Export limit exceeded: 363052 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363052 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0638 1 Sean Macguire 1 Big Brother 2026-04-16 N/A
bb-hostsvc.sh in Big Brother 1.4h1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack on the HOSTSVC parameter.
CVE-2005-3957 1 Dotclear 1 Dotclear 2026-04-16 N/A
Unspecified vulnerability in the Trackback functionality in DotClear 1.2.1 has unknown impact and attack vectors.
CVE-2000-0648 1 Texas Imperial Software 1 Wftpd 2026-04-16 N/A
WFTPD and WFTPD Pro 2.41 allows local users to cause a denial of service by executing the RENAME TO (RNTO) command before a RENAME FROM (RNFR) command.
CVE-2005-1374 1 Claroline 1 Claroline 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote attackers to inject arbitrary web script or HTML via (1) exercise_result.php, (2) exercice_submit.php, (3) agenda.php, (4) learningPathList.php, (5) learningPathAdmin.php, (6) learningPath.php, (7) userLog.php, (8) tool parameter to toolaccess_details.php, (9) data parameter to user_access_details.php, or (10) coursePath parameter to myagenda.php.
CVE-2005-3925 1 Helpdesk Issue Manager 1 Helpdesk Issue Manager 2026-04-16 N/A
Multiple SQL injection vulnerabilities in Central Manchester CLC Helpdesk Issue Manager 0.9 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) detail[], (2) orderdir, and (3) orderby parameters to find.php, and the (4) id parameter to issue.php.
CVE-2000-0328 1 Microsoft 1 Windows Nt 2026-04-16 N/A
Windows NT 4.0 generates predictable random TCP initial sequence numbers (ISN), which allows remote attackers to perform spoofing and session hijacking.
CVE-2000-0323 1 Microsoft 1 Jet 2026-04-16 N/A
The Microsoft Jet database engine allows an attacker to modify text files via a database query, aka the "Text I-ISAM" vulnerability.
CVE-2005-3913 1 Vchs 1 Vchs 2026-04-16 N/A
Unspecified vulnerability in the domain alias management in Virtual Hosting Control System (VHCS) 2.4.6.2, related to "creating and deleting forwards for domain aliases," allows users to hijack the forwardings of other users.
CVE-2005-1355 1 Includer.cgi 1 Includer.cgi 2026-04-16 N/A
includer.cgi in The Includer allows remote attackers to read arbitrary files via a full pathname in the argument, a similar vulnerability to CVE-2005-0801.
CVE-2000-0300 1 Symantec 1 Pcanywhere 2026-04-16 N/A
The default encryption method of PcAnywhere 9.x uses weak encryption, which allows remote attackers to sniff and decrypt PcAnywhere or NT domain accounts.
CVE-1999-1388 1 Sun 1 Sunos 2026-04-16 N/A
passwd in SunOS 4.1.x allows local users to overwrite arbitrary files via a symlink attack and the -F command line argument.
CVE-1999-1395 1 Dec 1 Dec Openvms 2026-04-16 N/A
Vulnerability in Monitor utility (SYS$SHARE:SPISHR.EXE) in VMS 5.0 through 5.4-2 allows local users to gain privileges.
CVE-2002-0747 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in lsmcode in AIX 4.3.3.
CVE-2005-1070 1 Invision Power Services 1 Invision Board 2026-04-16 N/A
SQL injection vulnerability in index.php in Invision Power Board 1.3.1 Final and earlier allows remote attackers to execute arbitrary SQL commands via the st parameter.
CVE-2005-3838 1 Isolsoft 1 Support Center 2026-04-16 N/A
Multiple SQL injection vulnerabilities in search.php in IsolSoft Support Center 2.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) lorder, (2) Priority, (3) Status, (4) Category, (5) searchvalue, and (6) field parameter.
CVE-2006-2755 1 Ubbcentral 1 Ubb.threads 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in UBBThreads 5.x and earlier allows remote attackers to inject arbitrary web script or HTML via the debug parameter, as demonstrated by stealing MD5 hashes of passwords.
CVE-1999-1421 1 N-base 2 Nh208, Nh215 2026-04-16 N/A
NBase switches NH208 and NH215 run a TFTP server which allows remote attackers to send software updates to modify the switch or cause a denial of service (crash) by guessing the target filenames, which have default names.
CVE-1999-1423 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
ping in Solaris 2.3 through 2.6 allows local users to cause a denial of service (crash) via a ping request to a multicast address through the loopback interface, e.g. via ping -i.
CVE-2005-1090 1 Maxthon 1 Maxthon 2026-04-16 N/A
Directory traversal vulnerability in the readFile and writeFile API for Maxthon 1.2.0 and 1.2.1 allows remote attackers to read or write arbitrary files.
CVE-2005-3845 1 Ezinvoiceinc 1 Ez Invoice Inc 2026-04-16 N/A
SQL injection vulnerability in invoices.php in EZ Invoice Inc 2.0 allows remote attackers to execute arbitrary SQL commands via the i parameter. NOTE: the vendor has stated "EZ Invoice, Inc has a patah available. Please email support@ezinvoiceinc.com and EZI will email you the patch to fix this small issue."