Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0979 1 Microsoft 4 Windows 95, Windows 98, Windows 98se and 1 more 2026-04-16 N/A
File and Print Sharing service in Windows 95, Windows 98, and Windows Me does not properly check the password for a file share, which allows remote attackers to bypass share access controls by sending a 1-byte password that matches the first character of the real password, aka the "Share Level Password" vulnerability.
CVE-2003-0468 3 Conectiva, Redhat, Wietse Venema 3 Linux, Linux, Postfix 2026-04-16 N/A
Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a "!" string, which causes Postfix to attempt to use SMTP to communicate with the target on the associated port.
CVE-2000-0982 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer before 5.5 forwards cached user credentials for a secure web site to insecure pages on the same web site, which could allow remote attackers to obtain the credentials by monitoring connections to the web server, aka the "Cached Web Credentials" vulnerability.
CVE-2006-0324 1 Webspot 1 Webspotblogging 2026-04-16 N/A
SQL injection vulnerability in WebspotBlogging 3.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the username parameter to login.php.
CVE-2000-0984 1 Cisco 1 Ios 2026-04-16 N/A
The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to cause a denial of service (crash and reload) via a URL containing a "?/" string.
CVE-2000-0987 1 Oracle 2 Internet Directory, Oracle8i 2026-04-16 N/A
Buffer overflow in oidldapd in Oracle 8.1.6 allow local users to gain privileges via a long "connect" command line parameter.
CVE-2006-0333 1 Ar-blog 1 Ar-blog 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in ar-blog 5.2 allows remote attackers to inject arbitrary web script or HTML via the (1) month or (2) year parameter to index.php.
CVE-2000-0994 1 Openbsd 1 Openbsd 2026-04-16 N/A
Format string vulnerability in OpenBSD fstat program (and possibly other BSD-based operating systems) allows local users to gain root privileges via the PWD environmental variable.
CVE-2006-0339 1 Bitcomet 1 Bitcomet 2026-04-16 N/A
Buffer overflow in BitComet Client 0.60 allows remote attackers to execute arbitrary code, when the publisher's name link is clicked, via a long publisher URI in a torrent file.
CVE-2003-0469 1 Microsoft 7 Windows 2000, Windows 2003 Server, Windows 98 and 4 more 2026-04-16 N/A
Buffer overflow in the HTML Converter (HTML32.cnv) on various Windows operating systems allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via cut-and-paste operation, as demonstrated in Internet Explorer 5.0 using a long "align" argument in an HR tag.
CVE-2006-0349 1 Epic Designs 1 Eggblog 2026-04-16 N/A
SQL injection vulnerability in eggblog 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to blog.php.
CVE-2006-0351 1 Don Moore 1 Mydns 2026-04-16 N/A
Unspecified "critical denial-of-service vulnerability" in MyDNS before 1.1.0 has unknown impact and attack vectors.
CVE-2000-1014 1 Sco 1 Unixware 2026-04-16 N/A
Format string vulnerability in the search97.cgi CGI script in SCO help http server for Unixware 7 allows remote attackers to execute arbitrary commands via format characters in the queryText parameter.
CVE-2000-1016 1 Suse 1 Suse Linux 2026-04-16 N/A
The default configuration of Apache (httpd.conf) on SuSE 6.4 includes an alias for the /usr/doc directory, which allows remote attackers to read package documentation and obtain system configuration information via an HTTP request for the /doc/packages URL.
CVE-2000-1157 1 Network Associates 1 Sniffer Agent 2026-04-16 N/A
Buffer overflow in NAI Sniffer Agent allows remote attackers to execute arbitrary commands via a long SNMP community name.
CVE-2006-0407 1 Azbb 1 Az Bulletin Board 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in post.php in AZ Bulletin Board (AZbb) 1.1.00 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) nickname parameter and (2) an iframe tag in the topic parameter. NOTE: the original disclosure specified the name parameter, but a correction was later provided. NOTE: followup posts have both disputed and confirmed the original claim.
CVE-2000-1161 1 Adcycle 1 Adcycle 2026-04-16 N/A
The installation of AdCycle banner management system leaves the build.cgi program in a web-accessible directory, which allows remote attackers to execute the program and view passwords or delete databases.
CVE-2000-1162 1 Aladdin Enterprises 1 Ghostscript 2026-04-16 N/A
ghostscript before 5.10-16 allows local users to overwrite files of other users via a symlink attack.
CVE-2000-1176 1 Yabb 1 Yabb 2026-04-16 N/A
Directory traversal vulnerability in YaBB search.pl CGI script allows remote attackers to read arbitrary files via a .. (dot dot) attack in the "catsearch" form field.
CVE-2006-0417 1 Mywebland 1 Minibloggie 2026-04-16 N/A
SQL injection vulnerability in login.php in miniBloggie 1.0 and earlier, when gpc_magic_quotes is disabled, allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username and (2) password parameters.