Export limit exceeded: 359608 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359608 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-1225 | 1 Imatix | 1 Xitami | 2026-04-16 | N/A |
| Xitami 2.5b installs the testcgi.exe program by default in the cgi-bin directory, which allows remote attackers to gain sensitive configuration information about the web server by accessing the program. | ||||
| CVE-2006-1546 | 2 Apache, Redhat | 2 Struts, Rhel Application Server | 2026-04-16 | N/A |
| Apache Software Foundation (ASF) Struts before 1.2.9 allows remote attackers to bypass validation via a request with a 'org.apache.struts.taglib.html.Constants.CANCEL' parameter, which causes the action to be canceled but would not be detected from applications that do not use the isCancelled check. | ||||
| CVE-2006-1583 | 1 Juliusz Julas Gonera | 1 Warcraft Iii Replay Parser Php | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Warcraft III Replay Parser for PHP 1.8c allows remote attackers to inject arbitrary web script or HTML via the page parameter. NOTE: post-disclosure analysis by CVE suggests that the "page" parameter is not used in this product, and "id" might be the affected parameter. | ||||
| CVE-2000-1231 | 1 Phorum | 1 Phorum | 2026-04-16 | N/A |
| code.php3 in Phorum 3.0.7 allows remote attackers to read arbitrary files in the phorum directory via the query string. | ||||
| CVE-2000-1232 | 1 Phorum | 1 Phorum | 2026-04-16 | N/A |
| upgrade.php3 in Phorum 3.0.7 could allow remote attackers to modify certain Phorum database tables via an unknown method. | ||||
| CVE-2000-1233 | 1 Phorum | 1 Phorum | 2026-04-16 | N/A |
| SQL injection vulnerability in read.php3 and other scripts in Phorum 3.0.7 allows remote attackers to execute arbitrary SQL queries via the sSQL parameter. | ||||
| CVE-2000-1237 | 1 Floosietek | 1 Ftgate | 2026-04-16 | N/A |
| The POP3 server in FTGate returns an -ERR code after receiving an invalid USER request, which makes it easier for remote attackers to determine valid usernames and conduct brute force password guessing. | ||||
| CVE-2001-0213 | 1 Planet Intra | 1 Planet Intra | 2026-04-16 | N/A |
| Buffer overflow in pi program in PlanetIntra 2.5 allows remote attackers to execute arbitrary commands. | ||||
| CVE-2001-0009 | 1 Lotus | 1 Domino Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Lotus Domino 5.0.5 web server allows remote attackers to read arbitrary files via a .. attack. | ||||
| CVE-2001-0020 | 1 Cisco | 2 Arrowpoint, Content Services Switch | 2026-04-16 | N/A |
| Directory traversal vulnerability in Arrowpoint (aka Cisco Content Services, or CSS) allows local unprivileged users to read arbitrary files via a .. (dot dot) attack. | ||||
| CVE-2005-1653 | 1 Woppoware | 1 Postmaster | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in message.htm for Woppoware PostMaster 4.2.2 (build 3.2.5) allows remote attackers to inject arbitrary web script or HTML via the email parameter. | ||||
| CVE-2001-0041 | 1 Cisco | 1 Catos | 2026-04-16 | N/A |
| Memory leak in Cisco Catalyst 4000, 5000, and 6000 series switches allows remote attackers to cause a denial of service via a series of failed telnet authentication attempts. | ||||
| CVE-2005-1663 | 1 Jeuce | 1 Jeuce Personal Web Server | 2026-04-16 | N/A |
| Jeuce Personal Web Server 2.13 allows remote attackers to cause a denial of service (server crash) via a GET request beginning with "://". | ||||
| CVE-2001-0049 | 1 Watchguard | 1 Soho Firewall | 2026-04-16 | N/A |
| WatchGuard SOHO FireWall 2.2.1 and earlier allows remote attackers to cause a denial of service via a large number of GET requests. | ||||
| CVE-2001-0050 | 1 Colten Edwards | 1 Bitchx | 2026-04-16 | N/A |
| Buffer overflow in BitchX IRC client allows remote attackers to cause a denial of service and possibly execute arbitrary commands via an IP address that resolves to a long DNS hostname or domain name. | ||||
| CVE-2001-0052 | 1 Ibm | 1 Db2 Universal Database | 2026-04-16 | N/A |
| IBM DB2 Universal Database version 6.1 allows users to cause a denial of service via a malformed query. | ||||
| CVE-2001-0097 | 1 Infinite | 1 Infinite Interchange | 2026-04-16 | N/A |
| The Web interface for Infinite Interchange 3.6.1 allows remote attackers to cause a denial of service (application crash) via a large POST request. | ||||
| CVE-2001-0102 | 1 Apple | 1 Macos | 2026-04-16 | N/A |
| "Multiple Users" Control Panel in Mac OS 9 allows Normal users to gain Owner privileges by removing the Users & Groups Data File, which effectively removes the Owner password and allows the Normal user to log in as the Owner account without a password. | ||||
| CVE-2001-0109 | 1 Suse | 1 Suse Linux | 2026-04-16 | N/A |
| rctab in SuSE 7.0 and earlier allows local users to create or overwrite arbitrary files via a symlink attack on the rctmp temporary file. | ||||
| CVE-2004-1110 | 2 Gentoo, Jean-jacques Sarton | 2 Linux, Mtink | 2026-04-16 | N/A |
| The mtink status monitor before 1.0.5 for Epson printers allows local users to overwrite arbitrary files via a symlink attack on the epson temporary file. | ||||