Export limit exceeded: 29943 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29943 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0437 | 1 South River Technologies | 1 Titan Ftp Server | 2026-04-16 | N/A |
| Titan FTP Server version 3.01 build 163, and possibly other versions before build 169, allows remote authenticated users to cause a denial of service (crash) by disconnecting from the system during a "LIST -L" command, which causes Titan to access an invalid socket. | ||||
| CVE-2004-0471 | 1 Bea | 1 Weblogic Server | 2026-04-16 | N/A |
| BEA WebLogic Server and WebLogic Express 7.0 through SP5 and 8.1 through SP2 does not enforce site restrictions for starting and stopping servers for users in the Admin and Operator security roles, which allows unauthorized users to cause a denial of service (service shutdown). | ||||
| CVE-2006-1485 | 1 Greymatter | 1 Greymatter | 2026-04-16 | N/A |
| gm-upload.cgi in Greymatter 1.3.1 allows remote authenticated users with upload privileges to execute arbitrary programs by uploading files to locations within the web root. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2004-0632 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2026-04-16 | N/A |
| Adobe Reader 6.0 does not properly handle null characters when splitting a filename path into components, which allows remote attackers to execute arbitrary code via a file with a long extension that is not normally handled by Reader, triggering a buffer overflow. | ||||
| CVE-2000-0848 | 1 Ibm | 1 Websphere Application Server | 2026-04-16 | N/A |
| Buffer overflow in IBM WebSphere web application server (WAS) allows remote attackers to execute arbitrary commands via a long Host: request header. | ||||
| CVE-2006-1499 | 1 Source Workshop | 1 Vcounter | 2026-04-16 | N/A |
| SQL injection vulnerability in vCounter.php in vCounter 1.0 allows remote attackers to execute arbitrary SQL commands via the URI (_SERVER[REQUEST_URI] variable). | ||||
| CVE-2004-0693 | 2 Redhat, Trolltech | 2 Enterprise Linux, Qt | 2026-04-16 | N/A |
| The GIF parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0692. | ||||
| CVE-2006-1574 | 1 Hitachi | 4 Groupmax World Wide Web, Groupmax World Wide Web Desktop, Groupmax World Wide Web Desktop Scheduler and 1 more | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Groupmax World Wide Web, World Wide Web Desktop, World Wide Web for Scheduler, and Desktop for Scheduler, allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. | ||||
| CVE-2006-1577 | 1 Mantis | 1 Mantis | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in view_all_set.php in Mantis 1.0.1, 1.0.0rc5, and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) start_day, (2) start_year, and (3) start_month parameters. | ||||
| CVE-2006-1584 | 1 Juliusz Julas Gonera | 1 Warcraft Iii Replay Parser Php | 2026-04-16 | N/A |
| Unspecified vulnerability in index.php in Warcraft III Replay Parser for PHP 1.8c allows remote attackers to inject arbitrary web script or HTML via the page parameter, possibly related to fopen function calls or file uploads. NOTE: post-disclosure analysis by CVE suggests that the "page" parameter is not used in this product, and "id" might be the affected parameter. | ||||
| CVE-1999-0394 | 2026-04-16 | N/A | ||
| DPEC Online Courseware allows an attacker to change another user's password without knowing the original password. | ||||
| CVE-2000-0899 | 1 Max Feoktistov | 1 Small Http Server | 2026-04-16 | N/A |
| Small HTTP Server 2.01 allows remote attackers to cause a denial of service by connecting to the server and sending out multiple GET, HEAD, or POST requests and closing the connection before the server responds to the requests. | ||||
| CVE-1999-0396 | 2 Netbsd, Openbsd | 2 Netbsd, Openbsd | 2026-04-16 | N/A |
| A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service. | ||||
| CVE-2006-1603 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in profile.php in phpBB 2.0.19 allows remote attackers to inject arbitrary web script or HTML via the cur_password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-1999-0406 | 1 Digital | 1 Unix | 2026-04-16 | N/A |
| Digital Unix Networker program nsralist has a buffer overflow which allows local users to obtain root privilege. | ||||
| CVE-1999-0413 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| A buffer overflow in the SGI X server allows local users to gain root access through the X server font path. | ||||
| CVE-2006-1605 | 1 Exponent | 1 Exponent Cms | 2026-04-16 | N/A |
| Unspecified vulnerability in the image module in Exponent CMS before 0.96.5 RC 1 allows remote attackers to execute arbitrary code via unknown vectors involving "parsed PHP." | ||||
| CVE-1999-0416 | 1 Cisco | 1 Cisco 7xx Routers | 2026-04-16 | N/A |
| Vulnerability in Cisco 7xx series routers allows a remote attacker to cause a system reload via a TCP connection to the router's TELNET port. | ||||
| CVE-2006-1606 | 1 Exponent | 1 Exponent Cms | 2026-04-16 | N/A |
| Unspecified vulnerability in the image module in Exponent CMS before 0.96.5 RC 1 allows "directory disclosure" with unknown attack vectors. | ||||
| CVE-1999-0418 | 2026-04-16 | N/A | ||
| Denial of service in SMTP applications such as Sendmail, when a remote attacker (e.g. spammer) uses many "RCPT TO" commands in the same connection. | ||||