Export limit exceeded: 349809 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29915 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29915 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-1495 | 1 Suse | 1 Suse Linux | 2026-04-16 | N/A |
| xtvscreen in SuSE Linux 6.0 allows local users to overwrite arbitrary files via a symlink attack on the pic000.pnm file. | ||||
| CVE-1999-1507 | 1 Sun | 1 Sunos | 2026-04-16 | N/A |
| Sun SunOS 4.1 through 4.1.3 allows local attackers to gain root access via insecure permissions on files and directories such as crash. | ||||
| CVE-1999-1493 | 1 Hp | 1 Apollo Domain Os | 2026-04-16 | N/A |
| Vulnerability in crp in Hewlett Packard Apollo Domain OS SR10 through SR10.3 allows remote attackers to gain root privileges via insecure system calls, (1) pad_$dm_cmd and (2) pad_$def_pfk(). | ||||
| CVE-2005-3864 | 1 Berlios | 1 Sourcewell | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in SourceWell 1.1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the cnt parameter. NOTE: various reports indicate that the affected version is 1.1.3, but as of 2005-11-29, the most recent version appears to be 1.1.2. | ||||
| CVE-1999-1492 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| Vulnerability in (1) diskperf and (2) diskalign in IRIX 6.4 allows local attacker to create arbitrary root owned files, leading to root privileges. | ||||
| CVE-1999-1501 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| (1) ipxchk and (2) ipxlink in SGI OS2 IRIX 6.3 does not properly clear the IFS environmental variable before executing system calls, which allows local users to execute arbitrary commands. | ||||
| CVE-2005-3866 | 1 Wwwsearchsolutions | 1 Searchfeed Search Engine | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in SearchFeed Search Engine 1.3.2 and earlier allows remote attackers to inject arbitrary HTML and web script, possibly via the REQ parameter, which is used when performing a search. | ||||
| CVE-2006-2770 | 1 Pppblog | 1 Pppblog | 2026-04-16 | N/A |
| Directory traversal vulnerability in randompic.php in pppBLOG 0.3.8 and earlier, when register_globals is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) sequence in an index of the "file" array parameter, as demonstrated by file[0]. | ||||
| CVE-1999-1500 | 1 True North | 1 Internet Anywhere Mail Server | 2026-04-16 | N/A |
| Internet Anywhere POP3 Mail Server 2.3.1 allows remote attackers to cause a denial of service (crash) via (1) LIST, (2) TOP, or (3) UIDL commands using letters as arguments. | ||||
| CVE-1999-1499 | 1 Isc | 1 Bind | 2026-04-16 | N/A |
| named in ISC BIND 4.9 and 8.1 allows local users to destroy files via a symlink attack on (1) named_dump.db when root kills the process with a SIGINT, or (2) named.stats when SIGIOT is used. | ||||
| CVE-2006-2773 | 1 Hogstorps | 1 Hogstorp Guestbook | 2026-04-16 | N/A |
| admin/redigera/redigera2.asp in Hogstorps hogstorp Guestbook 2.0 does not verify user credentials, which allows remote attackers to edit arbitrary posts via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-1999-1516 | 1 Tenfour | 1 Tfs Gateway Smtp | 2026-04-16 | N/A |
| A buffer overflow in TenFour TFS Gateway SMTP mail server 3.2 allows an attacker to crash the mail server and possibly execute arbitrary code by offering more than 128 bytes in a MAIL FROM string. | ||||
| CVE-2005-3868 | 1 Turn-k | 1 K-search | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in K-Search 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) term, (2) id, (3) stat, and (4) source parameters to index.php, and (5) through the image parameters with an add request. | ||||
| CVE-1999-1534 | 1 Knox Software | 1 Arkeia | 2026-04-16 | N/A |
| Buffer overflow in (1) nlservd and (2) rnavc in Knox Software Arkeia backup product allows local users to obtain root access via a long HOME environmental variable. | ||||
| CVE-1999-1536 | 1 Acushop | 1 Salesbuilder | 2026-04-16 | N/A |
| .sbstart startup script in AcuShop Salesbuilder is world writable, which allows local users to gain privileges by appending commands to the file. | ||||
| CVE-2005-1148 | 1 Calendarscript | 1 Calendarscript | 2026-04-16 | N/A |
| calendar.pl in CalendarScript 3.21 allows remote attackers to obtain sensitive information via invalid (1) year or (2) month parameters, which leaks the full pathname and debug information. | ||||
| CVE-1999-1531 | 1 Ibm | 1 Homepageprint | 2026-04-16 | N/A |
| Buffer overflow in IBM HomePagePrint 1.0.7 for Windows98J allows a malicious Web site to execute arbitrary code on a viewer's system via a long IMG_SRC HTML tag. | ||||
| CVE-1999-1542 | 1 Redhat | 1 Linux | 2026-04-16 | N/A |
| RPMMail before 1.4 allows remote attackers to execute commands via an e-mail message with shell metacharacters in the "MAIL FROM" command. | ||||
| CVE-1999-1543 | 1 Apple | 1 Macos | 2026-04-16 | N/A |
| MacOS uses weak encryption for passwords that are stored in the Users & Groups Data File. | ||||
| CVE-2005-1157 | 3 Mozilla, Netscape, Redhat | 4 Firefox, Mozilla, Navigator and 1 more | 2026-04-16 | N/A |
| Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 allows remote attackers to replace existing search plugins with malicious ones using sidebar.addSearchEngine and the same filename as the target engine, which may not be displayed in the GUI, which could then be used to execute malicious script, aka "Firesearching 2." | ||||