large number of images. | ||||
| CVE-2006-2283 | 1 Spiffyjr | 1 Phpraid | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in SpiffyJr phpRaid 2.9.5 through 3.0.b3 allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) auth.php and (2) auth_phpbb when the phpBB portal is enabled, and via a URL in the smf_root_path parameter in (3) auth.php and (4) auth_SMF when the SMF portal is enabled. | ||||
| CVE-2006-2284 | 2 Claroline, Dokeos | 2 Claroline, Dokeos | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.5 allow remote attackers to execute arbitrary PHP code via a URL in the (1) clarolineRepositorySys parameter in ldap.inc.php and the (2) claro_CasLibPath parameter in casProcess.inc.php. | ||||
| CVE-2006-2289 | 1 Avahi | 1 Avahi | 2026-04-16 | N/A |
| Buffer overflow in avahi-core in Avahi before 0.6.10 allows local users to execute arbitrary code via unknown vectors. | ||||