Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-0881 1 Phpoutsourcing 1 Noahs Classifieds 2026-04-16 N/A
Multiple PHP remote file include vulnerabilities in gorum/gorumlib.php in Noah's Classifieds 1.3, when register_globals is enabled, allow remote attackers to include arbitrary PHP files via the (1) upperTemplate and (2) lowerTemplate parameters, as demonstrated using the lowerTemplate parameter to index.php.
CVE-2005-4316 1 Hp 1 Hp-ux 2026-04-16 N/A
HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows remote attackers to cause a denial of service via a "Rose Attack" that involves sending a subset of small IP fragments that do not form a complete, larger packet.
CVE-2001-0338 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 5.5 and earlier does not properly validate digital certificates when Certificate Revocation List (CRL) checking is enabled, which could allow remote attackers to spoof trusted web sites, aka the "Server certificate validation vulnerability."
CVE-2006-1135 1 Sblog 1 Sblog 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in sBlog 0.7.2 allow remote attackers to inject arbitrary web script or HTML via the (1) keyword parameter to search.php or (2) username parameter to comments_do.php.
CVE-2001-0349 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Microsoft Windows 2000 telnet service creates named pipes with predictable names and does not properly verify them, which allows local users to execute arbitrary commands by creating a named pipe with the predictable name and associating a malicious program with it, the first of two variants of this vulnerability.
CVE-2006-2817 1 Tekno.portal 1 Tekno.portal 2026-04-16 N/A
SQL injection vulnerability in bolum.php in tekno.Portal allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2001-0357 1 Matt Wright 1 Formmail 2026-04-16 N/A
FormMail.pl in FormMail 1.6 and earlier allows a remote attacker to send anonymous email (spam) by modifying the recipient and message parameters.
CVE-2001-0358 2 Sierra, Valve Software 2 Half-life, Half-life 2026-04-16 N/A
Buffer overflows in Sierra Half-Life build 1573 and earlier allow remote attackers to execute arbitrary code via (1) a long map command, (2) a long exec command, or (3) long input in a configuration file.
CVE-2001-0359 2 Sierra, Valve Software 2 Half-life, Half-life Dedicated Server 2026-04-16 N/A
Format string vulnerability in Sierra Half-Life build 1573 and earlier allows a remote attacker to execute arbitrary code via the map command.
CVE-2001-0367 1 Mirabilis 1 Icq 2026-04-16 N/A
Mirabilis ICQ WebFront Plug-in ICQ2000b Build 3278 allows a remote attacker to create a denial of service via HTTP URL requests containing a large number of % characters.
CVE-2001-0368 1 Free Peers 1 Bearshare 2026-04-16 N/A
Directory traversal vulnerability in BearShare 2.2.2 and earlier allows a remote attacker to read certain files via a URL containing a series of . characters, a variation of the .. (dot dot) attack.
CVE-2001-0371 1 Freebsd 1 Freebsd 2026-04-16 N/A
Race condition in the UFS and EXT2FS file systems in FreeBSD 4.2 and earlier, and possibly other operating systems, makes deleted data available to user processes before it is zeroed out, which allows a local user to access otherwise restricted information.
CVE-2001-0380 1 Crosscom Olicom 1 Xlt-f 2026-04-16 N/A
Crosscom/Olicom XLT-F running XL 80 IM Version 5.5 Build Level 2 allows a remote attacker SNMP read and write access via a default, undocumented community string 'ILMI'.
CVE-2001-0440 4 Conectiva, Licq, Mandrakesoft and 1 more 5 Linux, Licq, Mandrake Linux and 2 more 2026-04-16 N/A
Buffer overflow in logging functions of licq before 1.0.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands.
CVE-2006-1146 1 Cor Entertainment 1 Alien Arena 2006 2026-04-16 N/A
Stack-based buffer overflow in the Cmd_Say_f function in g_cmds.c in Alien Arena 2006 Gold Edition 5.00 allows remote attackers (possibly authenticated) to execute arbitrary code by sending a long message to the server.
CVE-2001-0442 1 David Harris 1 Mercury Nlm 2026-04-16 N/A
Buffer overflow in Mercury MTA POP3 server for NetWare 1.48 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long APOP command.
CVE-2001-0444 1 Cisco 1 Cbos 2026-04-16 N/A
Cisco CBOS 2.3.0.053 sends output of the "sh nat" (aka "show nat") command to the terminal of the next user who attempts to connect to the router via telnet, which could allow that user to obtain sensitive information.
CVE-2001-0446 1 Ibm 1 Websphere Commerce Suite 2026-04-16 N/A
IBM WCS (WebSphere Commerce Suite) 4.0.1 with Application Server 3.0.2 allows remote attackers to read source code for .jsp files by appending a / to the requested URL.
CVE-2006-1152 1 M Phorum 1 M Phorum 2026-04-16 N/A
PHP remote file inclusion vulnerability in index.php in M-Phorum 0.2 allows remote attackers to include arbitrary files via the go parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-0343 1 Hitachi 2 Jpi Netsight Ii Port Discovery Advance, Jpi Netsight Ii Port Discovery Standard 2026-04-16 N/A
Unspecified vulnerability in the Port Discovery Standard and Advanced features in Hitachi JP1/NetInsight II allows attackers to stop the Port Discovery service via unknown vectors involving "invalid format data".