Export limit exceeded: 349498 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (349498 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-0661 | 2026-04-16 | N/A | ||
| A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail 8.12.6. | ||||
| CVE-2006-2805 | 1 Jelsoft | 1 Vbulletin | 2026-04-16 | N/A |
| SQL injection vulnerability in VBulletin 3.0.10 allows remote attackers to execute arbitrary SQL commands via the featureid parameter. | ||||
| CVE-1999-0662 | 2026-04-16 | N/A | ||
| A system-critical program or library does not have the appropriate patch, hotfix, or service pack installed, or is outdated or obsolete. | ||||
| CVE-2006-2811 | 1 Cantico | 1 Ovidentia | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Cantico Ovidentia 5.8.0 allow remote attackers to execute arbitrary PHP code via a URL in the babInstallPath parameter in (1) index.php, (2) topman.php, (3) approb.php, (4) vacadmb.php, (5) vacadma.php, (6) vacadm.php, (7) statart.php, (8) search.php, (9) posts.php, (10) options.php, (11) login.php, (12) frchart.php, (13) flbchart.php, (14) fileman.php, (15) faq.php, (16) event.php, (17) directory.php, (18) articles.php, (19) artedit.php, (20) calday.php, and additional unspecified PHP scripts. NOTE: the utilit.php vector is already covered by CVE-2005-1964. | ||||
| CVE-2006-2812 | 1 Dominios Europa | 1 Picrate | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in Dominios Europa PICRATE (aka TAL RateMyPic) 1.0 allow remote attackers to inject arbitrary web script or HTML via a javascript URI in the SRC attribute of an IMG element in the (1) name (aka nick), (2) email, and (3) comment boxes; and via the (4) id parameter. | ||||
| CVE-1999-0663 | 2026-04-16 | N/A | ||
| A system-critical program, library, or file has a checksum or other integrity measurement that indicates that it has been modified. | ||||
| CVE-1999-1421 | 1 N-base | 2 Nh208, Nh215 | 2026-04-16 | N/A |
| NBase switches NH208 and NH215 run a TFTP server which allows remote attackers to send software updates to modify the switch or cause a denial of service (crash) by guessing the target filenames, which have default names. | ||||
| CVE-2006-2815 | 1 Two Shoes Mambo Factory | 1 Simpleboard | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Two Shoes M-Factory (TSMF) SimpleBoard 1.1.0 Stable (aka com_simpleboard), as used in Mambo and Joomla!, allow remote attackers to inject arbitrary web script or HTML via (1) the Name field in "post ne topic" in the Frontend, (2) the Title (aka Community-Title) field in Simpleboard Configuration in the Backend Admin Panel, and the (3) Name (aka Forum-Title) and (4) Name (aka Category-Title) fields in Simpleboard Administration in the Backend Admin Panel. NOTE: some sources have stated that the sb_authorname parameter is affected, but it is unclear which field is related to it. | ||||
| CVE-2006-2820 | 1 Hotwebscripts | 1 Weblog Oggi | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in HotWebScripts.com Weblog Oggi 1.0 allows remote attackers to inject arbitrary web script or HTML via a comment, possibly involving a javascript URI in the SRC attribute of an IMG element. | ||||
| CVE-1999-0664 | 2026-04-16 | N/A | ||
| An application-critical Windows NT registry key has inappropriate permissions. | ||||
| CVE-1999-0665 | 2026-04-16 | N/A | ||
| An application-critical Windows NT registry key has an inappropriate value. | ||||
| CVE-1999-0670 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Buffer overflow in the Eyedog ActiveX control allows a remote attacker to execute arbitrary commands. | ||||
| CVE-2006-2827 | 1 Qualiteam | 1 X-cart | 2026-04-16 | 9.8 Critical |
| SQL injection vulnerability in search.php in X-Cart Gold and Pro 4.0.18, and X-Cart 4.1.0 beta 1, allows remote attackers to execute arbitrary SQL commands via the "Search for pattern" field, when the settings specify only "Search in Detailed description" and "Search also in ISBN." NOTE: the vendor disputed this issue in a comment on the original researcher's blog, saying "the bug does not impose any security threat and remote attackers can't add, modify, or delete information in the back-end database by sending specially-crafted SQL statements to the search.php script using various search parameters." As of 20060605, the original blog entry is unavailable, although ISS also reports the same dispute. CVE has not been able to investigate this issue further, although the researcher sometimes makes inaccurate claims | ||||
| CVE-2006-2835 | 1 Arabless | 1 Saphplesson | 2026-04-16 | N/A |
| SQL injection vulnerability in saphplesson 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) forumid parameter in add.php and (2) lessid parameter in show.php. | ||||
| CVE-1999-0672 | 1 Fujitsu | 1 Chocoa | 2026-04-16 | N/A |
| Buffer overflow in Fujitsu Chocoa IRC client via IRC channel topics. | ||||
| CVE-2006-2837 | 1 Techno Dreams | 1 Techno Dreams Guest Book | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Techno Dreams Guest Book allows remote attackers to inject arbitrary web script or HTML via certain comment fields in the "Sign Our GuestBook" page, probably the x_Comments parameter to guestbookadd.asp. | ||||
| CVE-1999-0673 | 1 Crear | 1 Almail32 | 2026-04-16 | N/A |
| Buffer overflow in ALMail32 POP3 client via From: or To: headers. | ||||
| CVE-2006-2838 | 1 F-secure | 2 F-secure Anti-virus, Internet Gatekeeper | 2026-04-16 | N/A |
| Buffer overflow in the web console in F-Secure Anti-Virus for Microsoft Exchange 6.40, and Internet Gatekeeper 6.40 through 6.42 and 6.50 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors. NOTE: By default, the connections are only allowed from the local host. | ||||
| CVE-1999-0681 | 1 Microsoft | 2 Frontpage, Personal Web Server | 2026-04-16 | N/A |
| Buffer overflow in Microsoft FrontPage Server Extensions (PWS) 3.0.2.926 on Windows 95, and possibly other versions, allows remote attackers to cause a denial of service via a long URL. | ||||
| CVE-2006-2839 | 1 Webwork | 1 Webwork | 2026-04-16 | N/A |
| Directory traversal vulnerability in PG Problem Editor module (PGProblemEditor.pm) in WeBWorK Online Homework Delivery System 2.2.0 and earlier allows remote attackers to read and write files outside of the templates directory. | ||||