Export limit exceeded: 360766 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 360766 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 360766 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (360766 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1637 | 1 Npds | 1 Npds | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in NPDS 4.8 and 5.0 allow remote attackers to execute arbitrary SQL commands via the thold parameter to (1) comments.php or (2) pollcomments.php. | ||||
| CVE-2001-1180 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| FreeBSD 4.3 does not properly clear shared signal handlers when executing a process, which allows local users to gain privileges by calling rfork with a shared signal handler, having the child process execute a setuid program, and sending a signal to the child. | ||||
| CVE-2001-1181 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Dynamically Loadable Kernel Module (dlkm) static kernel symbol table in HP-UX 11.11 is not properly configured, which allows local users to gain privileges. | ||||
| CVE-2002-0676 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| SoftwareUpdate for MacOS 10.1.x does not use authentication when downloading a software update, which could allow remote attackers to execute arbitrary code by posing as the Apple update server via techniques such as DNS spoofing or cache poisoning, and supplying Trojan Horse updates. | ||||
| CVE-2001-1185 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| Some AIO operations in FreeBSD 4.4 may be delayed until after a call to execve, which could allow a local user to overwrite memory of the new process and gain privileges. | ||||
| CVE-2006-3731 | 1 Mozilla | 1 Firefox | 2026-04-16 | N/A |
| Mozilla Firefox 1.5.0.4 and earlier allows remote user-assisted attackers to cause a denial of service (crash) via a form with a multipart/form-data encoding and a user-uploaded file. NOTE: a third party has claimed that this issue might be related to the LiveHTTPHeaders extension. | ||||
| CVE-2006-3693 | 1 Rocks Clusters | 1 Rocks Clusters | 2026-04-16 | N/A |
| Rocks Clusters 4.1 and earlier allows local users to gain privileges via commands enclosed with escaped backticks (\`) in an argument to the (1) mount-loop (mount-loop.c) or (2) umount-loop (umount-loop.c) command, which is not filtered in a system function call. | ||||
| CVE-2002-1069 | 1 D-link | 1 Di-804 | 2026-04-16 | N/A |
| The remote administration capability for the D-Link DI-804 router 4.68 allows remote attackers to bypass authentication and release DHCP addresses or obtain sensitive information via a direct web request to the pages (1) release.htm, (2) Device Status, or (3) Device Information. | ||||
| CVE-2001-1203 | 1 Alessandro Rubini | 1 Gpm | 2026-04-16 | N/A |
| Format string vulnerability in gpm-root in gpm 1.17.8 through 1.17.18 allows local users to gain root privileges. | ||||
| CVE-2001-1146 | 1 Lee Herron | 1 Allcommerce | 2026-04-16 | N/A |
| AllCommerce with debugging enabled in EnGarde Secure Linux 1.0.1 creates temporary files with predictable names, which allows local users to modify files via a symlink attack. | ||||
| CVE-2002-1071 | 1 Zyxel | 1 Prestige | 2026-04-16 | N/A |
| ZyXEL Prestige 642R allows remote attackers to cause a denial of service in the Telnet, FTP, and DHCP services (crash) via a TCP packet with both the SYN and ACK flags set. | ||||
| CVE-2001-1209 | 1 Abe Timmerman | 1 Zml.cgi | 2026-04-16 | N/A |
| Directory traversal vulnerability in zml.cgi allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | ||||
| CVE-2002-1072 | 1 Zyxel | 1 Prestige | 2026-04-16 | N/A |
| ZyXEL Prestige 642R 2.50(FA.1) and Prestige 310 V3.25(M.01), allows remote attackers to cause a denial of service via an oversized, fragmented "jolt" style ICMP packet. | ||||
| CVE-2001-1211 | 1 Ipswitch | 1 Imail | 2026-04-16 | N/A |
| Ipswitch IMail 7.0.4 and earlier allows attackers with administrator privileges to read and modify user alias and mailing list information for other domains hosted by the same server via the (1) aliasadmin or (2) listadm1 CGI programs, which do not properly verify that an administrator is the administrator for the target domain. | ||||
| CVE-2005-4086 | 1 Sugarcrm | 1 Sugar Suite | 2026-04-16 | N/A |
| Directory traversal vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management (SugarCRM) 4.0 beta and earlier allows remote attackers to include arbitrary local files via ".." sequences in the beanFiles array parameter. | ||||
| CVE-2006-3696 | 1 Agnitum | 1 Outpost Firewall | 2026-04-16 | N/A |
| filtnt.sys in Outpost Firewall Pro before 3.51.759.6511 (462) allows local users to cause a denial of service (crash) via long arguments to mshta.exe. | ||||
| CVE-2005-4088 | 1 W2b | 1 Phpforumpro | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in phpForumPro 2.2 allows remote attackers to execute arbitrary SQL commands via the (1) parent and (2) day parameters. | ||||
| CVE-2005-4326 | 1 Apc | 1 Powerchute Network Shutdown | 2026-04-16 | N/A |
| The web interface for American Power Conversion (APC) PowerChute Network Shutdown performs all communication in cleartext (base64-encoded), which allows remote attackers to sniff authentication credentials. | ||||
| CVE-2006-3667 | 1 Sybase | 1 Financial Fusion Consumer Banking Solution | 2026-04-16 | N/A |
| Unspecified vulnerability in Sybase/Financial Fusion Consumer Banking Suite versions before 20060706 has unknown impact and remote attack vectors. | ||||
| CVE-2001-1215 | 1 Michael Baumer | 1 Pfinger | 2026-04-16 | N/A |
| Format string vulnerability in PFinger 0.7.5 through 0.7.7 allows remote attackers to execute arbitrary code via format string specifiers in a .plan file. | ||||