Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-3053 1 Phorum 1 Phorum 2026-04-16 N/A
PHP remote file inclusion vulnerability in common.php in PHORUM 5.1.13 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the PHORUM[http_path] parameter. NOTE: this issue has been disputed by the vendor, who states "common.php is checked on the very first line of non-comment code that it is not being called directly. It has been this way in all 5.x version of Phorum." CVE analysis concurs with the vendor
CVE-1999-1176 2 Aaron Ledbetter, Jidentd 2 Cidentd, Jidentd 2026-04-16 N/A
Buffer overflow in cidentd ident daemon allows local users to gain root privileges via a long line in the .authlie script.
CVE-2005-3790 1 Phpwcms 1 Phpwcms 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in act_newsletter.php in phpwcms 1.2.5 allow remote attackers to inject arbitrary web script or HTML via the (1) i and (2) text parameters.
CVE-2006-2712 1 Secure Elements 1 Class 5 Enterprise Vulnerability Management 2026-04-16 N/A
Secure Elements Class 5 AVR (aka C5 EVM) client and server before 2.8.1 do not verify the integrity of a message digest, which allows remote attackers to modify and replay messages.
CVE-1999-1185 1 Sco 5 Cmw, Internet Faststart, Open Desktop and 2 more 2026-04-16 N/A
Buffer overflow in SCO mscreen allows local users to gain root privileges via a long terminal entry (TERM) in the .mscreenrc file.
CVE-2005-3791 2 Phpadsnew, Phppgads 2 Phpadsnew, Phppgads 2026-04-16 N/A
HTTP response splitting vulnerability in phpAdsNew and phpPgAds 2.0.6 and earlier allows remote attackers to inject arbitrary HTML headers via adclick.php and possibly other unspecified vectors.
CVE-2006-2720 1 Variomat 1 Variomat 2026-04-16 N/A
SQL injection vulnerability in news.php in VARIOMAT allows remote attackers to execute arbitrary SQL commands via the subcat parameter.
CVE-1999-1213 1 Hp 1 Hp-ux 2026-04-16 N/A
Vulnerability in telnet service in HP-UX 10.30 allows attackers to cause a denial of service.
CVE-2005-0982 1 Yet Another Forum.net 1 Yet Another Forum.net 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Yet Another Forum.net 0.9.9 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) location, or (3) Subject field.
CVE-2005-3795 1 Alstrasoft 1 Affiliate Network Pro 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft Affiliate Network Pro 7.2 allow remote attackers to inject arbitrary web script or HTML via (1) the Err parameter in admin/index.php and the (2) firstname and (3) lastname parameters in index.php.
CVE-2006-2722 1 Out Of The Trees Web Design 1 Selectapix 2026-04-16 N/A
SQL injection vulnerability in view_album.php in SelectaPix 1.4 allows remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party sources.
CVE-1999-1415 1 Digital 1 Ultrix 2026-04-16 N/A
Vulnerability in /usr/bin/mail in DEC ULTRIX before 4.2 allows local users to gain privileges.
CVE-2006-2724 1 Punbb 1 Punbb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in PunBB 1.2.11 allows remote authenticated administrators to inject arbitrary HTML or web script to other administrators via the "Admin note" feature, a different vulnerability than CVE-2006-2227.
CVE-2002-0746 1 Ibm 1 Aix 2026-04-16 N/A
Vulnerability in template.dhcpo in AIX 4.3.3 related to an insecure linker argument.
CVE-1999-1264 1 Ramp Networks 1 Webramp 2026-04-16 N/A
WebRamp M3 router does not disable remote telnet or HTTP access to itself, even when access has been explicitly disabled.
CVE-1999-1268 1 Kde 1 Kde 2026-04-16 N/A
Vulnerability in KDE konsole allows local users to hijack or observe sessions of other users by accessing certain devices.
CVE-1999-1271 1 Macromedia 1 Dreamweaver 2026-04-16 N/A
Macromedia Dreamweaver uses weak encryption to store FTP passwords, which could allow local users to easily decrypt the passwords of other users.
CVE-2005-3796 1 Alstrasoft 1 Affiliate Network Pro 2026-04-16 N/A
Direct static code injection vulnerability in admin_options_manage.php in AlstraSoft Affiliate Network Pro 7.2 allows attackers to execute arbitrary PHP code via the number parameter. NOTE: it is not clear from the original report whether administrator privileges are required. If not, then this does not cross privilege boundaries and is not a vulnerability.
CVE-1999-1506 1 Sun 1 Sunos 2026-04-16 N/A
Vulnerability in SMI Sendmail 4.0 and earlier, on SunOS up to 4.0.3, allows remote attackers to access user bin.
CVE-2005-0990 2 Gnu, Redhat 2 Sharutils, Enterprise Linux 2026-04-16 N/A
unshar (unshar.c) in sharutils 4.2.1 allows local users to overwrite arbitrary files via a symlink attack on the unsh.X temporary file.