Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0101 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 6.0 and earlier allows local users to cause a denial of service via an infinite loop for modeless dialogs showModelessDialog, which causes CPU usage while the focus for the dialog is not released.
CVE-2004-1315 1 Phpbb Group 1 Phpbb 2026-04-16 N/A
viewtopic.php in phpBB 2.x before 2.0.11 improperly URL decodes the highlight parameter when extracting words and phrases to highlight, which allows remote attackers to execute arbitrary PHP code by double-encoding the highlight value so that special characters are inserted into the result, which is then processed by PHP exec, as exploited by the Santy.A worm.
CVE-2006-2483 1 Lighthouse Development 1 Squirrelcart 2026-04-16 N/A
PHP remote file inclusion vulnerability in cart_content.php in Squirrelcart 2.2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cart_isp_root parameter.
CVE-2006-4864 1 All Enthusiast Inc 1 Reviewpost Php Pro 2026-04-16 N/A
PHP remote file inclusion vulnerability in index.php in All Enthusiast ReviewPost 2.5 allows remote attackers to execute arbitrary PHP code via a URL in the RP_PATH parameter.
CVE-1999-0370 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
In Sun Solaris and SunOS, man and catman contain vulnerabilities that allow overwriting arbitrary files.
CVE-2006-4865 1 Phpquiz 1 Phpquiz 2026-04-16 N/A
Walter Beschmout PhpQuiz allows remote attackers to obtain sensitive information via a direct request to cfgphpquiz/install.php and other unspecified vectors.
CVE-1999-0392 1 Thomas Boutell 1 Cgic Library 2026-04-16 N/A
Buffer overflow in Thomas Boutell's cgic library version up to 1.05.
CVE-2004-0695 1 4d 1 Webstar 2026-04-16 N/A
Stack-based buffer overflow in the FTP service for 4D WebSTAR 5.3.2 and earlier allows remote attackers to execute arbitrary code via a long FTP command.
CVE-2006-4866 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Buffer overflow in kextload in Apple OS X, as used by TDIXSupport in Roxio Toast Titanium and possibly other products, allows local users to execute arbitrary code via a long extension argument.
CVE-1999-0390 2 Redhat, Suse 2 Linux, Suse Linux 2026-04-16 N/A
Buffer overflow in Dosemu Slang library in Linux.
CVE-1999-0459 2026-04-16 N/A
Local users can perform a denial of service in Alpha Linux, using MILO to force a reboot.
CVE-2006-2563 1 Php 1 Php 2026-04-16 N/A
The cURL library (libcurl) in PHP 4.4.2 and 5.1.4 allows attackers to bypass safe mode and read files via a file:// request containing null characters.
CVE-2006-4867 1 Gnuturk 1 Gnuturk Portal System 2026-04-16 N/A
SQL injection vulnerability in mods.php in GNUTurk 2G and earlier allows remote attackers to execute arbitrary SQL commands via the t_id parameter when the go parameter is "Forum."
CVE-1999-0401 1 Linux 1 Linux Kernel 2026-04-16 N/A
A race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files.
CVE-1999-0402 1 Gnu 1 Wget 2026-04-16 N/A
wget 1.5.3 follows symlinks to change permissions of the target file instead of the symlink itself.
CVE-1999-0403 1 Cyrix 1 Linux 2026-04-16 N/A
A bug in Cyrix CPUs on Linux allows local users to perform a denial of service.
CVE-1999-0407 1 Microsoft 1 Internet Information Server 2026-04-16 N/A
By default, IIS 4.0 has a virtual directory /IISADMPWD which contains files that can be used as proxies for brute force password attacks, or to identify valid users on the system.
CVE-2006-2571 1 Alkacon 1 Opencms 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in search.html in Alkacon OpenCms 6.0.0, 6.0.2, and 6.0.3 allows remote attackers to inject arbitrary web script or HTML via the query parameter in a search action.
CVE-1999-0414 1 Linux 1 Linux Kernel 2026-04-16 N/A
In Linux before version 2.0.36, remote attackers can spoof a TCP connection and pass data to the application layer before fully establishing the connection.
CVE-2006-4873 1 Jupiter Cms 1 Jupiter Cms 2026-04-16 N/A
Jupiter CMS allows remote attackers to obtain sensitive information via a direct request for (1) includes/functions.php, (2) modules/register.php, (3) modules/poll.php, (4) modules/panel.php, (5) modules/pm.php, (6) modules/news.php, (7) modules/templates_change.php, (8) modules/users.php, (9) modules/misc.php, (10) modules/masspm.php, (11) modules/mass-email.php, (12) modules/main-nav.php, (13) modules/login.php, (14) modules/layout.php, (15) modules/hq.php, (16) modules/forum.php, (17) modules/forum-admin.php, (18) modules/events.php, (19) modules/emoticons.php, (20) modules/download.php, (21) modules/blocks.php, (22) modules/ban.php, (23) modules/badwords.php, (24) modules/ads.php, or (25) modules/admin.php, which reveals the installation path in various error messages. NOTE: The modules/online.php vector is already covered by CVE-2006-1679.