Export limit exceeded: 360766 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (360766 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3899 | 1 Google | 1 Talk | 2026-04-16 | N/A |
| The automatic update feature in Google Talk allows remote attackers to cause a denial of service (CPU and memory consumption) by poisoning a target's DNS cache and causing a large update file to be sent, which consumes large amounts of CPU and memory during the signature verification, aka BenjiBug. | ||||
| CVE-2000-0080 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| AIX techlibss allows local users to overwrite files via a symlink attack. | ||||
| CVE-2000-0083 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| HP asecure creates the Audio Security File audio.sec with insecure permissions, which allows local users to cause a denial of service or gain additional privileges. | ||||
| CVE-2006-2798 | 1 Phpcommunitycalendar | 1 Phpcommunitycalendar | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpCommunityCalendar 4.0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) LoName parameter in (a) week.php and (b) month.php and (2) AddressLink parameter in (c) event.php. | ||||
| CVE-2006-2806 | 1 Apache | 1 James | 2026-04-16 | N/A |
| The SMTP server in Apache Java Mail Enterprise Server (aka Apache James) 2.2.0 allows remote attackers to cause a denial of service (CPU consumption) via a long argument to the MAIL command. | ||||
| CVE-2000-0115 | 1 Microsoft | 1 Internet Information Server | 2026-04-16 | N/A |
| IIS allows local users to cause a denial of service via invalid regular expressions in a Visual Basic script in an ASP page. | ||||
| CVE-2006-2809 | 1 Ar-blog | 1 Ar-blog | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in ar-blog 5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) count parameter, and possibly the (2) next, (3) Year_the_news, and (4) mo parameters. NOTE: the year and month vectors are already covered by CVE-2006-0333. | ||||
| CVE-2000-0132 | 1 Microsoft | 1 Virtual Machine | 2026-04-16 | N/A |
| Microsoft Java Virtual Machine allows remote attackers to read files via the getSystemResourceAsStream function. | ||||
| CVE-2000-0154 | 1 Sco | 1 Unixware | 2026-04-16 | N/A |
| The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink attack. | ||||
| CVE-2000-0261 | 1 Avm | 1 Ken | 2026-04-16 | N/A |
| The AVM KEN! web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. | ||||
| CVE-2006-2813 | 1 Ishopcart | 1 Ishopcart | 2026-04-16 | N/A |
| Directory traversal vulnerability in easy-scart.cgi in iShopCart allows remote attackers to read arbitrary files via a .. (dot dot) in the query string. | ||||
| CVE-2000-0177 | 1 Dnstools Software | 1 Dnstools | 2026-04-16 | N/A |
| DNSTools CGI applications allow remote attackers to execute arbitrary commands via shell metacharacters. | ||||
| CVE-2005-1292 | 1 Elemental Software | 1 Cartwiz | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in CartWIZ ASP Cart allow remote attackers to inject arbitrary web script or HTML via the idProduct parameter to (1) tellAFriend.asp or (2) addToWishlist.asp, redirect parameter to (3) access.asp or (4) login.asp, message parameter to (5) login.asp or (6) error.asp, or (7) sku or (8) name parameter to searchResults.asp. | ||||
| CVE-2006-2824 | 1 Logicalware | 1 Mailmanager | 2026-04-16 | N/A |
| Logicalware MailManager before 2.0.10 does not remove 0xc8 0x27 (0xc8 followed by a single-quote character) from the data stream to the server, which allows remote attackers to modify data and gain administrative access when PostgreSQL is used, aka "bug #1494281 - Postgres encoding security hole." NOTE: while this issue involves PostgreSQL, it is specific to MailManager's interface to PostgreSQL and is therefore a different vulnerability than CVE-2006-2313 and CVE-2006-2314. | ||||
| CVE-2000-0206 | 1 Oracle | 1 Oracle8i | 2026-04-16 | N/A |
| The installation of Oracle 8.1.5.x on Linux follows symlinks and creates the orainstRoot.sh file with world-writeable permissions, which allows local users to gain privileges. | ||||
| CVE-2005-3907 | 1 Sun | 2 Jdk, Jre | 2026-04-16 | N/A |
| Unspecified vulnerability in Java Runtime Environment in Java JDK and JRE 5.0 Update 3 and earlier allows remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary applications via unknown attack vectors involving untrusted Java applets. | ||||
| CVE-2000-0218 | 2 Caldera, Suse | 2 Openlinux, Suse Linux | 2026-04-16 | N/A |
| Buffer overflow in Linux mount and umount allows local users to gain root privileges via a long relative pathname. | ||||
| CVE-2005-1306 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2026-04-16 | 7.5 High |
| The Adobe Reader control in Adobe Reader and Acrobat 7.0 and 7.0.1 allows remote attackers to determine the existence of files via Javascript containing XML script, aka the "XML External Entity vulnerability." | ||||
| CVE-2005-3910 | 1 Post Affiliate Pro | 1 Post Affiliate Pro | 2026-04-16 | N/A |
| merchants/index.php in Post Affiliate Pro 2.0.4 and earlier, with magic_quotes_gpc disabled, allows remote attackers to include arbitrary local files via the md parameter, possibly due to a directory traversal vulnerability. | ||||
| CVE-2000-0466 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| AIX cdmount allows local users to gain root privileges via shell metacharacters. | ||||