Export limit exceeded: 349431 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (349431 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-1498 | 1 Slackware | 1 Slackware Linux | 2026-04-16 | N/A |
| Slackware Linux 3.4 pkgtool allows local attacker to read and write to arbitrary files via a symlink attack on the reply file. | ||||
| CVE-2006-3563 | 1 Winged Gallery | 1 Winged Gallery | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in gallery/thumb.php in Winged Gallery 1.0 allows remote attackers to inject arbitrary web script or HTML via the image parameter. | ||||
| CVE-1999-1042 | 1 Cisco | 1 Resource Manager | 2026-04-16 | N/A |
| Cisco Resource Manager (CRM) 1.0 and 1.1 creates world-readable log files and temporary files, which may expose sensitive information, to local users such as user IDs, passwords and SNMP community strings. | ||||
| CVE-1999-1499 | 1 Isc | 1 Bind | 2026-04-16 | N/A |
| named in ISC BIND 4.9 and 8.1 allows local users to destroy files via a symlink attack on (1) named_dump.db when root kills the process with a SIGINT, or (2) named.stats when SIGIOT is used. | ||||
| CVE-2000-0066 | 1 Oreilly | 1 Website Professional | 2026-04-16 | N/A |
| WebSite Pro allows remote attackers to determine the real pathname of webdirectories via a malformed URL request. | ||||
| CVE-2006-3564 | 1 Hivemail | 1 Hivemail | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in HiveMail 1.3 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the email, (2) cond, or (3) name parameters to (a) addressbook.view.php, (4) the daysprune parameter to (b) index.php, (5) the data[to] parameter to (c) compose.email.php, and (6) the markas parameter to (d) read.markas.php. | ||||
| CVE-2006-3565 | 1 Hivemail | 1 Hivemail | 2026-04-16 | N/A |
| SQL injection vulnerability in search.results.php in HiveMail 1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the fields[] parameter. | ||||
| CVE-1999-1044 | 1 Digital | 1 Unix | 2026-04-16 | N/A |
| Vulnerability in Advanced File System Utility (advfs) in Digital UNIX 4.0 through 4.0d allows local users to gain privileges. | ||||
| CVE-2006-3566 | 1 Hivemail | 1 Hivemail | 2026-04-16 | N/A |
| search.results.php in HiveMail 3.1 and earlier allows remote attackers to obtain the installation path via certain manipulations related to the (1) searchdate and (2) folderids parameters. | ||||
| CVE-2006-3567 | 1 Juniper | 1 Dx | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the web administration interface logging feature in Juniper Networks (Redline) DX 5.1.x, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the username login field. | ||||
| CVE-2006-3568 | 1 Fantastic Guestbook Project | 1 Fantastic Guestbook | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in guestbook.php in Fantastic Guestbook 2.0.1, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the (1) first_name, (2) last_name, or (3) nickname parameters. | ||||
| CVE-1999-1045 | 1 Realnetworks | 1 Realserver | 2026-04-16 | N/A |
| pnserver in RealServer 5.0 and earlier allows remote attackers to cause a denial of service by sending a short, malformed request. | ||||
| CVE-2006-3569 | 1 Ibm | 1 Network Appliance Data Ontap | 2026-04-16 | N/A |
| Unspecified vulnerability in NetApp Data ONTAP 7.0x through 7.0.4P8D9, 7.1x, 7.1.0.1x, and 7.2RC1, RC2, and RC3, as used in IBM N series Filers and other products, allows unauthorized users to gain access to privileged commands via unknown vectors, probably related to incorrect capabilities with the audit role. | ||||
| CVE-1999-1046 | 1 Ipswitch | 1 Imail | 2026-04-16 | N/A |
| Buffer overflow in IMonitor in IMail 5.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to port 8181. | ||||
| CVE-1999-1500 | 1 True North | 1 Internet Anywhere Mail Server | 2026-04-16 | N/A |
| Internet Anywhere POP3 Mail Server 2.3.1 allows remote attackers to cause a denial of service (crash) via (1) LIST, (2) TOP, or (3) UIDL commands using letters as arguments. | ||||
| CVE-2006-3570 | 1 Drupal | 1 Drupal | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the webform module in Drupal 4.6 before July 8, 2006 and 4.7 before July 8, 2006 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-1999-1047 | 1 Bsdi | 1 Gauntlet | 2026-04-16 | N/A |
| When BSDI patches for Gauntlet 5.0 BSDI are installed in a particular order, Gauntlet allows remote attackers to bypass firewall access restrictions, and does not log the activities. | ||||
| CVE-2006-3571 | 1 Papoo | 1 Papoo | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in interna/hilfe.php in Papoo 3 RC3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) titel or (2) ausgabe parameters. | ||||
| CVE-2006-3572 | 1 Papoo | 1 Papoo | 2026-04-16 | N/A |
| SQL injection vulnerability in forumthread.php in Papoo 3 RC3 and earlier allows remote attackers to execute arbitrary SQL commands via the msgid parameter. | ||||
| CVE-2006-3031 | 1 Fipsasp | 1 Fipscms | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.asp in fipsCMS 4.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) w, (2) phcat, (3) dayid, and (4) calw parameters. | ||||