Export limit exceeded: 348231 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 348231 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 348231 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (348231 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-1188 | 1 Oracle | 1 Mysql | 2026-04-16 | N/A |
| mysqld in MySQL 3.21 creates log files with world-readable permissions, which allows local users to obtain passwords for users who are added to the user database. | ||||
| CVE-2006-3848 | 1 Krischan Jodies | 1 Ip Calculator | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in CGI wrapper for IP Calculator (IPCalc) 0.40 allows remote attackers to inject arbitrary web script or HTML via the URI (REQUEST_URI environment variable), which is used in the actionurl variable. | ||||
| CVE-2000-0117 | 1 Sun | 3 Cobalt Raq, Cobalt Raq 2, Cobalt Raq 3i | 2026-04-16 | N/A |
| The siteUserMod.cgi program in Cobalt RaQ2 servers allows any Site Administrator to modify passwords for other users, site administrators, and possibly admin (root). | ||||
| CVE-2006-3849 | 1 Pumpkin Studios | 2 Warzone, Warzone Resurrection | 2026-04-16 | N/A |
| Stack-based buffer overflow in Warzone 2100 and Warzone Resurrection 2.0.3 and earlier allows remote attackers to execute arbitrary code via a (1) long message handled by the recvTextMessage function in multiplay.c or a (2) long filename handled by NETrecvFile function in netplay/netplay.c. | ||||
| CVE-2000-0175 | 1 Sun | 1 Staroffice | 2026-04-16 | N/A |
| Buffer overflow in StarOffice StarScheduler web server allows remote attackers to gain root access via a long GET command. | ||||
| CVE-2006-3850 | 1 Lussumo | 1 Vanilla | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in upgrader.php in Vanilla CMS 1.0.1 and earlier, when /conf/old_settings.php exists, allows remote attackers to execute arbitrary PHP code via a URL in the RootDirectory parameter. NOTE: this issue has been disputed by a third party who states that the RootDirectory parameter is initialized before being used, for version 1.0. CVE analysis concurs with the dispute, but it is unclear whether older versions are affected | ||||
| CVE-2006-3851 | 1 X7 Group | 1 X7 Chat | 2026-04-16 | N/A |
| SQL injection vulnerability in upgradev1.php in X7 Chat 2.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the old_prefix parameter. | ||||
| CVE-2006-3852 | 1 Phptoys | 1 Micro Guestbook | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Micro GuestBook allows remote attackers to execute arbitrary SQL commands via the (1) name or (2) comment ("text") fields. | ||||
| CVE-2006-3878 | 1 Opsware | 1 Network Automation System | 2026-04-16 | N/A |
| Opsware Network Automation System (NAS) 6.0 installs /etc/init.d/mysql with insecure permissions, which allows local users to read the root password for the MySQL MAX database or gain privileges by modifying /etc/init.d/mysql. | ||||
| CVE-1999-1189 | 1 Netscape | 2 Communicator, Navigator | 2026-04-16 | N/A |
| Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument after the ? character in a URL that references an .asp, .cgi, .html, or .pl file. | ||||
| CVE-2006-3879 | 1 Miod Vallat | 1 Mikmod | 2026-04-16 | N/A |
| Integer overflow in the loadChunk function in loaders/load_gt2.c in libmikmod in Mikmod Sound System 3.2.2 allows remote attackers to cause a denial of service via a GRAOUMF TRACKER (GT2) module file with a large (0xffffffff) comment length value in an XCOM chunk. | ||||
| CVE-1999-1190 | 1 Admiral Systems | 1 Emailclub | 2026-04-16 | N/A |
| Buffer overflow in POP3 server of Admiral Systems EmailClub 1.05 allows remote attackers to execute arbitrary commands via a long "From" header in an e-mail message. | ||||
| CVE-2006-3880 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2026-04-16 | N/A |
| Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Small Business Server 2003 allow remote attackers to cause a denial of service (IP stack hang) via a continuous stream of packets on TCP port 135 that have incorrect TCP header checksums and random numbers in certain TCP header fields, as demonstrated by the Achilles Windows Attack Tool. NOTE: the researcher reports that the Microsoft Security Response Center has stated "Our investigation which has included code review, review of the TCPDump, and attempts on reproing the issue on multiple fresh installs of various Windows Operating Systems have all resulted in non confirmation. | ||||
| CVE-2006-3881 | 1 Musicbox | 1 Musicbox | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Shalwan MusicBox 2.3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter in a request for the top-level URI. NOTE: the id parameter in index.php, and the type and show parameters in a top action, are already covered by CVE-2006-1349; and the term parameter in a search action is already covered by CVE-2006-1806. | ||||
| CVE-2006-3883 | 1 Gonafish | 1 Linkscaffe | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Gonafish LinksCaffe 3.0 allow remote attackers to inject arbitrary web script or HTML via (1) the tablewidth parameter in (a) counter.php; (2) the newdays parameter in (b) links.php; and the (3) tableborder, (4) menucolor, (5) textcolor, and (6) bodycolor parameters in (c) menu.inc.php. | ||||
| CVE-1999-1191 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument. | ||||
| CVE-2006-3897 | 1 Microsoft | 2 Internet Explorer, Windows 2000 | 2026-04-16 | N/A |
| Stack overflow in Microsoft Internet Explorer 6 on Windows 2000 allows remote attackers to cause a denial of service (application crash) by creating an NMSA.ASFSourceMediaDescription.1 ActiveX object with a long dispValue property. | ||||
| CVE-2006-3902 | 1 Phpfaber | 1 Topsites | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in phpFaber TopSites 2.0.9 allows remote attackers to inject arbitrary web script or HTML via the i_cat parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-1999-1203 | 1 Ascend | 1 Multilink Ppp For Isdn | 2026-04-16 | N/A |
| Multilink PPP for ISDN dialup users in Ascend before 4.6 allows remote attackers to cause a denial of service via a spoofed endpoint identifier. | ||||
| CVE-1999-1212 | 1 Sun | 1 Sunos | 2026-04-16 | N/A |
| Vulnerability in in.rlogind in SunOS 4.0.3 and 4.0.3c allows local users to gain root privileges. | ||||