Export limit exceeded: 29908 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29908 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-0882 | 1 Falcon | 1 Falcon Web Server | 2026-04-16 | N/A |
| Falcon web server allows remote attackers to determine the absolute path of the web root via long file names. | ||||
| CVE-1999-1465 | 1 Cisco | 1 Ios | 2026-04-16 | N/A |
| Vulnerability in Cisco IOS 11.1 through 11.3 with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled input interface to an output interface with a logical subinterface, as described by Cisco bug CSCdk43862. | ||||
| CVE-2006-3214 | 1 Hitachi | 2 Groupmax Address Server, Groupmax Mail Server | 2026-04-16 | N/A |
| Unspecified vulnerability in Hitachi Groupmax Address Server 7 and earlier, and Groupmax Mail Server 7 and earlier allows remote attackers to cause a denial of service (product "stop") via unspecified vectors involving "unexpected requests". | ||||
| CVE-1999-0883 | 1 Zeus Technologies | 1 Zeus Web Server | 2026-04-16 | N/A |
| Zeus web server allows remote attackers to read arbitrary files by specifying the file name in an option to the search engine. | ||||
| CVE-2006-3220 | 1 Woltlab | 1 Burning Board | 2026-04-16 | N/A |
| SQL injection vulnerability in studienplatztausch.php in Woltlab Burning Board (WBB) 2.2.1 allows remote attackers to execute arbitrary SQL commands via the sid parameter. | ||||
| CVE-1999-0884 | 1 Zeus Technologies | 1 Zeus Web Server | 2026-04-16 | N/A |
| The Zeus web server administrative interface uses weak encryption for its passwords. | ||||
| CVE-2006-3222 | 1 Fortinet | 1 Fortios | 2026-04-16 | N/A |
| The FTP proxy module in Fortinet FortiOS (FortiGate) before 2.80 MR12 and 3.0 MR2 allows remote attackers to bypass anti-virus scanning via the Enhanced Passive (EPSV) FTP mode. | ||||
| CVE-1999-0885 | 1 Computer Software Manufaktur | 1 Alibaba | 2026-04-16 | N/A |
| Alibaba web server allows remote attackers to execute commands via a pipe character in a malformed URL. | ||||
| CVE-2006-3223 | 1 Broadcom | 3 Etrust Antivirus, Etrust Pestpatrol, Integrated Threat Management | 2026-04-16 | N/A |
| Format string vulnerability in CA Integrated Threat Management (ITM), eTrust Antivirus (eAV), and eTrust PestPatrol (ePP) r8 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a scan job with format strings in the description field. | ||||
| CVE-2006-3257 | 1 Claroline | 1 Claroline | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.7.7 allow remote attackers to inject arbitrary HTML or web script via unspecified attack vectors, possibly including (1) calendar/myagenda.php, (2) document/document.php, (3) phpbb/newtopic.php, (4) tracking/userLog.php, and (5) wiki/page.php. | ||||
| CVE-2006-3265 | 1 Qdig | 1 Qdig | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in Qdig before 1.2.9.3, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) pre_gallery or (2) post_gallery parameters. | ||||
| CVE-2006-3266 | 1 Magnet | 1 Bee-hive Lite | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Bee-hive Lite 1.2 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) header parameter to (a) conad/include/rootGui.inc.php and (b) include/rootGui.inc.php; (2) mysqlCall parameter to (c) conad/changeEmail.inc.php, (d) conad/changeUserDetails.inc.php, (e) conad/checkPasswd.inc.php, (f) conad/login.inc.php and (g) conad/logout.inc.php; (3) mysqlcall parameter to (h) include/listall.inc.php; (4) prefix parameter to (i) show/index.php; and (5) config parameter to (j) conad/include/mysqlCall.inc.php. | ||||
| CVE-2006-3270 | 1 Thorcms | 1 Thorcms | 2026-04-16 | N/A |
| SQL injection vulnerability in cms_admin.php in THoRCMS 1.3.1 allows remote attackers to execute arbitrary SQL commands via multiple unspecified parameters, such as the add_link_mid parameter. NOTE: the provenance of this information is unknown; portions of the details are obtained from third party information. | ||||
| CVE-2006-3273 | 1 Astrodog Press | 1 Some Chess | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in menu.php in Some Chess 1.5 rc1 allows remote attackers to inject arbitrary web script or HTML via the user parameter ("New Name" field). | ||||
| CVE-2006-3317 | 1 Spiffyjr | 1 Phpraid | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in phpRaid 3.0.6 allows remote attackers to execute arbitrary code via a URL in the phpraid_dir parameter to (1) announcements.php and (2) rss.php, a different set of vectors and affected versions than CVE-2006-3316 and CVE-2006-3116. | ||||
| CVE-1999-0917 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| The Preloader ActiveX control used by Internet Explorer allows remote attackers to read arbitrary files. | ||||
| CVE-2006-3319 | 1 Php Icalendar | 1 Php Icalendar | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in rss/index.php in PHP iCalendar 2.22 and earlier allows remote attackers to inject arbitrary web script or HTML via the cal parameter. | ||||
| CVE-2006-3320 | 1 Sitebar | 1 Sitebar | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in command.php in SiteBar 3.3.8 and earlier allows remote attackers to inject arbitrary web script or HTML via the command parameter. | ||||
| CVE-1999-0956 | 1 Next | 1 Nextstep | 2026-04-16 | N/A |
| The NeXT NetInfo _writers property allows local users to gain root privileges or conduct a denial of service. | ||||
| CVE-1999-0957 | 1 Great Circle Associates | 1 Majorcool | 2026-04-16 | N/A |
| MajorCool mj_key_cache program allows local users to modify files via a symlink attack. | ||||