Export limit exceeded: 29908 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29908 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2308 | 1 Microsoft | 1 Ie | 2026-04-16 | N/A |
| The JPEG decoder in Microsoft Internet Explorer allows remote attackers to cause a denial of service (CPU consumption or crash) and possibly execute arbitrary code via certain crafted JPEG images, as demonstrated using (1) mov_fencepost.jpg, (2) cmp_fencepost.jpg, (3) oom_dos.jpg, or (4) random.jpg. | ||||
| CVE-2006-1382 | 1 Jelsoft | 1 Impex | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in impex/ImpExData.php in vBulletin ImpEx module 1.74, when register_globals is disabled, allows remote attackers to include arbitrary files via the systempath parameter. | ||||
| CVE-2000-1206 | 1 Apache | 1 Http Server | 2026-04-16 | N/A |
| Vulnerability in Apache httpd before 1.3.11, when configured for mass virtual hosting using mod_rewrite, or mod_vhost_alias in Apache 1.3.9, allows remote attackers to retrieve arbitrary files. | ||||
| CVE-2006-1410 | 1 Xigla | 1 Absolute Live Support Xe | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in XIGLA Absolute Live Support XE 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) Screen name or (2) Session Topic field. | ||||
| CVE-1999-0170 | 1 Digital | 1 Ultrix | 2026-04-16 | N/A |
| Remote attackers can mount an NFS file system in Ultrix or OSF, even if it is denied on the access list. | ||||
| CVE-2006-1412 | 1 Tft Gallery | 1 Tft Gallery | 2026-04-16 | N/A |
| TFT Gallery 0.10 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the admin password file and obtain password hashes via a direct request to admin/passwd. | ||||
| CVE-2006-1418 | 1 Caloris Planitia Technologies | 1 E-school Management System | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in default.asp in Caloris Planitia E-School Management System 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter. | ||||
| CVE-1999-0172 | 1 Matt Wright | 1 Formmail | 2026-04-16 | N/A |
| FormMail CGI program allows remote execution of commands. | ||||
| CVE-1999-0180 | 2026-04-16 | N/A | ||
| in.rshd allows users to login with a NULL username and execute commands. | ||||
| CVE-2006-1421 | 1 Arthur Konze Webdesign | 1 Akocomment | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in akocomment.php in AkoComment 2.0 module for Mambo, with magic_quotes_gpc disabled, allow remote attackers to execute arbitrary SQL commands via the (1) acname or (2) contentid parameter. | ||||
| CVE-2006-1436 | 1 Upoint | 1 At1 Event Publisher | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in UPOINT @1 Event Publisher allow remote attackers to inject arbitrary web script or HTML via the (1) Event, (2) Description, (3) Time, (4) Website, and (5) Public Remarks fields to (a) eventpublisher_admin.htm and (b) eventpublisher_usersubmit.htm. | ||||
| CVE-2006-1438 | 1 Andy Grayndler | 1 Andys Php Knowledgebase | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Andy's PHP Knowledgebase (aphpkb) 0.57 allow remote attackers to inject arbitrary web script or HTML via the (1) keyword_list parameter to (a) index.php; (2) title, (3) article, (4) author, and (5) keywords parameters to (b) submit_article.php; and (6) Question, (7) Name, and (8) Email parameters to (c) submit_question.php. | ||||
| CVE-2006-1444 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| CoreGraphics in Apple Mac OS X 10.4.6, when "Enable access for assistive devices" is on, allows an application to bypass restrictions for secure event input and read certain events from other applications in the same window session by using Quartz Event Services. | ||||
| CVE-1999-0183 | 2 Linux, Tftp | 2 Linux Kernel, Tftp | 2026-04-16 | N/A |
| Linux implementations of TFTP would allow access to files outside the restricted directory. | ||||
| CVE-2006-1447 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| LaunchServices in Apple Mac OS X 10.4.6 allows remote attackers to cause Safari to launch unsafe content via long file name extensions, which prevents Download Validation from determining which application will be used to open the file. | ||||
| CVE-2002-1082 | 1 Visualshapers | 1 Ezcontents | 2026-04-16 | N/A |
| The Image Upload capability for ezContents 1.40 and earlier allows remote attackers to cause ezContents to perform operations on local files as if they were uploaded. | ||||
| CVE-2006-3577 | 1 Lifetype | 1 Lifetype | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in LifeType 1.0.5 allows remote attackers to execute arbitrary SQL commands via the Date parameter in a Default op. | ||||
| CVE-2004-0316 | 1 Avirt | 1 Avirt Soho | 2026-04-16 | N/A |
| Buffer overflow in Avirt Soho 4.3 allows remote attackers to cause a denial of service (crash) via (1) a large GET request to port 1080 or (2) a large GET request of % characters to port 8080. | ||||
| CVE-2006-1478 | 1 Turnkey Web Tools | 1 Php Live Helper | 2026-04-16 | N/A |
| Directory traversal vulnerability in (1) initiate.php and (2) possibly other PHP scripts in Turnkey Web Tools PHP Live Helper 1.8, and possibly later versions, allows remote authenticated users to include and execute arbitrary local files via directory traversal sequences in the language cookie, as demonstrated by uploading PHP code in a gl_session cookie to users.php, which causes the code to be stored in error.log, which is then included by initiate.php. | ||||
| CVE-2000-0830 | 1 Microsoft | 1 Webtv | 2026-04-16 | N/A |
| annclist.exe in webTV for Windows allows remote attackers to cause a denial of service by via a large, malformed UDP packet to ports 22701 through 22705. | ||||