Export limit exceeded: 18940 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29913 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29913 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0599 | 1 Sybase | 1 Adaptive Server Anywhere | 2026-04-16 | N/A |
| Sybase Adaptive Server Anywhere Database Engine 6.0.3.2747 and earlier as included with Symantec Ghost 6.5 allows a remote attacker to create a denial of service by sending large (> 45Kb) amounts of data to port 2638. | ||||
| CVE-2006-1235 | 1 David Ravenscroft | 1 Hithost | 2026-04-16 | N/A |
| Directory traversal vulnerability in admin/deleteuser.php in HitHost 1.0.0 might allow remote attackers to delete directories (possibly only empty directories) via the $deleteuser variable. NOTE: the initial disclosure for this issue indicated that the researcher was unable to prove this issue; however, this might have been due to certain behaviors of rmdir. | ||||
| CVE-2001-0608 | 1 Hp | 1 Mpe | 2026-04-16 | N/A |
| HP architected interface facility (AIF) as includes with MPE/iX 5.5 through 6.5 running on a HP3000 allows an attacker to gain additional privileges and gain access to databases via the AIF - AIFCHANGELOGON program. | ||||
| CVE-2006-1237 | 1 Dsportal | 1 Dsnewsletter | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in DSNewsletter 1.0, with magic_quotes_gpc disabled, allow remote attackers to execute arbitrary SQL commands via the email parameter to (1) include/sub.php, (2) include/confirm.php, or (3) include/unconfirm.php. | ||||
| CVE-2006-0540 | 1 Tachyon | 1 Vanilla Guestbook | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Tachyon Vanilla Guestbook 1.0 beta allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2001-0611 | 1 Rimarts Inc. | 1 Becky Internet Mail | 2026-04-16 | N/A |
| Becky! 2.00.05 and earlier can allow a remote attacker to gain additional privileges via a buffer overflow attack on long messages without newline characters. | ||||
| CVE-2006-1239 | 1 Countersoft | 1 Gemini | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in issue/createissue.aspx in Gemini 2.0 allows remote attackers to inject arbitrary web script or HTML via the rtcDescription$RadEditor1 field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-2844 | 1 Redaxo | 1 Redaxo | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Redaxo 3.0 allow remote attackers to execute arbitrary PHP code via a URL in the REX[INCLUDE_PATH] parameter to (1) simple_user/pages/index.inc.php and (2) stats/pages/index.inc.php. | ||||
| CVE-2001-0612 | 1 Mcafee | 1 Remote Desktop 32 | 2026-04-16 | N/A |
| McAfee Remote Desktop 3.0 and earlier allows remote attackers to cause a denial of service (crash) via a large number of packets to port 5045. | ||||
| CVE-2006-0547 | 1 Oracle | 1 Database Server | 2026-04-16 | N/A |
| Oracle Database 8i, 9i, and 10g allow remote authenticated users to execute arbitrary SQL statements in the context of the SYS user and bypass audit logging, including statements to create new privileged database accounts, via a modified AUTH_ALTER_SESSION attribute in the authentication phase of the Transparent Network Substrate (TNS) protocol. NOTE: due to the lack of relevant details from the Oracle advisory, a separate CVE is being created since it cannot be conclusively proven that this issue has been addressed by Oracle. It is possible that this is the same issue as Oracle Vuln# DB18 from the January 2006 CPU, in which case this would be subsumed by CVE-2006-0265. | ||||
| CVE-2001-0615 | 1 Faust Informatics | 1 Freestyle Chat | 2026-04-16 | N/A |
| Directory traversal vulnerability in Faust Informatics Freestyle Chat server prior to 4.1 SR3 allows a remote attacker to read arbitrary files via a specially crafted URL which includes variations of a '..' (dot dot) attack such as '...' or '....'. | ||||
| CVE-2001-0617 | 1 Alliedtelesyn | 1 At-ar220e | 2026-04-16 | N/A |
| Allied Telesyn AT-AR220e cable/DSL router firmware 1.08a RC14 with the portmapper and the 'Virtual Server' enabled can allow a remote attacker to gain access to mapped services even though the single portmappings may be disabled. | ||||
| CVE-2001-0618 | 1 Lucent | 1 Orinoco Rg-1000 | 2026-04-16 | N/A |
| Orinoco RG-1000 wireless Residential Gateway uses the last 5 digits of the 'Network Name' or SSID as the default Wired Equivalent Privacy (WEP) encryption key. Since the SSID occurs in the clear during communications, a remote attacker could determine the WEP key and decrypt RG-1000 traffic. | ||||
| CVE-2001-0623 | 1 Sendfile | 1 Sendfile | 2026-04-16 | N/A |
| sendfiled, as included with Simple Asynchronous File Transfer (SAFT), on various Linux systems does not properly drop privileges when sending notification emails, which allows local attackers to gain privileges. | ||||
| CVE-2001-0625 | 1 Broadcom | 1 Inoculateit | 2026-04-16 | N/A |
| ftpdownload in Computer Associates InoculateIT 6.0 allows a local attacker to overwrite arbitrary files via a symlink attack on /tmp/ftpdownload.log . | ||||
| CVE-2001-0627 | 1 Sco | 1 Openserver | 2026-04-16 | N/A |
| vi as included with SCO OpenServer 5.0 - 5.0.6 allows a local attacker to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2006-1250 | 1 Amax Information Technologies | 1 Winmail | 2026-04-16 | N/A |
| Unspecified vulnerability in the Webmail module in Winmail before 4.3 has unknown impact and unknown remote attack vectors. | ||||
| CVE-2001-0683 | 1 Netscape | 1 Collabra Server | 2026-04-16 | N/A |
| Memory leak in Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to cause a denial of service (memory exhaustion) by repeatedly sending approximately 5K of data to TCP port 5238. | ||||
| CVE-2006-1274 | 1 Avira | 1 Antivir Personal | 2026-04-16 | N/A |
| Classic Planer in AntiVir PersonalEdition Classic 7 does not drop privileges before executing external programs, which allows local users to gain privileges via notepad.exe, which is used to display scan reports. | ||||
| CVE-2001-0684 | 1 Netscape | 1 Collabra Server | 2026-04-16 | N/A |
| Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to cause a denial of service by sending seven or more characters to TCP port 5239. | ||||