Export limit exceeded: 351327 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (351327 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-3134 | 1 Gracenote | 1 Cddbcontrol Activex Control | 2026-04-16 | N/A |
| Buffer overflow in GraceNote CDDBControl ActiveX Control, as used by multiple products that use Gracenote CDDB, allows remote attackers to execute arbitrary code via a long option string. | ||||
| CVE-1999-0831 | 4 Cobalt, Debian, Sun and 1 more | 6 Qube, Debian Linux, Cobalt Raq and 3 more | 2026-04-16 | N/A |
| Denial of service in Linux syslogd via a large number of connections. | ||||
| CVE-2006-3135 | 1 Hotwebscripts | 1 Cms Mundo | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in CMS Mundo 1.0 build 008, and possibly other versions, allow remote attackers to execute arbitrary SQL commands via the (1) news_id parameter in the (a) news module, (2) searchstring parameter in (b) the search module, (3) id parameter in (c) the webshop module, (4) username parameter in (d) index.php, and (5) Name, (6) Address, (7) Zip, (8) City, (9) Country, and (10) Email fields during (e) a user profile update. | ||||
| CVE-1999-0832 | 2 Debian, Redhat | 2 Debian Linux, Linux | 2026-04-16 | N/A |
| Buffer overflow in NFS server on Linux allows attackers to execute commands via a long pathname. | ||||
| CVE-1999-0833 | 2 Isc, Sun | 3 Bind, Solaris, Sunos | 2026-04-16 | N/A |
| Buffer overflow in BIND 8.2 via NXT records. | ||||
| CVE-1999-0834 | 1 Rsa | 1 Rsaref | 2026-04-16 | N/A |
| Buffer overflow in RSAREF2 via the encryption and decryption functions in the RSAREF library. | ||||
| CVE-1999-0835 | 3 Ibm, Sco, Sun | 4 Aix, Openserver, Unixware and 1 more | 2026-04-16 | N/A |
| Denial of service in BIND named via malformed SIG records. | ||||
| CVE-1999-0836 | 1 Sco | 1 Unixware | 2026-04-16 | N/A |
| UnixWare uidadmin allows local users to modify arbitrary files via a symlink attack. | ||||
| CVE-1999-0837 | 2 Isc, Sun | 3 Bind, Solaris, Sunos | 2026-04-16 | N/A |
| Denial of service in BIND by improperly closing TCP sessions via so_linger. | ||||
| CVE-1999-0838 | 1 Deerfield | 1 Serv-u Ftp-server | 2026-04-16 | N/A |
| Buffer overflow in Serv-U FTP 2.5 allows remote users to conduct a denial of service via the SITE command. | ||||
| CVE-1999-0839 | 1 Microsoft | 1 Ie | 2026-04-16 | N/A |
| Windows NT Task Scheduler installed with Internet Explorer 5 allows a user to gain privileges by modifying the job after it has been scheduled. | ||||
| CVE-1999-0840 | 1 Sun | 1 Sunos | 2026-04-16 | N/A |
| Buffer overflow in CDE dtmail and dtmailpr programs allows local users to gain privileges via a long -f option. | ||||
| CVE-2006-3136 | 1 Nucleus Group | 1 Nucleus Cms | 2026-04-16 | 9.8 Critical |
| Multiple PHP remote file inclusion vulnerabilities in Nucleus 3.23 allow remote attackers to execute arbitrary PHP code via a URL the DIR_LIBS parameter in (1) path/action.php, and to files in path/nucleus including (2) media.php, (3) /xmlrpc/server.php, and (4) /xmlrpc/api_metaweblog.inc.php. NOTE: this is a similar vulnerability to CVE-2006-2583. NOTE: this issue has been disputed by third parties, who state that the DIR_LIBS parameter is defined in an include file before being used | ||||
| CVE-1999-0841 | 1 Sun | 1 Sunos | 2026-04-16 | N/A |
| Buffer overflow in CDE mailtool allows local users to gain root privileges via a long MIME Content-Type. | ||||
| CVE-2006-3137 | 1 Cutting Edge Computing | 1 Edge Ecommerce Shop | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in productDetail.asp in Edge eCommerce Shop allows remote attackers to inject arbitrary web script or HTML via the cart_id parameter. | ||||
| CVE-2006-3138 | 1 Accomplishtechnology | 1 Phpmydirectory | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpMyDirectory 10.4.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) PIC parameter in offers-pix.php, (2) from parameter in cp/index.php, and (3) action parameter in cp/admin_index.php. | ||||
| CVE-2006-3139 | 1 Vwar | 1 Virtual War | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in war.php in Virtual War (VWar) 1.5.0 R14 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) s, (2) showgame, (3) sortorder, and (4) sortby parameters. | ||||
| CVE-2006-3141 | 1 Dpivision | 1 Tradingeye Shop | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in details.cfm in Tradingeye Shop R4 and earlier allows remote attackers to inject arbitrary web script or HTML via the image parameter. | ||||
| CVE-1999-0842 | 1 Symantec | 1 Mail-gear | 2026-04-16 | N/A |
| Symantec Mail-Gear 1.0 web interface server allows remote users to read arbitrary files via a .. (dot dot) attack. | ||||
| CVE-2006-3144 | 1 Ibd | 1 Micro Cms | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in micro_cms_files/microcms-include.php in Implied By Design (IBD) Micro CMS 3.5 (aka 0.3.5) and earlier allows remote attackers to execute arbitrary PHP code via a URL in the microcms_path parameter. NOTE: it was later reported that this can also be leveraged to include and execute arbitrary local files via .. (dot dot) sequences. | ||||