Export limit exceeded: 346018 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346018 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-1280 | 1 Ipswitch | 1 Imail | 2026-04-16 | N/A |
| POP3 Server for Ipswitch IMail 7.04 and earlier generates different responses to valid and invalid user names, which allows remote attackers to determine users on the system. | ||||
| CVE-2006-1401 | 1 Php Lite | 1 Calendar Express | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in search.php in Calendar Express 2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) allwords or (2) oneword parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2001-1286 | 1 Ipswitch | 1 Imail | 2026-04-16 | N/A |
| Ipswitch IMail 7.04 and earlier stores a user's session ID in a URL, which could allow remote attackers to hijack sessions by obtaining the URL, e.g. via an HTML email that causes the Referrer to be sent to a URL under the attacker's control. | ||||
| CVE-2001-1287 | 1 Ipswitch | 1 Imail | 2026-04-16 | N/A |
| Buffer overflow in Web Calendar in Ipswitch IMail 7.04 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | ||||
| CVE-2001-1290 | 1 Active Web Suite Technologies | 1 Active Classifieds | 2026-04-16 | N/A |
| admin.cgi in Active Classifieds Free Edition 1.0, and possibly commercial versions, allows remote attackers to modify the configuration, gain privileges, and execute arbitrary Perl code via the table_width parameter. | ||||
| CVE-2001-1291 | 1 3com | 2 Superstack Ii Ps Hub 40, Superstack Ii Ps Hub 40 Firmware | 2026-04-16 | 9.8 Critical |
| The telnet server for 3Com hardware such as PS40 SuperStack II does not delay or disconnect remote attackers who provide an incorrect username or password, which makes it easier to break into the server via brute force password guessing. | ||||
| CVE-2001-1292 | 1 Sambar | 1 Sambar Server | 2026-04-16 | N/A |
| Sambar Telnet Proxy/Server allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long password. | ||||
| CVE-2001-1293 | 1 3com | 1 3cr29223 | 2026-04-16 | N/A |
| Buffer overflow in web server of 3com HomeConnect Cable Modem External with USB (#3CR29223) allows remote attackers to cause a denial of service (crash) via a long HTTP request. | ||||
| CVE-2006-1402 | 1 Csdoom | 1 Csdoom | 2026-04-16 | N/A |
| Buffer overflow in client/server Doom (csDoom) 0.7 and earlier allows remote attackers to (1) cause a denial of service via a long nickname or teamname to the SV_SetupUserInfo function or (2) execute arbitrary code via a long string sent when joining a match or a long chat message to the SV_BroadcastPrintf function. | ||||
| CVE-2006-1239 | 1 Countersoft | 1 Gemini | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in issue/createissue.aspx in Gemini 2.0 allows remote attackers to inject arbitrary web script or HTML via the rtcDescription$RadEditor1 field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-2844 | 1 Redaxo | 1 Redaxo | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Redaxo 3.0 allow remote attackers to execute arbitrary PHP code via a URL in the REX[INCLUDE_PATH] parameter to (1) simple_user/pages/index.inc.php and (2) stats/pages/index.inc.php. | ||||
| CVE-2001-0612 | 1 Mcafee | 1 Remote Desktop 32 | 2026-04-16 | N/A |
| McAfee Remote Desktop 3.0 and earlier allows remote attackers to cause a denial of service (crash) via a large number of packets to port 5045. | ||||
| CVE-2006-0547 | 1 Oracle | 1 Database Server | 2026-04-16 | N/A |
| Oracle Database 8i, 9i, and 10g allow remote authenticated users to execute arbitrary SQL statements in the context of the SYS user and bypass audit logging, including statements to create new privileged database accounts, via a modified AUTH_ALTER_SESSION attribute in the authentication phase of the Transparent Network Substrate (TNS) protocol. NOTE: due to the lack of relevant details from the Oracle advisory, a separate CVE is being created since it cannot be conclusively proven that this issue has been addressed by Oracle. It is possible that this is the same issue as Oracle Vuln# DB18 from the January 2006 CPU, in which case this would be subsumed by CVE-2006-0265. | ||||
| CVE-2001-0615 | 1 Faust Informatics | 1 Freestyle Chat | 2026-04-16 | N/A |
| Directory traversal vulnerability in Faust Informatics Freestyle Chat server prior to 4.1 SR3 allows a remote attacker to read arbitrary files via a specially crafted URL which includes variations of a '..' (dot dot) attack such as '...' or '....'. | ||||
| CVE-2006-1246 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Unspecified vulnerability in mklvcopy in BOS.RTE.LVM in IBM AIX 5.3 allows local users to execute arbitrary commands when mklvcopy calls external commands, possibly due to an untrusted search path vulnerability. | ||||
| CVE-2001-0617 | 1 Alliedtelesyn | 1 At-ar220e | 2026-04-16 | N/A |
| Allied Telesyn AT-AR220e cable/DSL router firmware 1.08a RC14 with the portmapper and the 'Virtual Server' enabled can allow a remote attacker to gain access to mapped services even though the single portmappings may be disabled. | ||||
| CVE-2001-0618 | 1 Lucent | 1 Orinoco Rg-1000 | 2026-04-16 | N/A |
| Orinoco RG-1000 wireless Residential Gateway uses the last 5 digits of the 'Network Name' or SSID as the default Wired Equivalent Privacy (WEP) encryption key. Since the SSID occurs in the clear during communications, a remote attacker could determine the WEP key and decrypt RG-1000 traffic. | ||||
| CVE-2001-0623 | 1 Sendfile | 1 Sendfile | 2026-04-16 | N/A |
| sendfiled, as included with Simple Asynchronous File Transfer (SAFT), on various Linux systems does not properly drop privileges when sending notification emails, which allows local attackers to gain privileges. | ||||
| CVE-2006-1247 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2001-0625 | 1 Broadcom | 1 Inoculateit | 2026-04-16 | N/A |
| ftpdownload in Computer Associates InoculateIT 6.0 allows a local attacker to overwrite arbitrary files via a symlink attack on /tmp/ftpdownload.log . | ||||