Export limit exceeded: 363202 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29946 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-0224 | 1 Libast | 1 Libast | 2026-04-16 | N/A |
| Buffer overflow in Library of Assorted Spiffy Things (LibAST) 0.6.1 and earlier, as used in Eterm and possibly other software, allows local users to execute arbitrary code as the utmp user via a long -X command line argument (alternative configuration file name). | ||||
| CVE-2000-0682 | 1 Bea | 1 Weblogic Server | 2026-04-16 | N/A |
| BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /ConsoleHelp/ into the URL, which invokes the FileServlet. | ||||
| CVE-2000-0683 | 1 Bea | 1 Weblogic Server | 2026-04-16 | N/A |
| BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /*.shtml/ into the URL, which invokes the SSIServlet. | ||||
| CVE-2003-0394 | 1 Blnews | 1 Blnews | 2026-04-16 | N/A |
| objects.inc.php4 in BLNews 2.1.3 allows remote attackers to execute arbitrary PHP code via a Server[path] parameter that points to malicious code on an attacker-controlled web site. | ||||
| CVE-2000-0685 | 1 Bea | 1 Weblogic Server | 2026-04-16 | N/A |
| BEA WebLogic 5.1.x does not properly restrict access to the PageCompileServlet, which could allow remote attackers to compile and execute Java JHTML code by directly invoking the servlet on any source file. | ||||
| CVE-2006-0227 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Multiple unspecified vulnerabilities in lpsched in Sun Solaris 8, 9, and 10 allow local users to delete arbitrary files or disable the LP print service via unknown attack vectors. | ||||
| CVE-2003-0397 | 1 Sharman Networks | 1 Kazaa | 2026-04-16 | N/A |
| Buffer overflow in FastTrack (FT) network code, as used in Kazaa 2.0.2 and possibly other versions and products, allows remote attackers to execute arbitrary code via a packet containing a large list of supernodes, aka "Packet 0' death." | ||||
| CVE-2000-0691 | 1 Gert Doering | 1 Mgetty | 2026-04-16 | N/A |
| The faxrunq and faxrunqd in the mgetty package allows local users to create or modify arbitrary files via a symlink attack which creates a symlink in from /var/spool/fax/outgoing/.last_run to the target file. | ||||
| CVE-2003-0398 | 1 Vignette | 3 Content Suite, Storyserver, Vignette | 2026-04-16 | N/A |
| Vignette StoryServer 4 and 5, and Vignette V/5 and V/6, with the SSI EXEC feature enabled, allows remote attackers to execute arbitrary code via a text variable to a Vignette Application that is later displayed. | ||||
| CVE-2003-1146 | 1 John Beatty | 1 Easy Php Photo Album | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in John Beatty Easy PHP Photo Album 1.0 allows remote attackers to inject arbitrary web script or HTML via the dir parameter. | ||||
| CVE-2000-0694 | 1 Tech-source | 1 Raptor Gfx Pgx32 | 2026-04-16 | N/A |
| pgxconfig in the Raptor GFX configuration tool allows local users to gain privileges via a symlink attack. | ||||
| CVE-2003-0401 | 1 Vignette | 3 Content Suite, Storyserver, Vignette | 2026-04-16 | N/A |
| Vignette StoryServer and Vignette V/5 allows remote attackers to obtain sensitive information via a request for the /vgn/style template. | ||||
| CVE-2003-1254 | 1 Active Php Bookmarks | 1 Active Php Bookmarks | 2026-04-16 | N/A |
| Active PHP Bookmarks (APB) 1.1.01 allows remote attackers to execute arbitrary PHP code via (1) head.php, (2) apb_common.php, or (3) apb_view_class.php by modifying the APB_SETTINGS parameter to reference a URL on a remote web server that contains the code. | ||||
| CVE-2000-0698 | 1 Minicom | 1 Minicom | 2026-04-16 | N/A |
| Minicom 1.82.1 and earlier on some Linux systems allows local users to create arbitrary files owned by the uucp user via a symlink attack. | ||||
| CVE-2003-1259 | 1 Globalscape | 1 Cuteftp | 2026-04-16 | N/A |
| Buffer overflow in CuteFTP 4.2 and 5.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP server banner. | ||||
| CVE-2003-0403 | 1 Vignette | 3 Content Suite, Storyserver, Vignette | 2026-04-16 | N/A |
| Vignette StoryServer 5 and Vignette V/5 allows remote attackers to read and modify license information, and cause a denial of service (service halt) by directly accessing the /vgn/license template. | ||||
| CVE-2006-3743 | 2 Imagemagick, Redhat | 2 Imagemagick, Enterprise Linux | 2026-04-16 | N/A |
| Multiple buffer overflows in ImageMagick before 6.2.9 allow user-assisted attackers to execute arbitrary code via crafted XCF images. | ||||
| CVE-2006-3753 | 1 Professional Home Page Tools | 1 Professional Home Page Tools Guestbook | 2026-04-16 | N/A |
| setcookie.php for the administration login in Professional Home Page Tools Guestbook records the hash of the administrator password in a cookie, which allows attackers to conduct brute force password guessing attacks after obtaining the hash. | ||||
| CVE-2006-3792 | 1 Ufo2000 | 1 Ufo2000 | 2026-04-16 | N/A |
| SQL injection vulnerability in ServerClientUfo::recv_packet in server_protocol.cpp in UFO2000 svn 1057 allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving the packet.c_str function. | ||||
| CVE-2006-3845 | 1 Rarlab | 1 Winrar | 2026-04-16 | N/A |
| Stack-based buffer overflow in lzh.fmt in WinRAR 3.00 through 3.60 beta 6 allows remote attackers to execute arbitrary code via a long filename in a LHA archive. | ||||