Export limit exceeded: 348915 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29910 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29910 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0437 | 1 Dcscripts | 2 Dcforum, Dcforum 2000 | 2026-04-16 | N/A |
| upload_file.pl in DCForum 2000 1.0 allows remote attackers to upload arbitrary files without authentication by setting the az parameter to upload_file. | ||||
| CVE-2006-1145 | 1 Cor Entertainment | 1 Alien Arena 2006 | 2026-04-16 | N/A |
| Format string vulnerability in the safe_cprintf function in acebot_cmds.c in Alien Arena 2006 Gold Edition 5.00 allows remote attackers (possibly authenticated) to execute arbitrary code via unspecified vectors when the server sends crafted messages to the clients. | ||||
| CVE-2001-0438 | 1 Netopia | 1 Timbuktu Mac | 2026-04-16 | N/A |
| Preview version of Timbuktu for Mac OS X allows local users to modify System Preferences without logging in via the About Timbuktu menu. | ||||
| CVE-2001-0440 | 4 Conectiva, Licq, Mandrakesoft and 1 more | 5 Linux, Licq, Mandrake Linux and 2 more | 2026-04-16 | N/A |
| Buffer overflow in logging functions of licq before 1.0.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands. | ||||
| CVE-2006-1146 | 1 Cor Entertainment | 1 Alien Arena 2006 | 2026-04-16 | N/A |
| Stack-based buffer overflow in the Cmd_Say_f function in g_cmds.c in Alien Arena 2006 Gold Edition 5.00 allows remote attackers (possibly authenticated) to execute arbitrary code by sending a long message to the server. | ||||
| CVE-2001-0442 | 1 David Harris | 1 Mercury Nlm | 2026-04-16 | N/A |
| Buffer overflow in Mercury MTA POP3 server for NetWare 1.48 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long APOP command. | ||||
| CVE-2001-0443 | 1 Qpc Software | 2 Qvt Net, Qvt Term Plus | 2026-04-16 | N/A |
| Buffer overflow in QPC QVT/Net Popd 4.20 in QVT/Net 5.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via (1) a long username, or (2) a long password. | ||||
| CVE-2001-0444 | 1 Cisco | 1 Cbos | 2026-04-16 | N/A |
| Cisco CBOS 2.3.0.053 sends output of the "sh nat" (aka "show nat") command to the terminal of the next user who attempts to connect to the router via telnet, which could allow that user to obtain sensitive information. | ||||
| CVE-2001-0446 | 1 Ibm | 1 Websphere Commerce Suite | 2026-04-16 | N/A |
| IBM WCS (WebSphere Commerce Suite) 4.0.1 with Application Server 3.0.2 allows remote attackers to read source code for .jsp files by appending a / to the requested URL. | ||||
| CVE-2001-0448 | 1 Software602 | 1 602pro Lan Suite | 2026-04-16 | N/A |
| Web configuration server in 602Pro LAN SUITE allows remote attackers to cause a denial of service via an HTTP GET HTTP request to the aux directory, and possibly other directories with legacy DOS device names. | ||||
| CVE-2006-1152 | 1 M Phorum | 1 M Phorum | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in index.php in M-Phorum 0.2 allows remote attackers to include arbitrary files via the go parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-0343 | 1 Hitachi | 2 Jpi Netsight Ii Port Discovery Advance, Jpi Netsight Ii Port Discovery Standard | 2026-04-16 | N/A |
| Unspecified vulnerability in the Port Discovery Standard and Advanced features in Hitachi JP1/NetInsight II allows attackers to stop the Port Discovery service via unknown vectors involving "invalid format data". | ||||
| CVE-2001-0450 | 1 Transsoft | 1 Broker Ftp Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Transsoft FTP Broker before 5.5 allows attackers to (1) delete arbitrary files via DELETE, or (2) list arbitrary directories via LIST, via a .. (dot dot) in the file name. | ||||
| CVE-2006-1153 | 1 D2-shoutbox | 1 D2-shoutbox | 2026-04-16 | N/A |
| SQL injection vulnerability in D2-Shoutbox 4.2 allows remote attackers to execute arbitrary SQL commands via the load parameter, when performing a Shoutbox action through Invision Power Board (IPB). | ||||
| CVE-2001-0451 | 1 Sentraweb | 1 Indexu | 2026-04-16 | N/A |
| INDEXU 2.0 beta and earlier allows remote attackers to bypass authentication and gain privileges by setting the cookie_admin_authenticated cookie value to 1. | ||||
| CVE-2006-3143 | 1 Maximus | 1 Schoolmax | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in icue_login.asp in Maximus SchoolMAX 4.0.1 and earlier iCue and iParent applications allows remote attackers to inject arbitrary web script or HTML via the error_msg parameter. | ||||
| CVE-2001-0452 | 1 Brs | 1 Webweaver | 2026-04-16 | N/A |
| BRS WebWeaver FTP server before 0.64 Beta allows remote attackers to obtain the real pathname of the server via a "CD *" command followed by an ls command. | ||||
| CVE-2001-0453 | 1 Brs | 1 Webweaver | 2026-04-16 | N/A |
| Directory traversal vulnerability in BRS WebWeaver HTTP server allows remote attackers to read arbitrary files via a .. (dot dot) attack in the (1) syshelp, (2) sysimages, or (3) scripts directories. | ||||
| CVE-2006-1157 | 1 Adp | 1 Adp Forum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Vz Scripts ADP Forum 2.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the Subject field (possibly messaggio parameter) when posting a new message in post.php. | ||||
| CVE-2001-0455 | 1 Cisco | 1 Aironet 340 | 2026-04-16 | N/A |
| Cisco Aironet 340 Series wireless bridge before 8.55 does not properly disable access to the web interface, which allows remote attackers to modify its configuration. | ||||