Export limit exceeded: 18570 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 351382 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 351382 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (351382 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-0760 | 1 Allaire | 1 Coldfusion Server | 2026-04-16 | N/A |
| Undocumented ColdFusion Markup Language (CFML) tags and functions in the ColdFusion Administrator allow users to gain additional privileges. | ||||
| CVE-1999-1453 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 4 allows remote attackers (malicious web site operators) to read the contents of the clipboard via the Internet WebBrowser ActiveX object. | ||||
| CVE-2000-0034 | 1 Netscape | 1 Communicator | 2026-04-16 | N/A |
| Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled "remember passwords." | ||||
| CVE-2006-3029 | 1 Clicktech | 1 Clickcart | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in default.asp in ClickTech Clickcart 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the cat parameter. | ||||
| CVE-1999-0769 | 4 Caldera, Debian, Paul Vixie and 1 more | 4 Openlinux, Debian Linux, Vixie Cron and 1 more | 2026-04-16 | N/A |
| Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable. | ||||
| CVE-2006-3030 | 1 Dwzone | 1 Dwzone Shopping Cart | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in DwZone Shopping Cart 1.1.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) ToCategory and (2) FromCategory parameters to (a) ProductDetailsForm.asp and (3) UserName and (4) Password parameters to (b) LogIn/VerifyUserLog.asp. | ||||
| CVE-1999-0778 | 1 Xi Graphics | 1 Accelerated-x Server | 2026-04-16 | N/A |
| Buffer overflow in Xi Graphics Accelerated-X server allows local users to gain root access via a long display or query parameter. | ||||
| CVE-2006-2731 | 1 Enigma Haber | 1 Enigma Haber | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Enigma Haber 4.3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in (a) e_mesaj_yas.asp, (b) edi_haber.asp, and (c) haber_devam.asp; (2) hid parameter in (d) yazdir.asp and (e) yorum.asp, and the (3) e parameter in (f) arsiv.asp. NOTE: with administrator credentials, additional vectors exist including (4) yid parameter to (g) admin/y_admin.asp, (5) bid parameter to (h) admin/reklam_detay.asp, hid parameter to (i) admin/detay_yorum.asp and (j) admin/haber_sil.asp, (6) kid parameter to (k) admin/kategori_d.asp, (7) tur parameter to (l) admin/haber_ekle.asp, (8) s parameter to (m) admin/e_mesaj_yaz.asp, and id parameter to (n) admin/admin_sil.asp. | ||||
| CVE-1999-0591 | 2026-04-16 | N/A | ||
| An event log in Windows NT has inappropriate access permissions. | ||||
| CVE-2006-2730 | 1 Hot Open Tickets | 1 Hot Open Tickets | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in admin/lib_action_step.php in Hot Open Tickets (HOT) 11012004_ver2f, when register_globals is enabled, allows remote attackers to include arbitrary files via the GLOBALS[CLASS_PATH] parameter. NOTE: this issue might be resultant from a global overwrite vulnerability. | ||||
| CVE-1999-1416 | 1 Inso | 1 Dwhttpd | 2026-04-16 | N/A |
| AnswerBook2 (AB2) web server dwhttpd 3.1a4 allows remote attackers to cause a denial of service (resource exhaustion) via an HTTP POST request with a large content-length. | ||||
| CVE-1999-0590 | 3 Apple, Linux, Microsoft | 6 Macos, Linux Kernel, Windows 2000 and 3 more | 2026-04-16 | N/A |
| A system does not present an appropriate legal message or warning to a user who is accessing it. | ||||
| CVE-2006-2729 | 1 Jan Chmelik | 1 Photoalbum Bandw | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in superalbum/index.php in Photoalbum B&W 1.3 allows remote attackers to inject arbitrary web script or HTML via the gal parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-2717 | 1 Secure Elements | 1 C5 Enterprise Vulnerability Management | 2026-04-16 | N/A |
| Unspecified vulnerability in Secure Elements Class 5 AVR client and server (aka C5 EVM) before 2.8.1 allows authenticated attackers to overwrite arbitrary files (1) on a server during an update or (2) on a client via modified pathnames, possibly due to a directory traversal issue. | ||||
| CVE-2006-2716 | 1 Secure Elements | 1 C5 Enterprise Vulnerability Management | 2026-04-16 | N/A |
| Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 uses a hard-coded user ID and password, which allows remote attackers to gain access to the server. | ||||
| CVE-2006-2715 | 1 Secure Elements | 1 C5 Enterprise Vulnerability Management | 2026-04-16 | N/A |
| The Administration Console in Secure Elements Class 5 AVR (aka C5 EVM) before 2.8.1 does not enforce access control, which allows remote attackers to gain access to servers via the console. | ||||
| CVE-1999-1414 | 1 Ibm | 1 Netfinity Remote Control | 2026-04-16 | N/A |
| IBM Netfinity Remote Control allows local users to gain administrator privileges by starting programs from the process manager, which runs with system level privileges. | ||||
| CVE-1999-0589 | 2026-04-16 | N/A | ||
| A system-critical Windows NT registry key has inappropriate permissions. | ||||
| CVE-2006-2714 | 1 Secure Elements | 1 C5 Enterprise Vulnerability Management | 2026-04-16 | N/A |
| Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 does not validate the CEID of an incoming message, which allows remote attackers to send messages to a protected asset without knowing the proper CEID. | ||||
| CVE-2006-2713 | 1 Secure Elements | 1 C5 Enterprise Vulnerability Management | 2026-04-16 | N/A |
| Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 generates predictable CEIDs, which allows remote attackers to determine the CEID of a protected asset, which can be used in other attacks against AVR. | ||||