Export limit exceeded: 13912 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346519 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-0913 | 1 Apache | 1 Http Server | 2026-04-16 | N/A |
| mod_rewrite in Apache 1.3.12 and earlier allows remote attackers to read arbitrary files if a RewriteRule directive is expanded to include a filename whose name contains a regular expression. | ||||
| CVE-2003-0434 | 4 Adobe, Mandrakesoft, Redhat and 1 more | 7 Acrobat, Mandrake Linux, Mandrake Linux Corporate Server and 4 more | 2026-04-16 | N/A |
| Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink. | ||||
| CVE-2000-0916 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| FreeBSD 4.1.1 and earlier, and possibly other BSD-based OSes, uses an insufficient random number generator to generate initial TCP sequence numbers (ISN), which allows remote attackers to spoof TCP connections. | ||||
| CVE-2000-0920 | 1 Boa | 1 Boa Webserver | 2026-04-16 | N/A |
| Directory traversal vulnerability in BOA web server 0.94.8.2 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack in the GET HTTP request that uses a "%2E" instead of a "." | ||||
| CVE-2000-0922 | 1 Bytes Interactive | 1 Web Shopper | 2026-04-16 | N/A |
| Directory traversal vulnerability in Bytes Interactive Web Shopper shopping cart program (shopper.cgi) 2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack on the newpage parameter. | ||||
| CVE-2000-0923 | 1 Aplio | 1 Aplio Phone | 2026-04-16 | N/A |
| authenticate.cgi CGI program in Aplio PRO allows remote attackers to execute arbitrary commands via shell metacharacters in the password parameter. | ||||
| CVE-2006-0313 | 1 Pdfdirectory | 1 Pdfdirectory | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in PDFdirectory before 1.0 allow remote attackers to execute arbitrary SQL commands via multiple unspecified vectors involving (1) util.php, (2) userpref.php, (3) user.php, (4) uploadfrm.php, (5) title.php, (6) team.php, (7) stats.php, (8) page.php, (9) org.php, (10) member.php, (11) index.php, (12) group.php, or (13) anniv.php. | ||||
| CVE-2000-0932 | 1 Clearswift | 1 Mailsweeper For Smtp | 2026-04-16 | N/A |
| MAILsweeper for SMTP 3.x does not properly handle corrupt CDA documents in a ZIP file and hangs, which allows remote attackers to cause a denial of service. | ||||
| CVE-2000-0938 | 1 Samba | 1 Samba | 2026-04-16 | N/A |
| Samba Web Administration Tool (SWAT) in Samba 2.0.7 supplies a different error message when a valid username is provided versus an invalid name, which allows remote attackers to identify valid users on the server. | ||||
| CVE-2003-0435 | 1 Typespeed | 1 Typespeed | 2026-04-16 | N/A |
| Buffer overflow in net_swapscore for typespeed 0.4.1 and earlier allows remote attackers to execute arbitrary code. | ||||
| CVE-2000-0941 | 1 Kootenay Web Inc | 1 Kootenay Web Inc Whois | 2026-04-16 | N/A |
| Kootenay Web KW Whois 1.0 CGI program allows remote attackers to execute arbitrary commands via shell metacharacters in the "whois" parameter. | ||||
| CVE-2003-0437 | 1 Mnogosearch | 1 Mnogosearch | 2026-04-16 | N/A |
| Buffer overflow in search.cgi for mnoGoSearch 3.2.10 allows remote attackers to execute arbitrary code via a long tmplt parameter. | ||||
| CVE-2000-0943 | 1 Max-wilhelm Bruker | 1 Bftpd | 2026-04-16 | N/A |
| Buffer overflow in bftp daemon (bftpd) 1.0.11 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long USER command. | ||||
| CVE-2000-0947 | 1 Gnu | 1 Cfengine | 2026-04-16 | N/A |
| Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0a11 allows attackers to execute arbitrary commands via format characters in the CAUTH command. | ||||
| CVE-2006-0315 | 1 Indexcor | 1 Ezdatabase | 2026-04-16 | N/A |
| index.php in EZDatabase before 2.1.2 does not properly cleanse the p parameter before constructing and including a .php filename, which allows remote attackers to conduct directory traversal attacks, and produces resultant cross-site scripting (XSS) and path disclosure. | ||||
| CVE-2000-0949 | 2 Lbl, Sun | 2 Lbl Traceroute, Sunos | 2026-04-16 | N/A |
| Heap overflow in savestr function in LBNL traceroute 1.4a5 and earlier allows a local user to execute arbitrary commands via the -g option. | ||||
| CVE-2006-0317 | 1 Redkernel | 1 Referrer Tracker | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in rkrt_stats.php in RedKernel Referrer Tracker 1.1.0-3 allows remote attackers to inject arbitrary web script or HTML via a query string value as a GET, which is stored in the $QUERY_STRING variable. NOTE: the provenance of this information is unknown; portions of the details are obtained from third party information. | ||||
| CVE-2000-0950 | 1 Tis | 1 Internet Firewall Toolkit | 2026-04-16 | N/A |
| Format string vulnerability in x-gw in TIS Firewall Toolkit (FWTK) allows local users to execute arbitrary commands via a malformed display name. | ||||
| CVE-2006-0318 | 1 Insane Visions | 1 Blogphp | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in BlogPHP 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands and bypass authentication via the username parameter in a login action. | ||||
| CVE-2000-0954 | 1 Evolvable Corporation | 1 Shambala Server | 2026-04-16 | N/A |
| Shambala Server 4.5 stores passwords in plaintext, which could allow local users to obtain the passwords and compromise the server. | ||||