Export limit exceeded: 29913 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29913 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-1171 | 1 Markus Triska | 1 Cgiforum | 2026-04-16 | N/A |
| Directory traversal vulnerability in cgiforum.pl script in CGIForum 1.0 allows remote attackers to ready arbitrary files via a .. (dot dot) attack in the "thesection" parameter. | ||||
| CVE-2002-0991 | 1 Hp | 1 Cifs-9000 Server | 2026-04-16 | N/A |
| Buffer overflows in the cifslogin command for HP CIFS/9000 Client A.01.06 and earlier, based on the Sharity package, allows local users to gain root privileges via long (1) -U, (2) -D, (3) -P, (4) -S, (5) -N, or (6) -u parameters. | ||||
| CVE-2000-1174 | 1 Ethereal Group | 1 Ethereal | 2026-04-16 | N/A |
| Multiple buffer overflows in AFS ACL parser for Ethereal 0.8.13 and earlier allows remote attackers to execute arbitrary commands via a packet with a long username. | ||||
| CVE-2001-0264 | 1 Gene6 | 1 G6 Ftp Server | 2026-04-16 | N/A |
| Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows remote attackers to obtain NETBIOS credentials by requesting information on a file that is in a network share, which causes the server to send the credentials to the host that owns the share, and allows the attacker to sniff the connection. | ||||
| CVE-2001-0266 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Vulnerability in Software Distributor SD-UX in HP-UX 11.0 and earlier allows local users to gain privileges. | ||||
| CVE-2005-4010 | 1 Sensation Designs | 1 Kbase Express | 2026-04-16 | N/A |
| SQL injection vulnerability in KBase Express 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id parameter to category.php and (2) search parameters to search.php. | ||||
| CVE-2001-0602 | 1 Lotus | 1 Domino R5 Server | 2026-04-16 | N/A |
| Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via repeated (>400) URL requests for DOS devices. | ||||
| CVE-2001-1049 | 1 Paul M. Jones | 1 Phorecast | 2026-04-16 | N/A |
| Phorecast PHP script before 0.40 allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. | ||||
| CVE-2001-1050 | 1 Cccsoftware | 1 Ccc | 2026-04-16 | N/A |
| CCCSoftware CCC PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. | ||||
| CVE-2001-1052 | 1 Emergenices Personnel Information System | 1 Empris | 2026-04-16 | N/A |
| Empris PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. | ||||
| CVE-2002-0814 | 1 Vmware | 1 Gsx Server | 2026-04-16 | N/A |
| Buffer overflow in VMware Authorization Service for VMware GSX Server 2.0.0 build-2050 allows remote authenticated users to execute arbitrary code via a long GLOBAL argument. | ||||
| CVE-2001-0606 | 2 Hp, Sun | 2 Virtualvault, Iplanet Web Server | 2026-04-16 | N/A |
| Vulnerability in iPlanet Web Server 4.X in HP-UX 11.04 (VVOS) with VirtualVault A.04.00 allows a remote attacker to create a denial of service via the HTTPS service. | ||||
| CVE-2001-1053 | 1 Adcycle | 1 Adcycle | 2026-04-16 | N/A |
| AdLogin.pm in AdCycle 1.15 and earlier allows remote attackers to bypass authentication and gain privileges by injecting SQL code in the $password argument. | ||||
| CVE-2006-1442 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| The bundle API in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4.6 loads dynamic libraries even if the client application has not directly requested it, which allows attackers to execute arbitrary code from an untrusted bundle. | ||||
| CVE-2001-0620 | 1 Iplanet | 1 Calendar Server | 2026-04-16 | N/A |
| iPlanet Calendar Server 5.0p2 and earlier allows a local attacker to gain access to the Netscape Admin Server (NAS) LDAP database and read arbitrary files by obtaining the cleartext administrator username and password from the configuration file, which has insecure permissions. | ||||
| CVE-2001-0622 | 1 Cisco | 1 Content Services Switch 11000 | 2026-04-16 | N/A |
| The web management service on Cisco Content Service series 11000 switches (CSS) before WebNS 4.01B29s or WebNS 4.10B17s allows a remote attacker to gain additional privileges by directly requesting the web management URL instead of navigating through the interface. | ||||
| CVE-2006-4525 | 1 Devellion | 1 Cubecart | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in CubeCart 3.0.12 and earlier, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the links array. | ||||
| CVE-2005-4029 | 1 Esi Products | 1 Webeoc | 2026-04-16 | N/A |
| WebEOC before 6.0.2 allows remote attackers to obtain valid usernames via the HTML source of the WebEOC login webpage, which could be useful in other attacks such as locking out valid users via brute force methods. | ||||
| CVE-2002-0631 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| Unknown vulnerability in nveventd in NetVisualyzer on SGI IRIX 6.5 through 6.5.16 allows local users to write arbitrary files and gain root privileges. | ||||
| CVE-2001-1055 | 1 Microsoft | 2 Windows 98, Windows 98se | 2026-04-16 | N/A |
| The Microsoft Windows network stack allows remote attackers to cause a denial of service (CPU consumption) via a flood of malformed ARP request packets with random source IP and MAC addresses, as demonstrated by ARPNuke. | ||||