Export limit exceeded: 350373 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (350373 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-0015 | 1 Ascend | 1 Cascadeview Ux | 2026-04-16 | N/A |
| CascadeView TFTP server allows local users to gain privileges via a symlink attack. | ||||
| CVE-2000-0018 | 1 Windowmaker | 1 Wmmon | 2026-04-16 | N/A |
| wmmon in FreeBSD allows local users to gain privileges via the .wmmonrc configuration file. | ||||
| CVE-2005-1213 | 1 Microsoft | 1 Outlook Express | 2026-04-16 | N/A |
| Stack-based buffer overflow in the news reader for Microsoft Outlook Express (MSOE.DLL) 5.5 SP2, 6, and 6 SP1 allows remote malicious NNTP servers to execute arbitrary code via a LIST response with a long second field. | ||||
| CVE-2006-2784 | 2 Mozilla, Redhat | 2 Firefox, Enterprise Linux | 2026-04-16 | N/A |
| The PLUGINSPAGE functionality in Mozilla Firefox before 1.5.0.4 allows remote user-assisted attackers to execute privileged code by tricking a user into installing missing plugins and selecting the "Manual Install" button, then using nested javascript: URLs. NOTE: the manual install button is used for downloading software from a remote web site, so this issue would not cross privilege boundaries if the user progresses to the point of installing malicious software from the attacker-controlled site. | ||||
| CVE-2000-0032 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Solaris dmi_cmd allows local users to crash the dmispd daemon by adding a malformed file to the /var/dmi/db database. | ||||
| CVE-2000-0039 | 1 Altavista | 1 Search Intranet | 2026-04-16 | N/A |
| AltaVista search engine allows remote attackers to read files above the document root via a .. (dot dot) in the query.cgi CGI program. | ||||
| CVE-2000-0053 | 1 Microsoft | 1 Commercial Internet System | 2026-04-16 | N/A |
| Microsoft Commercial Internet System (MCIS) IMAP server allows remote attackers to cause a denial of service via a malformed IMAP request. | ||||
| CVE-2000-0048 | 1 Corel | 1 Linux | 2026-04-16 | N/A |
| get_it program in Corel Linux Update allows local users to gain root access by specifying an alternate PATH for the cp program. | ||||
| CVE-2000-0049 | 1 Nullsoft | 1 Winamp | 2026-04-16 | N/A |
| Buffer overflow in Winamp client allows remote attackers to execute commands via a long entry in a .pls file. | ||||
| CVE-2000-0051 | 1 Allaire | 1 Spectra | 2026-04-16 | N/A |
| The Allaire Spectra Configuration Wizard allows remote attackers to cause a denial of service by repeatedly resubmitting data collections for indexing via a URL. | ||||
| CVE-2006-2793 | 1 Aspsitem | 1 Aspsitem | 2026-04-16 | N/A |
| SQL injection vulnerability in Anket.asp in ASPSitem 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the hid parameter. | ||||
| CVE-2000-0058 | 1 Handspring | 1 Visor Network Hotsync | 2026-04-16 | N/A |
| Network HotSync program in Handspring Visor does not have authentication, which allows remote attackers to retrieve email and files. | ||||
| CVE-2000-0067 | 1 Cybercash | 1 Merchant Connection Kit | 2026-04-16 | N/A |
| CyberCash Merchant Connection Kit (MCK) allows local users to modify files via a symlink attack. | ||||
| CVE-2000-0069 | 1 Sun | 1 Solstice Backup | 2026-04-16 | N/A |
| The recover program in Solstice Backup allows local users to restore sensitive files. | ||||
| CVE-2000-0074 | 1 Powerscripts | 1 Plusmail | 2026-04-16 | N/A |
| PowerScripts PlusMail CGI program allows remote attackers to execute commands via a password file with improper permissions. | ||||
| CVE-2005-3899 | 1 Google | 1 Talk | 2026-04-16 | N/A |
| The automatic update feature in Google Talk allows remote attackers to cause a denial of service (CPU and memory consumption) by poisoning a target's DNS cache and causing a large update file to be sent, which consumes large amounts of CPU and memory during the signature verification, aka BenjiBug. | ||||
| CVE-2006-2798 | 1 Phpcommunitycalendar | 1 Phpcommunitycalendar | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpCommunityCalendar 4.0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) LoName parameter in (a) week.php and (b) month.php and (2) AddressLink parameter in (c) event.php. | ||||
| CVE-2000-0086 | 1 Netopia | 1 Timbuktu Pro | 2026-04-16 | N/A |
| Netopia Timbuktu Pro sends user IDs and passwords in cleartext, which allows remote attackers to obtain them via sniffing. | ||||
| CVE-2000-0080 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| AIX techlibss allows local users to overwrite files via a symlink attack. | ||||
| CVE-2000-0083 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| HP asecure creates the Audio Security File audio.sec with insecure permissions, which allows local users to cause a denial of service or gain additional privileges. | ||||