Export limit exceeded: 362238 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-2778 2 Mozilla, Redhat 3 Firefox, Thunderbird, Enterprise Linux 2026-04-16 N/A
The crypto.signText function in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to execute arbitrary code via certain optional Certificate Authority name arguments, which causes an invalid array index and triggers a buffer overflow.
CVE-2005-4819 1 Ibm 1 Lotus Domino 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Lotus Domino versions before 6.5.4 fix pack 1 (FP1) and versions before 7.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2000-0892 2 Caldera, U Win 2 Openlinux, U Win 2026-04-16 N/A
Some telnet clients allow remote telnet servers to request environment variables from the client that may contain sensitive information, or remote web servers to obtain the information via a telnet: URL.
CVE-2006-1069 1 Geeklog 1 Geeklog 2026-04-16 N/A
Unspecified vulnerability in the session handling for Geeklog 1.4.x before 1.4.0sr2, 1.3.11 before 1.3.11sr5, 1.3.9 before 1.3.9sr5, and possibly earlier versions allows attackers to gain privileges as arbitrary users via unknown vectors.
CVE-2006-1071 1 Dvguestbook 1 Dvguestbook 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in DVguestbook 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the page parameter.
CVE-2000-1196 1 Netscape 1 Publishingxpert 2026-04-16 N/A
PSCOErrPage.htm in Netscape PublishingXpert 2.5 before SP2 allows remote attackers to read arbitrary files by specifying the target file in the errPagePath parameter.
CVE-2006-1074 1 Jason Boettcher 1 Liero Xtreme 2026-04-16 N/A
Jason Boettcher Liero Xtreme 0.62b and earlier allow remote attackers to cause a denial of service (application crash or hang) via a long argument to the connect command.
CVE-2006-1076 1 Invision Power Services 1 Invision Power Board 2026-04-16 N/A
SQL injection vulnerability in index.php, possibly during a showtopic operation, in Invision Power Board (IPB) 2.1.5 allows remote attackers to execute arbitrary SQL commands via the st parameter.
CVE-2006-2789 1 Gnome 1 Evolution 2026-04-16 N/A
Evolution 2.2.x and 2.3.x in GNOME 2.7 and 2.8, when "load images if sender in addressbook" is enabled, allows remote attackers to cause a denial of service (persistent crash) via a crafted "From" header that triggers an assert error in camel-internet-address.c when a null pointer is used.
CVE-2001-0156 1 Van Dyke Technologies 1 Vshell 2026-04-16 N/A
VShell SSH gateway 1.0.1 and earlier has a default port forwarding rule of 0.0.0.0/0.0.0.0, which could allow local users to conduct arbitrary port forwarding to other systems.
CVE-2001-0164 1 Netscape 1 Directory Server 2026-04-16 N/A
Buffer overflow in Netscape Directory Server 4.12 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed recipient field.
CVE-2006-1080 1 Game-panel 1 Game-panel 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in login.php in Game-Panel 2.6.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the message parameter, possibly requiring a URL encoded value.
CVE-2001-0579 1 Sco 1 Openserver 2026-04-16 N/A
lpadmin in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a buffer overflow attack in the first argument to the command.
CVE-2001-0580 1 Hughes Technologies 1 Dsl Vdns 2026-04-16 N/A
Hughes Technologies Virtual DNS (VDNS) Server 1.0 allows a remote attacker to create a denial of service by connecting to port 6070, sending some data, and closing the connection.
CVE-2006-1220 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Integer overflow in the mach_msg_send function in the kernel for Mac OS X might allow local users to execute arbitrary code via unknown attack vectors related to a large message header size, which leads to a heap-based buffer overflow.
CVE-2001-0582 1 Ben Spink 1 Crushftp Ftp Server 2026-04-16 N/A
Ben Spink CrushFTP FTP Server 2.1.6 and earlier allows a local attacker to access arbitrary files via a '..' (dot dot) attack, or variations, in (1) GET, (2) CD, (3) NLST, (4) SIZE, (5) RETR.
CVE-2006-1227 1 Drupal 1 Drupal 2026-04-16 N/A
Drupal 4.5.x before 4.5.8 and 4.6.x before 4.5.8, when menu.module is used to create a menu item, does not implement access control for the page that is referenced, which might allow remote attackers to access administrator pages.
CVE-2001-0583 1 Alt-n 1 Mdaemon 2026-04-16 N/A
Alt-N Technologies MDaemon 3.5.4 allows a remote attacker to create a denial of service via the URL request of a MS-DOS device (such as GET /aux) to (1) the Worldclient service at port 3000, or (2) the Webconfig service at port 3001.
CVE-2001-0585 1 Gordano 1 Ntmail 2026-04-16 N/A
Gordano NTMail 6.0.3c allows a remote attacker to create a denial of service via a long (>= 255 characters) URL request to port 8000 or port 9000.
CVE-2001-0586 1 Trend Micro 1 Scanmail Exchange 2026-04-16 N/A
TrendMicro ScanMail for Exchange 3.5 Evaluation allows a local attacker to recover the administrative credentials for ScanMail via a combination of unprotected registry keys and weakly encrypted passwords.