Export limit exceeded: 366858 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (366858 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-1044 | 1 Lsoft | 1 Listserv | 2026-04-16 | N/A |
| Multiple buffer overflows in LISTSERV 14.3 and 14.4, including LISTSERV Lite and HPO, with the web archive interface enabled, allow remote attackers to execute arbitrary code via unknown attack vectors related to the WA CGI. NOTE: technical details will be released after the grace period has ended on 20060603. | ||||
| CVE-2001-0099 | 1 Brian Stanback | 1 Bsguest.cgi | 2026-04-16 | N/A |
| bsguest.cgi guestbook script allows remote attackers to execute arbitrary commands via shell metacharacters in the email address. | ||||
| CVE-2001-0098 | 1 Bea | 1 Weblogic Server | 2026-04-16 | N/A |
| Buffer overflow in Bea WebLogic Server before 5.1.0 allows remote attackers to execute arbitrary commands via a long URL that begins with a ".." string. | ||||
| CVE-2001-0097 | 1 Infinite | 1 Infinite Interchange | 2026-04-16 | N/A |
| The Web interface for Infinite Interchange 3.6.1 allows remote attackers to cause a denial of service (application crash) via a large POST request. | ||||
| CVE-2001-0093 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| Vulnerability in telnetd in FreeBSD 1.5 allows local users to gain root privileges by modifying critical environmental variables that affect the behavior of telnetd. | ||||
| CVE-2001-0092 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| A function in Internet Explorer 5.0 through 5.5 does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a new variant of the "Frame Domain Verification" vulnerability. | ||||
| CVE-2006-1033 | 1 Cpg-nuke | 1 Dragonfly Cms | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Dragonfly CMS before 9.0.6.1 allow remote attackers to inject arbitrary web script or HTML via (1) uname, (2) error, (3) profile or (4) the username filed parameter to the (a) Your_Account module, (5) catid, (6) sid, (7) Story Text or (8) Extended text text fields in the (b) News module, (9) month, (10) year or (11) sa parameter to the (c) Stories_Archive module, (12) show, (13) cid, (14) ratetype, or (15) orderby parameter to the (d) Web_Links module, (16) op, or (17) pollid parameter to the (e) Surveys module, (18) c parameter to the (f) Downloads module, (19) meta, or (20) album parameter to the (g) coppermine module, or the search box in the (21) Search, (22) Stories_Archive, (23) Downloads, and (24) Topics module. | ||||
| CVE-2006-1945 | 1 Awstats | 1 Awstats | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in awstats.pl in AWStats 6.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the config parameter. NOTE: this might be the same core issue as CVE-2005-2732. | ||||
| CVE-2000-1197 | 1 University Of Washington | 1 Imap | 2026-04-16 | N/A |
| POP2 or POP3 server (pop3d) in imap-uw IMAP package on FreeBSD and other operating systems creates lock files with predictable names, which allows local users to cause a denial of service (lack of mail access) for other users by creating lock files for other mail boxes. | ||||
| CVE-2000-1198 | 1 Qualcomm | 1 Qpopper | 2026-04-16 | 5.5 Medium |
| qpopper POP server creates lock files with predictable names, which allows local users to cause a denial of service for other users (lack of mail access) by creating lock files for other mail boxes. | ||||
| CVE-2000-1199 | 1 Postgresql | 1 Postgresql | 2026-04-16 | N/A |
| PostgreSQL stores usernames and passwords in plaintext in (1) pg_shadow and (2) pg_pwd, which allows attackers with sufficient privileges to gain access to databases. | ||||
| CVE-2000-1201 | 1 Checkpoint | 1 Firewall-1 | 2026-04-16 | N/A |
| Check Point FireWall-1 allows remote attackers to cause a denial of service (high CPU) via a flood of packets to port 264. | ||||
| CVE-2006-1036 | 1 Oracle | 1 Diagnostics | 2026-04-16 | N/A |
| Multiple unspecified vulnerabilities in the Oracle Diagnostics module 2.2 and earlier have unknown impact and attack vectors, related to "permissions." | ||||
| CVE-2000-1207 | 1 Redhat | 1 Linux | 2026-04-16 | N/A |
| userhelper in the usermode package on Red Hat Linux executes non-setuid programs as root, which does not activate the security measures in glibc and allows the programs to be exploited via format string vulnerabilities in glibc via the LANG or LC_ALL environment variables (CVE-2000-0844). | ||||
| CVE-2000-1208 | 4 Immunix, Netbsd, Openbsd and 1 more | 4 Immunix, Netbsd, Openbsd and 1 more | 2026-04-16 | N/A |
| Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call. | ||||
| CVE-2000-1209 | 2 Compaq, Microsoft | 4 Insight Manager, Insight Manager Xe, Data Engine and 1 more | 2026-04-16 | N/A |
| The "sa" account is installed with a default null password on (1) Microsoft SQL Server 2000, (2) SQL Server 7.0, and (3) Data Engine (MSDE) 1.0, including third party packages that use these products such as (4) Tumbleweed Secure Mail (MMS) (5) Compaq Insight Manager, and (6) Visio 2000, which allows remote attackers to gain privileges, as exploited by worms such as Voyager Alpha Force and Spida. | ||||
| CVE-2000-1210 | 1 Apache | 1 Tomcat | 2026-04-16 | N/A |
| Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the argument to source.jsp. | ||||
| CVE-2000-1211 | 2 Redhat, Zope | 2 Powertools, Zope | 2026-04-16 | N/A |
| Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow attackers to perform unauthorized activities. | ||||
| CVE-2000-1212 | 2 Redhat, Zope | 2 Powertools, Zope | 2026-04-16 | N/A |
| Zope 2.2.0 through 2.2.4 does not properly protect a data updating method on Image and File objects, which allows attackers with DTML editing privileges to modify the raw data of these objects. | ||||
| CVE-1999-0933 | 1 Teamshare | 1 Teamtrack | 2026-04-16 | N/A |
| TeamTrack web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. | ||||