Export limit exceeded: 362537 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (362537 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0320 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
bb_smilies.php and bbcode_ref.php in PHP-Nuke 4.4 allows remote attackers to read arbitrary files and gain PHP administrator privileges by inserting a null character and .. (dot dot) sequences into a malformed username argument.
CVE-2000-1187 1 Netscape 2 Communicator, Navigator 2026-04-16 N/A
Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password value in a form field.
CVE-2002-0994 1 Sun 1 Sun Pci Ii Driver 2026-04-16 N/A
SunPCi II VNC uses a weak authentication scheme, which allows remote attackers to obtain the VNC password by sniffing the random byte challenge, which is used as the key for encrypted communications.
CVE-2002-0995 1 Gianluca Baldo 1 Phpauction 2026-04-16 N/A
login.php for PHPAuction allows remote attackers to gain privileges via a direct call to login.php with the action parameter set to "insert," which adds the provided username to the adminUsers table.
CVE-2000-1194 1 Argosoft 1 Ftp Server 2026-04-16 N/A
Argosoft FRP server 1.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to the (1) USER or (2) CWD commands.
CVE-2000-1195 1 Caldera 2 Openlinux Edesktop, Openlinux Eserver 2026-04-16 N/A
telnet daemon (telnetd) from the Linux netkit package before netkit-telnet-0.16 allows remote attackers to bypass authentication when telnetd is running with the -L command line option.
CVE-2001-0370 1 Michael A. Gumienny 1 Fcheck 2026-04-16 N/A
fcheck prior to 2.57.59 calls the file signature checking program insecurely, which can allow a local user to run arbitrary commands via a file name that contains shell metacharacters.
CVE-2000-1198 1 Qualcomm 1 Qpopper 2026-04-16 5.5 Medium
qpopper POP server creates lock files with predictable names, which allows local users to cause a denial of service for other users (lack of mail access) by creating lock files for other mail boxes.
CVE-2001-0375 1 Cisco 2 Pix Firewall 515, Pix Firewall 520 2026-04-16 N/A
Cisco PIX Firewall 515 and 520 with 5.1.4 OS running aaa authentication to a TACACS+ server allows remote attackers to cause a denial of service via a large number of authentication requests.
CVE-2000-1204 1 Apache 1 Http Server 2026-04-16 N/A
Vulnerability in the mod_vhost_alias virtual hosting module for Apache 1.3.9, 1.3.11 and 1.3.12 allows remote attackers to obtain the source code for CGI programs if the cgi-bin directory is under the document root.
CVE-2006-2053 1 Quickestore 1 Quickestore 2026-04-16 N/A
Multiple SQL injection vulnerabilities in QuickEStore 7.9 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the OrderID parameter in (a) shipping.cfm and (b) checkout.cfm, (2) ItemID parameter in (c) proddetail.cfm, (3) SubCatID parameter in (d) index.cfm, the (4) CategoryID parameter in (e) prodpage.cfm, and (5) ProdID parameter in (f) Details.cfm. NOTE: these issues can also be exploited for path disclosure.
CVE-2002-1005 1 Argosoft 1 Argosoft Mail Server 2026-04-16 N/A
ArGoSoft Mail Server 1.8.1.7 and earlier allows a webmail user to cause a denial of service (CPU consumption) by forwarding the email to the user while autoresponse is enabled, which creates an infinite loop.
CVE-2002-0570 1 Linux 1 Linux Kernel 2026-04-16 N/A
The encrypted loop device in Linux kernel 2.4.10 and earlier does not authenticate the entity that is encrypting data, which allows local users to modify encrypted data without knowing the key.
CVE-2001-0896 1 Sco 1 Openserver 2026-04-16 N/A
Inetd in OpenServer 5.0.5 allows remote attackers to cause a denial of service (crash) via a port scan, e.g. with nmap -PO.
CVE-2001-0386 1 Analogx 1 Simpleserver Www 2026-04-16 N/A
AnalogX SimpleServer:WWW 1.08 allows remote attackers to cause a denial of service via an HTTP request to the /aux directory.
CVE-2002-0571 1 Oracle 1 Oracle9i 2026-04-16 N/A
Oracle Oracle9i database server 9.0.1.x allows local users to access restricted data via a SQL query using ANSI outer join syntax.
CVE-2001-0903 1 Intel 1 High-bandwidth Digital Content Protection 2026-04-16 N/A
Linear key exchange process in High-bandwidth Digital Content Protection (HDCP) System allows remote attackers to access data as plaintext, avoid device blacklists, clone devices, and create new device keyvectors by computing and using alternate key combinations for authentication.
CVE-2000-1205 1 Apache 1 Http Server 2026-04-16 N/A
Cross site scripting vulnerabilities in Apache 1.3.0 through 1.3.11 allow remote attackers to execute script as other web site visitors via (1) the printenv CGI (printenv.pl), which does not encode its output, (2) pages generated by the ap_send_error_response function such as a default 404, which does not add an explicit charset, or (3) various messages that are generated by certain Apache modules or core code. NOTE: the printenv issue might still exist for web browsers that can render text/plain content types as HTML, such as Internet Explorer, but CVE regards this as a design limitation of those browsers, not Apache. The printenv.pl/acuparam vector, discloser on 20070724, is one such variant.
CVE-2002-1007 1 Blackboard 1 Blackboard 2026-04-16 N/A
Cross-site scripting vulnerabilities in Blackboard 5 allow remote attackers to execute arbitrary web script via (1) the course_id parameter in a link to login.pl, (2) the CTID parameter in ProcessInfo.cgi, or (3) the Message parameter in index.cgi.
CVE-2000-1210 1 Apache 1 Tomcat 2026-04-16 N/A
Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the argument to source.jsp.