Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0469 1 Microsoft 7 Windows 2000, Windows 2003 Server, Windows 98 and 4 more 2026-04-16 N/A
Buffer overflow in the HTML Converter (HTML32.cnv) on various Windows operating systems allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via cut-and-paste operation, as demonstrated in Internet Explorer 5.0 using a long "align" argument in an HR tag.
CVE-2006-0349 1 Epic Designs 1 Eggblog 2026-04-16 N/A
SQL injection vulnerability in eggblog 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to blog.php.
CVE-2006-0351 1 Don Moore 1 Mydns 2026-04-16 N/A
Unspecified "critical denial-of-service vulnerability" in MyDNS before 1.1.0 has unknown impact and attack vectors.
CVE-2000-1014 1 Sco 1 Unixware 2026-04-16 N/A
Format string vulnerability in the search97.cgi CGI script in SCO help http server for Unixware 7 allows remote attackers to execute arbitrary commands via format characters in the queryText parameter.
CVE-2000-1016 1 Suse 1 Suse Linux 2026-04-16 N/A
The default configuration of Apache (httpd.conf) on SuSE 6.4 includes an alias for the /usr/doc directory, which allows remote attackers to read package documentation and obtain system configuration information via an HTTP request for the /doc/packages URL.
CVE-2000-1042 1 Mandrakesoft 1 Mandrake Linux 2026-04-16 N/A
Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function.
CVE-2000-1043 1 Mandrakesoft 1 Mandrake Linux 2026-04-16 N/A
Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function.
CVE-2006-0355 1 Helmsman Research 1 Homeftp 2026-04-16 N/A
Helmsman Research (aka CoolUtils) HomeFtp 1.1 allows remote attackers to cause an unspecified denial of service via a long USER command combined with a long PASS command and an NLST command.
CVE-2006-0360 1 Mpm 1 Hp-180w Voip Wifi Phone 2026-04-16 N/A
MPM SIP HP-180W Wireless IP Phone WE.00.17 allows remote attackers to obtain sensitive information and possibly cause a denial of service via a direct connection to UDP port 9090, which is undocumented and does not require authentication.
CVE-2000-1049 1 Macromedia 1 Jrun 2026-04-16 N/A
Allaire JRun 3.0 http servlet server allows remote attackers to cause a denial of service via a URL that contains a long string of "." characters.
CVE-2000-1057 1 Hp 1 Openview Network Node Manager 2026-04-16 N/A
Vulnerabilities in database configuration scripts in HP OpenView Network Node Manager (NNM) 6.1 and earlier allows local users to gain privileges, possibly via insecure permissions.
CVE-2006-0361 1 Bit 5 Blog 1 Bit 5 Blog 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in addcomment.php in Bit 5 Blog 8.01 allows remote attackers to inject arbitrary web script or HTML via a javascript URI in an <a> tag in the comment parameter, which strips most tags but not <a>.
CVE-2003-0480 1 Vmware 1 Workstation 2026-04-16 N/A
VMware Workstation 4.0 for Linux allows local users to overwrite arbitrary files and gain privileges via "symlink manipulation."
CVE-2000-1062 1 Hp 1 Jetdirect 2026-04-16 N/A
Buffer overflow in the FTP service in HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service.
CVE-2006-0366 1 Phpclanwebsite 1 Phpclanwebsite 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Phpclanwebsite (aka PCW) allows remote attackers to inject arbitrary web script or HTML via a javascript URI in a BBCode img tag.
CVE-2000-1071 1 Netscape 1 Iplanet Ical 2026-04-16 N/A
The GUI installation for iCal 2.1 Patch 2 disables access control for the X server using an "xhost +" command, which allows remote attackers to monitor X Windows events and gain privileges.
CVE-2000-1085 1 Microsoft 2 Data Engine, Sql Server 2026-04-16 N/A
The xp_peekqueue function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability.
CVE-2000-1087 1 Microsoft 2 Data Engine, Sql Server 2026-04-16 N/A
The xp_proxiedmetadata function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability.
CVE-2006-0370 1 Noah Medling 1 Rcblog 2026-04-16 N/A
Noah Medling RCBlog 1.03 stores the data and config directories under the web root with insufficient access control, which allows remote attackers to view account names and MD5 password hashes.
CVE-2000-1093 1 Aol 1 Instant Messenger 2026-04-16 N/A
Buffer overflow in AOL Instant Messenger before 4.3.2229 allows remote attackers to execute arbitrary commands via a long "goim" command.