Export limit exceeded: 351058 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29923 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-0791 | 1 Hybrid Network | 2 Cable Modem, Hsmp | 2026-04-16 | N/A |
| Hybrid Network cable modems do not include an authentication mechanism for administration, allowing remote attackers to compromise the system through the HSMP protocol. | ||||
| CVE-2006-3042 | 1 Ispconfig | 1 Ispconfig | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in ISPConfig 2.2.3 allow remote attackers to execute arbitrary PHP code via a URL in the (1) go_info[isp][classes_root] parameter in (a) server.inc.php, and the (2) go_info[server][classes_root] parameter in (b) app.inc.php, (c) login.php, and (d) trylogin.php. NOTE: this issue has been disputed by the vendor, who states that the original researcher "reviewed the installation tarball that is not identical with the resulting system after installtion. The file, where the $go_info array is declared ... is created by the installer. | ||||
| CVE-1999-0792 | 1 Osicom | 1 Routermate | 2026-04-16 | N/A |
| ROUTERmate has a default SNMP community name which allows remote attackers to modify its configuration. | ||||
| CVE-2006-3069 | 1 Iglooweb | 1 Doublespeak | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in DoubleSpeak 0.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the config[private] parameter in multiple files, as demonstrated by (1) index.php, (2) faq.php, and (3) hardware.php. NOTE: this issue has been disputed by multiple third-party researchers, who state that config[private] is initialized in an include file before being used | ||||
| CVE-2006-3070 | 1 Zeroboard | 1 Zeroboard | 2026-04-16 | N/A |
| write_ok.php in Zeroboard 4.1 pl8, when installed on Apache with mod_mime, allows remote attackers to bypass restrictions for uploading files with executable extensions by uploading a .htaccess file that with an AddType directive that assigns an executable module to files with assumed-safe extensions, as demonstrated by assigning the txt extension to be handled by application/x-httpd-php. | ||||
| CVE-2006-3071 | 1 Anton Belev | 1 Mp3 Search Archive | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in MP3 Search/Archive 1.2 allows remote attackers to inject arbitrary web script or HTML via the (1) keywords parameter, as used by the "search box", and (2) res parameter. | ||||
| CVE-2006-3072 | 1 Symantec | 1 Security Information Manager | 2026-04-16 | N/A |
| M4 Macro Library in Symantec Security Information Manager before 4.0.2.29 HOTFIX 1 allows local users to execute arbitrary commands via crafted "rule definitions", which produces dangerous Java code during M4 transformation. | ||||
| CVE-2006-3073 | 1 Cisco | 2 Asa 5500, Vpn 3000 Concentrator Series Software | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the WebVPN feature in the Cisco VPN 3000 Series Concentrators and Cisco ASA 5500 Series Adaptive Security Appliances (ASA), when in WebVPN clientless mode, allow remote attackers to inject arbitrary web script or HTML via the domain parameter in (1) dnserror.html and (2) connecterror.html, aka bugid CSCsd81095 (VPN3k) and CSCse48193 (ASA). NOTE: the vendor states that "WebVPN full-network-access mode" is not affected, despite the claims by the original researcher. | ||||
| CVE-1999-0798 | 5 Bsdi, Freebsd, Openbsd and 2 more | 7 Bsd Os, Freebsd, Openbsd and 4 more | 2026-04-16 | N/A |
| Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type. | ||||
| CVE-2006-3134 | 1 Gracenote | 1 Cddbcontrol Activex Control | 2026-04-16 | N/A |
| Buffer overflow in GraceNote CDDBControl ActiveX Control, as used by multiple products that use Gracenote CDDB, allows remote attackers to execute arbitrary code via a long option string. | ||||
| CVE-1999-0831 | 4 Cobalt, Debian, Sun and 1 more | 6 Qube, Debian Linux, Cobalt Raq and 3 more | 2026-04-16 | N/A |
| Denial of service in Linux syslogd via a large number of connections. | ||||
| CVE-2006-3135 | 1 Hotwebscripts | 1 Cms Mundo | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in CMS Mundo 1.0 build 008, and possibly other versions, allow remote attackers to execute arbitrary SQL commands via the (1) news_id parameter in the (a) news module, (2) searchstring parameter in (b) the search module, (3) id parameter in (c) the webshop module, (4) username parameter in (d) index.php, and (5) Name, (6) Address, (7) Zip, (8) City, (9) Country, and (10) Email fields during (e) a user profile update. | ||||
| CVE-1999-0832 | 2 Debian, Redhat | 2 Debian Linux, Linux | 2026-04-16 | N/A |
| Buffer overflow in NFS server on Linux allows attackers to execute commands via a long pathname. | ||||
| CVE-1999-0833 | 2 Isc, Sun | 3 Bind, Solaris, Sunos | 2026-04-16 | N/A |
| Buffer overflow in BIND 8.2 via NXT records. | ||||
| CVE-1999-0834 | 1 Rsa | 1 Rsaref | 2026-04-16 | N/A |
| Buffer overflow in RSAREF2 via the encryption and decryption functions in the RSAREF library. | ||||
| CVE-1999-0835 | 3 Ibm, Sco, Sun | 4 Aix, Openserver, Unixware and 1 more | 2026-04-16 | N/A |
| Denial of service in BIND named via malformed SIG records. | ||||
| CVE-1999-0836 | 1 Sco | 1 Unixware | 2026-04-16 | N/A |
| UnixWare uidadmin allows local users to modify arbitrary files via a symlink attack. | ||||
| CVE-1999-0837 | 2 Isc, Sun | 3 Bind, Solaris, Sunos | 2026-04-16 | N/A |
| Denial of service in BIND by improperly closing TCP sessions via so_linger. | ||||
| CVE-1999-0838 | 1 Deerfield | 1 Serv-u Ftp-server | 2026-04-16 | N/A |
| Buffer overflow in Serv-U FTP 2.5 allows remote users to conduct a denial of service via the SITE command. | ||||
| CVE-1999-0840 | 1 Sun | 1 Sunos | 2026-04-16 | N/A |
| Buffer overflow in CDE dtmail and dtmailpr programs allows local users to gain privileges via a long -f option. | ||||