Export limit exceeded: 345093 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 345093 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345093 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-4982 | 1 Cisco | 1 Network Access Control | 2026-04-16 | N/A |
| Cisco NAC maintains an exception list that does not record device properties other than MAC address, which allows physically proximate attackers to bypass control methods and join a local network by spoofing the MAC address of a different type of device, as demonstrated by using the MAC address of a disconnected printer. | ||||
| CVE-2006-4985 | 1 Grayscale | 1 Bandsite Cms | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Grayscale BandSite CMS allow remote attackers to inject arbitrary web script or HTML via (1) the max_file_size_purdy parameter in adminpanel/includes/helpfiles/help_mp3.php, (2) the message_text parameter in adminpanel/includes/mailinglist/sendemail.php, (3) the this_year parameter in includes/footer.php, and the band parameter in (4) adminpanel/includes/helpfiles/help_news.php (5) adminpanel/includes/helpfiles/help_merch.php, (6) adminpanel/includes/header.php, and (7) adminpanel/login_header.php; and includes/content/ files including (8) bio_content.php, (9) gbook_content.php, (10) interview_content.php, (11) links_content.php, (12) lyrics_content.php, (13) member_content.php, (14) merch_content.php, (15) mp3_content.php, (16) news_content.php, (17) pastshows_content.php, (18) photo_content.php, (19) releases_content.php, (20) reviews_content.php, (21) shows_content.php, and (22) signgbook_content.php. | ||||
| CVE-2006-4989 | 1 Patrick Michaelis | 1 Wili-cms | 2026-04-16 | N/A |
| Patrick Michaelis Wili-CMS allows remote attackers to obtain sensitive information via a direct request for (1) thumbnail.php, (2) functions/admin/all.php, (3) functions/admin/init_session.php, (4) functions/all.php, and (5) certain files in example-view/admin_templates/, which reveals the path in various error messages. | ||||
| CVE-2006-4996 | 1 Joomla | 1 Joomlalib | 2026-04-16 | N/A |
| Unspecified vulnerability in JoomlaLib (com_joomlalib) before 1.2.2 for Joomla! allows remote attackers to have an unknown impact, related to "Joomla globals hacked by script kiddies." | ||||
| CVE-2006-5000 | 2 Ipswitch, Progress | 2 Ws Ftp Server, Ws Ftp Server | 2026-04-16 | N/A |
| Multiple buffer overflows in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, have unknown impact and remote authenticated attack vectors via the (1) XCRC, (2) XMD5, and (3) XSHA1 commands. NOTE: in the early publication of this identifier on 20060926, the description was used for the wrong issue. | ||||
| CVE-2006-5001 | 2 Ipswitch, Progress | 2 Ws Ftp Server, Ws Ftp Server | 2026-04-16 | N/A |
| Unspecified vulnerability in the log analyzer in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, prevents certain sensitive information from being displayed in the (1) Files and (2) Summary tabs. NOTE: in the early publication of this identifier on 20060926, the description was used for the wrong issue. | ||||
| CVE-1999-0032 | 5 Bsdi, Freebsd, Next and 2 more | 5 Bsd Os, Freebsd, Nextstep and 2 more | 2026-04-16 | N/A |
| Buffer overflow in lpr, as used in BSD-based systems including Linux, allows local users to execute arbitrary code as root via a long -C (classification) command line option. | ||||
| CVE-1999-0077 | 1 Microsoft | 1 Windows Nt | 2026-04-16 | N/A |
| Predictable TCP sequence numbers allow spoofing. | ||||
| CVE-1999-1022 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| serial_ports administrative program in IRIX 4.x and 5.x trusts the user's PATH environmental variable to find and execute the ls program, which allows local users to gain root privileges via a Trojan horse ls program. | ||||
| CVE-1999-1194 | 1 Digital | 1 Ultrix | 2026-04-16 | N/A |
| chroot in Digital Ultrix 4.1 and 4.0 is insecurely installed, which allows local users to gain privileges. | ||||
| CVE-1999-1198 | 1 Next | 1 Next | 2026-04-16 | N/A |
| BuildDisk program on NeXT systems before 2.0 does not prompt users for the root password, which allows local users to gain root privileges. | ||||
| CVE-1999-1239 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| HP-UX 9.x does not properly enable the Xauthority mechanism in certain conditions, which could allow local users to access the X display even when they have not explicitly been authorized to do so. | ||||
| CVE-1999-1384 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| Indigo Magic System Tour in the SGI system tour package (systour) for IRIX 5.x through 6.3 allows local users to gain root privileges via a Trojan horse .exitops program, which is called by the inst command that is executed by the RemoveSystemTour program. | ||||
| CVE-1999-1413 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Solaris 2.4 before kernel jumbo patch -35 allows set-gid programs to dump core even if the real user id is not in the set-gid group, which allows local users to overwrite or create files at higher privileges by causing a core dump, e.g. through dmesg. | ||||
| CVE-1999-1491 | 1 Redhat | 1 Linux | 2026-04-16 | N/A |
| abuse.console in Red Hat 2.1 uses relative pathnames to find and execute the undrv program, which allows local users to execute arbitrary commands via a path that points to a Trojan horse program. | ||||
| CVE-2004-0302 | 1 Fools Workshop | 1 Owls Workshop | 2026-04-16 | N/A |
| Directory traversal vulnerability in OWLS 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the (1) file parameter in index.php, (2) editfile in glossary.php, or (3) editfile in newmultiplechoice.php. | ||||
| CVE-2004-2670 | 1 Endonesia | 1 Endonesia | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in mod.php in eNdonesia 8.3 allow remote attackers to inject arbitrary web script or HTML via (1) the mod parameter in a viewcat operation or (2) the query parameter in a search operation in the publisher module. | ||||
| CVE-1999-0448 | 1 Microsoft | 1 Internet Information Server | 2026-04-16 | N/A |
| IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request. | ||||
| CVE-1999-0008 | 2 Hp, Sun | 3 Hp-ux, Solaris, Sunos | 2026-04-16 | N/A |
| Buffer overflow in NIS+, in Sun's rpc.nisd program. | ||||
| CVE-2000-0014 | 1 Michael Lamont | 1 Savant Webserver | 2026-04-16 | N/A |
| Denial of service in Savant web server via a null character in the requested URL. | ||||