Export limit exceeded: 346520 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346520 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-0500 | 1 Punctweb | 1 Myco Guestbook | 2026-04-16 | N/A |
| MyCO Guestbook 1.0 stores the admin directory under the web document root with insufficient access control, which allows remote attackers to perform unspecified privileged actions by directly accessing files via a URL. | ||||
| CVE-2001-0175 | 1 Netscape | 1 Fasttrack Server | 2026-04-16 | N/A |
| The caching module in Netscape Fasttrack Server 4.1 allows remote attackers to cause a denial of service (resource exhaustion) by requesting a large number of non-existent URLs. | ||||
| CVE-2003-0587 | 1 Infopop | 1 Ultimate Bulletin Board | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Infopop Ultimate Bulletin Board (UBB) 6.x allows remote authenticated users to execute arbitrary web script and gain administrative access via the "displayed name" attribute of the "ubber" cookie. | ||||
| CVE-2001-0177 | 1 Webmaster | 1 Conferenceroom | 2026-04-16 | N/A |
| WebMaster ConferenceRoom 1.8.1 allows remote attackers to cause a denial of service via a buddy relationship between the IRC server and a server clone. | ||||
| CVE-2003-0588 | 1 Digi-fx | 1 Digi-news | 2026-04-16 | N/A |
| admin.php in Digi-news 1.1 allows remote attackers to bypass authentication via a cookie with the username set to the name of the administrator, which satisfies an improper condition in admin.php that does not require a correct password. | ||||
| CVE-2001-0180 | 1 Lars Ellingsen | 1 Guestserver | 2026-04-16 | N/A |
| Lars Ellingsen guestserver.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the "email" parameter. | ||||
| CVE-2006-0501 | 1 Punctweb | 1 Myco Guestbook | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in MyCO Guestbook 1.0 allows remote attackers to inject arbitrary web script or HTML via the Name field, when registering a user. | ||||
| CVE-2003-0589 | 1 Digi-fx | 1 Digi-news | 2026-04-16 | N/A |
| admin.php in Digi-ads 1.1 allows remote attackers to bypass authentication via a cookie with the username set to the name of the administrator, which satisfies an improper condition in admin.php that does not require a correct password. | ||||
| CVE-2001-0181 | 1 Caldera | 3 Openlinux Desktop, Openlinux Edesktop, Openlinux Eserver | 2026-04-16 | N/A |
| Format string vulnerability in the error logging code of DHCP server and client in Caldera Linux allows remote attackers to execute arbitrary commands. | ||||
| CVE-2006-0503 | 1 Mailenable | 1 Mailenable Professional | 2026-04-16 | N/A |
| IMAP service in MailEnable Professional Edition before 1.72 allows remote attackers to cause a denial of service (service crash) via unspecified vectors involving the EXAMINE command. | ||||
| CVE-2001-0185 | 1 Netopia | 1 R9100 Router | 2026-04-16 | N/A |
| Netopia R9100 router version 4.6 allows authenticated users to cause a denial of service by using the router's telnet program to connect to the router's IP address, which causes a crash. | ||||
| CVE-2006-0504 | 1 Mailenable | 1 Mailenable Enterprise | 2026-04-16 | N/A |
| Unspecified vulnerability in MailEnable Enterprise Edition before 1.2 allows remote attackers to cause a denial of service (CPU utilization) by viewing "formatted quoted-printable emails" via webmail. | ||||
| CVE-2001-0186 | 1 Free Java Web Server | 1 Free Java Web Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Free Java Web Server 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack. | ||||
| CVE-2006-0506 | 1 Nuked-klan | 1 Nuked-klan | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Nuked-klaN 1.7 allows remote attackers to inject arbitrary web script or HTML via the letter parameter. | ||||
| CVE-2003-0590 | 1 Splatt | 1 Splatt Forum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Splatt Forum allows remote attackers to insert arbitrary HTML and web script via the post icon (image_subject) field. | ||||
| CVE-2001-0189 | 1 Intranet-server | 1 Localweb2000 | 2026-04-16 | N/A |
| Directory traversal vulnerability in LocalWEB2000 HTTP server allows remote attackers to read arbitrary commands via a .. (dot dot) attack in an HTTP GET request. | ||||
| CVE-2006-0507 | 1 Easy Cms | 1 Easy Cms | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Easy CMS allow remote attackers to inject arbitrary web script or HTML via (1) unknown attack vectors in the administrative interface and (2) input fields of the contact form. | ||||
| CVE-2001-0191 | 3 Andynorman, Gnu, Redhat | 4 Gnuserv, Xemacs, Linux and 1 more | 2026-04-16 | N/A |
| gnuserv before 3.12, as shipped with XEmacs, does not properly check the specified length of an X Windows MIT-MAGIC-COOKIE cookie, which allows remote attackers to execute arbitrary commands via a buffer overflow, or brute force authentication by using a short cookie length. | ||||
| CVE-2003-0601 | 1 Apple | 1 Mac Os X Server | 2026-04-16 | N/A |
| Workgroup Manager in Apple Mac OS X Server 10.2 through 10.2.6 does not disable a password for a new account before it is saved for the first time, which allows remote attackers to gain unauthorized access via the new account before it is saved. | ||||
| CVE-2001-0195 | 1 Debian | 1 Debian Linux | 2026-04-16 | 7.8 High |
| sash before 3.4-4 in Debian GNU/Linux does not properly clone /etc/shadow, which makes it world-readable and could allow local users to gain privileges via password cracking. | ||||