Export limit exceeded: 345253 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345253 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-1361 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Windows NT 3.51 and 4.0 running WINS (Windows Internet Name Service) allows remote attackers to cause a denial of service (resource exhaustion) via a flood of malformed packets, which causes the server to slow down and fill the event logs with error messages. | ||||
| CVE-2006-2451 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| The suid_dumpable support in Linux kernel 2.6.13 up to versions before 2.6.17.4, and 2.6.16 before 2.6.16.24, allows a local user to cause a denial of service (disk consumption) and possibly gain privileges via the PR_SET_DUMPABLE argument of the prctl function and a program that causes a core dump file to be created in a directory for which the user does not have permissions. | ||||
| CVE-2006-2452 | 1 Gnome | 1 Gdm | 2026-04-16 | N/A |
| GNOME GDM 2.8, 2.12, 2.14, and 2.15, when the "face browser" feature is enabled, allows local users to access the "Configure Login Manager" functionality using their own password instead of the root password, which can be leveraged to gain additional privileges. | ||||
| CVE-1999-0439 | 2 Caldera, Procmail | 2 Openlinux, Procmail | 2026-04-16 | N/A |
| Buffer overflow in procmail before version 3.12 allows remote or local attackers to execute commands via expansions in the procmailrc configuration file. | ||||
| CVE-1999-1362 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Win32k.sys in Windows NT 4.0 before SP2 allows local users to cause a denial of service (crash) by calling certain WIN32K functions with incorrect parameters. | ||||
| CVE-2006-2453 | 2 Dia, Redhat | 2 Dia, Enterprise Linux | 2026-04-16 | N/A |
| Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors, a different set of issues than CVE-2006-2480. | ||||
| CVE-1999-0440 | 2 Netscape, Sun | 3 Communicator, Navigator, Java | 2026-04-16 | N/A |
| The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages. | ||||
| CVE-1999-1363 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Windows NT 3.51 and 4.0 allow local users to cause a denial of service (crash) by running a program that creates a large number of locks on a file, which exhausts the NonPagedPool. | ||||
| CVE-2006-2458 | 1 Libextractor | 1 Libextractor | 2026-04-16 | N/A |
| Multiple heap-based buffer overflows in Libextractor 0.5.13 and earlier allow remote attackers to execute arbitrary code via (1) the asf_read_header function in the ASF plugin (plugins/asfextractor.c), and (2) the parse_trak_atom function in the QT plugin (plugins/qtextractor.c). | ||||
| CVE-2006-2459 | 1 Php Fusion | 1 Php Fusion | 2026-04-16 | N/A |
| SQL injection vulnerability in messages.php in PHP-Fusion 6.00.307 and earlier allows remote authenticated users to execute arbitrary SQL commands via the srch_where parameter. | ||||
| CVE-2006-2460 | 1 Sugarcrm | 1 Sugarcrm | 2026-04-16 | N/A |
| Sugar Suite Open Source (SugarCRM) 4.2 and earlier, when register_globals is enabled, does not protect critical variables such as $_GLOBALS and $_SESSION from modification, which allows remote attackers to conduct attacks such as directory traversal or PHP remote file inclusion, as demonstrated by modifying the GLOBALS[sugarEntry] parameter. | ||||
| CVE-1999-0441 | 1 Qbik | 1 Wingate | 2026-04-16 | N/A |
| Remote attackers can perform a denial of service in WinGate machines using a buffer overflow in the Winsock Redirector Service. | ||||
| CVE-1999-1364 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Windows NT 4.0 allows local users to cause a denial of service (crash) via an illegal kernel mode address to the functions (1) GetThreadContext or (2) SetThreadContext. | ||||
| CVE-1999-1582 | 1 Cisco | 1 Pix Firewall | 2026-04-16 | N/A |
| By design, the "established" command on the Cisco PIX firewall allows connections from one host to arbitrary ports of a target host if an alternative conduit has already been allowed, which can cause administrators to configure less restrictive access controls than intended if they do not understand this functionality. | ||||
| CVE-2000-0091 | 1 Inter7 | 1 Vpopmail | 2026-04-16 | N/A |
| Buffer overflow in vchkpw/vpopmail POP authentication package allows remote attackers to gain root privileges via a long username or password. | ||||
| CVE-2000-0128 | 1 Daniel Beckham | 1 The Finger Server | 2026-04-16 | N/A |
| The Finger Server 0.82 allows remote attackers to execute commands via shell metacharacters. | ||||
| CVE-2006-2464 | 1 Bea | 1 Weblogic Server | 2026-04-16 | N/A |
| stopWebLogic.sh in BEA WebLogic Server 8.1 before Service Pack 4 and 7.0 before Service Pack 6 displays the administrator password to stdout when executed, which allows local users to obtain the password by viewing a local display. | ||||
| CVE-1999-0442 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Solaris ff.core allows local users to modify files. | ||||
| CVE-1999-1365 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Windows NT searches a user's home directory (%systemroot% by default) before other directories to find critical programs such as NDDEAGNT.EXE, EXPLORER.EXE, USERINIT.EXE or TASKMGR.EXE, which could allow local users to bypass access restrictions or gain privileges by placing a Trojan horse program into the root directory, which is writable by default. | ||||
| CVE-2006-2471 | 1 Bea | 1 Weblogic Server | 2026-04-16 | N/A |
| Multiple vulnerabilities in BEA WebLogic Server 8.1 through SP4, 7.0 through SP6, and 6.1 through SP7 leak sensitive information to remote attackers, including (1) DNS and IP addresses to address to T3 clients, (2) internal sensitive information using GetIORServlet, (3) certain "server details" in exceptions when invalid XML is provided, and (4) a stack trace in a SOAP fault. | ||||