Export limit exceeded: 29910 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29910 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-0127 | 1 Progress | 1 Webspeed | 2026-04-16 | N/A |
| The Webspeed configuration program does not properly disable access to the WSMadmin utility, which allows remote attackers to gain privileges via wsisa.dll. | ||||
| CVE-2000-0123 | 1 Filemaker | 1 Filemaker | 2026-04-16 | N/A |
| The shopping cart application provided with Filemaker allows remote users to modify sensitive purchase information via hidden form fields. | ||||
| CVE-2005-1250 | 1 Ipswitch | 1 Whatsup | 2026-04-16 | N/A |
| SQL injection vulnerability in the logon screen of the web front end (NmConsole/Login.asp) for IpSwitch WhatsUp Professional 2005 SP1 allows remote attackers to execute arbitrary SQL commands via the (1) User Name field (sUserName parameter) or (2) Password (sPassword parameter). | ||||
| CVE-2000-0137 | 1 Cartit | 1 Cartit | 2026-04-16 | N/A |
| The CartIt shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | ||||
| CVE-2006-2813 | 1 Ishopcart | 1 Ishopcart | 2026-04-16 | N/A |
| Directory traversal vulnerability in easy-scart.cgi in iShopCart allows remote attackers to read arbitrary files via a .. (dot dot) in the query string. | ||||
| CVE-2000-0154 | 1 Sco | 1 Unixware | 2026-04-16 | N/A |
| The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink attack. | ||||
| CVE-2000-0261 | 1 Avm | 1 Ken | 2026-04-16 | N/A |
| The AVM KEN! web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. | ||||
| CVE-2000-0177 | 1 Dnstools Software | 1 Dnstools | 2026-04-16 | N/A |
| DNSTools CGI applications allow remote attackers to execute arbitrary commands via shell metacharacters. | ||||
| CVE-2000-0178 | 1 Foundrynet | 1 Serveriron | 2026-04-16 | N/A |
| ServerIron switches by Foundry Networks have predictable TCP/IP sequence numbers, which allows remote attackers to spoof or hijack sessions. | ||||
| CVE-2000-0195 | 1 Corel | 1 Linux | 2026-04-16 | N/A |
| setxconf in Corel Linux allows local users to gain root access via the -T parameter, which executes the user's .xserverrc file. | ||||
| CVE-2005-1292 | 1 Elemental Software | 1 Cartwiz | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in CartWIZ ASP Cart allow remote attackers to inject arbitrary web script or HTML via the idProduct parameter to (1) tellAFriend.asp or (2) addToWishlist.asp, redirect parameter to (3) access.asp or (4) login.asp, message parameter to (5) login.asp or (6) error.asp, or (7) sku or (8) name parameter to searchResults.asp. | ||||
| CVE-2006-2824 | 1 Logicalware | 1 Mailmanager | 2026-04-16 | N/A |
| Logicalware MailManager before 2.0.10 does not remove 0xc8 0x27 (0xc8 followed by a single-quote character) from the data stream to the server, which allows remote attackers to modify data and gain administrative access when PostgreSQL is used, aka "bug #1494281 - Postgres encoding security hole." NOTE: while this issue involves PostgreSQL, it is specific to MailManager's interface to PostgreSQL and is therefore a different vulnerability than CVE-2006-2313 and CVE-2006-2314. | ||||
| CVE-2000-0194 | 1 Corel | 1 Linux | 2026-04-16 | N/A |
| buildxconf in Corel Linux allows local users to modify or create arbitrary files via the -x or -f parameters. | ||||
| CVE-2000-0206 | 1 Oracle | 1 Oracle8i | 2026-04-16 | N/A |
| The installation of Oracle 8.1.5.x on Linux follows symlinks and creates the orainstRoot.sh file with world-writeable permissions, which allows local users to gain privileges. | ||||
| CVE-2000-0218 | 2 Caldera, Suse | 2 Openlinux, Suse Linux | 2026-04-16 | N/A |
| Buffer overflow in Linux mount and umount allows local users to gain root privileges via a long relative pathname. | ||||
| CVE-2005-3910 | 1 Post Affiliate Pro | 1 Post Affiliate Pro | 2026-04-16 | N/A |
| merchants/index.php in Post Affiliate Pro 2.0.4 and earlier, with magic_quotes_gpc disabled, allows remote attackers to include arbitrary local files via the md parameter, possibly due to a directory traversal vulnerability. | ||||
| CVE-2000-0250 | 1 Qnx | 1 Qnx | 2026-04-16 | N/A |
| The crypt function in QNX uses weak encryption, which allows local users to decrypt passwords. | ||||
| CVE-2000-0466 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| AIX cdmount allows local users to gain root privileges via shell metacharacters. | ||||
| CVE-2000-0266 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Internet Explorer 5.01 allows remote attackers to bypass the cross frame security policy via a malicious applet that interacts with the Java JSObject to modify the DOM properties to set the IFRAME to an arbitrary Javascript URL. | ||||
| CVE-2005-1336 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| Buffer overflow in the Foundation framework for Mac OS X 10.3.9 allows local users to execute arbitrary code via a long environment variable. | ||||