Export limit exceeded: 344983 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344983 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-4894 | 1 Idevspot | 1 Nixieaffiliate | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in forms/lostpassword.php in iDevSpot NixieAffiliate 1.9 and earlier allows remote attackers to inject arbitrary web script or HTML via the error parameter. | ||||
| CVE-2006-4865 | 1 Phpquiz | 1 Phpquiz | 2026-04-16 | N/A |
| Walter Beschmout PhpQuiz allows remote attackers to obtain sensitive information via a direct request to cfgphpquiz/install.php and other unspecified vectors. | ||||
| CVE-2006-4833 | 1 Verso Netperformer | 1 Frame Relay Access Device Act | 2026-04-16 | N/A |
| Verso NetPerformer FRAD ACT SDM-95xx 7.xx (R1) and earlier, SDM-93xx 10.x.x (R2) and earlier, and SDM-92xx 9.x.x (R1) and earlier allow remote attackers to cause a denial of service (hang or reboot) via an ICMP packet with the same destination and source address and port, aka the "Land" vulnerability. | ||||
| CVE-2006-4340 | 2 Mozilla, Redhat | 5 Firefox, Network Security Services, Seamonkey and 2 more | 2026-04-16 | N/A |
| Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5, when using an RSA key with exponent 3, does not properly handle extra data in a signature, which allows remote attackers to forge signatures for SSL/TLS and email certificates, a similar vulnerability to CVE-2006-4339. NOTE: on 20061107, Mozilla released an advisory stating that these versions were not completely patched by MFSA2006-60. The newer fixes for 1.5.0.7 are covered by CVE-2006-5462. | ||||
| CVE-2006-1214 | 1 Unreal | 1 Unrealircd | 2026-04-16 | N/A |
| UnrealIRCd 3.2.3 allows remote attackers to cause an unspecified denial of service by causing a linked server to send malformed TKL Q:Line commands, as demonstrated by "TKL - q\x08Q *\x08PoC." | ||||
| CVE-2006-0040 | 1 Gnome | 1 Evolution | 2026-04-16 | N/A |
| GNOME Evolution 2.4.2.1 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a text e-mail with a large number of URLs, possibly due to unknown problems in gtkhtml. | ||||
| CVE-2006-0031 | 1 Microsoft | 1 Office | 2026-04-16 | N/A |
| Stack-based buffer overflow in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed record with a modified length value, which leads to memory corruption. | ||||
| CVE-2005-4844 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| The CLSID_ApprenticeICW control allows remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer. | ||||
| CVE-2003-0900 | 1 Larry Wall | 1 Perl | 2026-04-16 | N/A |
| Perl 5.8.1 on Fedora Core does not properly initialize the random number generator when forking, which makes it easier for attackers to predict random numbers. | ||||
| CVE-1999-0506 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-04-16 | N/A |
| A Windows NT domain user or administrator account has a default, null, blank, or missing password. | ||||
| CVE-1999-0294 | 1 Microsoft | 1 Wins | 2026-04-16 | N/A |
| All records in a WINS database can be deleted through SNMP for a denial of service. | ||||
| CVE-2006-2503 | 1 Deluxebb | 1 Deluxebb | 2026-04-16 | N/A |
| SQL injection vulnerability in misc.php in DeluxeBB 1.06 allows remote attackers to execute arbitrary SQL commands via the name parameter. | ||||
| CVE-2004-0319 | 1 Ezboard | 1 Ezboard | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the font tag in ezBoard 7.3u allows remote attackers to execute arbitrary script as other users, as demonstrated using the background:url in a (1) font color or (2) font face argument. | ||||
| CVE-2004-0302 | 1 Fools Workshop | 1 Owls Workshop | 2026-04-16 | N/A |
| Directory traversal vulnerability in OWLS 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the (1) file parameter in index.php, (2) editfile in glossary.php, or (3) editfile in newmultiplechoice.php. | ||||
| CVE-1999-1580 | 2 Sendmail, Sun | 2 Sendmail, Sunos | 2026-04-16 | N/A |
| SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable and passing crafted values to the -oR option. | ||||
| CVE-1999-1494 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| colorview in Silicon Graphics IRIX 5.1, 5.2, and 6.0 allows local attackers to read arbitrary files via the -text argument. | ||||
| CVE-1999-1491 | 1 Redhat | 1 Linux | 2026-04-16 | N/A |
| abuse.console in Red Hat 2.1 uses relative pathnames to find and execute the undrv program, which allows local users to execute arbitrary commands via a path that points to a Trojan horse program. | ||||
| CVE-1999-1413 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Solaris 2.4 before kernel jumbo patch -35 allows set-gid programs to dump core even if the real user id is not in the set-gid group, which allows local users to overwrite or create files at higher privileges by causing a core dump, e.g. through dmesg. | ||||
| CVE-1999-1384 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| Indigo Magic System Tour in the SGI system tour package (systour) for IRIX 5.x through 6.3 allows local users to gain root privileges via a Trojan horse .exitops program, which is called by the inst command that is executed by the RemoveSystemTour program. | ||||
| CVE-1999-1239 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| HP-UX 9.x does not properly enable the Xauthority mechanism in certain conditions, which could allow local users to access the X display even when they have not explicitly been authorized to do so. | ||||