Export limit exceeded: 364436 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364436 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-2849 1 Andrew Godwin 1 Bytehoard 2026-04-16 N/A
PHP remote file inclusion vulnerability in includes/webdav/server.php in Bytehoard 2.1 Epsilon/Delta allows remote attackers to execute arbitrary PHP code via a URL in the bhconfig[bhfilepath] parameter.
CVE-2004-0841 2 Avaya, Microsoft 7 Definity One Media Server, Ip600 Media Servers, Modular Messaging Message Storage Server and 4 more 2026-04-16 N/A
Internet Explorer 6.x allows remote attackers to install arbitrary programs via mousedown events that call the Popup.show method and use drag-and-drop actions in a popup window, aka "HijackClick 3" and the "Script in Image Tag File Download Vulnerability."
CVE-2006-1960 1 Cisco 1 Wireless Lan Solution Engine 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the appliance web user interface in Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express before 2.13 allows remote attackers to inject arbitrary web script or HTML, possibly via the displayMsg parameter to archiveApplyDisplay.jsp, aka bug ID CSCsc01095.
CVE-2006-2850 1 Php Labware 1 Labwiki 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in recentchanges.php in PHP Labware LabWiki 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the help parameter.
CVE-2006-2853 1 Abarcar 1 Abarcar Realty Portal 2026-04-16 N/A
SQL injection vulnerability in content.php in abarcar Realty Portal 5.1.5 allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2006-2859 1 Mywebland 1 Mybloggie 2026-04-16 N/A
PHP remote file inclusion vulnerability in MyBloggie 2.1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mybloggie_root_path parameter to (1) admin.php or (2) scode.php. NOTE: this issue has been disputed in multiple third party followups, which say that the MyBloggie source code does not demonstrate the issue, so it might be the result of another module. CVE analysis as of 20060605 agrees with the dispute. In addition, scode.php is not part of the MyBloggie distribution
CVE-2006-2860 1 Webspot 1 Webspotblogging 2026-04-16 N/A
PHP remote file inclusion vulnerability in Webspotblogging 3.0.1 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) inc/logincheck.inc.php, (2) inc/adminheader.inc.php, (3) inc/global.php, or (4) inc/mainheader.inc.php. NOTE: some of these vectors were also reported for 3.0 in a separate disclosure.
CVE-2001-0057 1 Cisco 2 Broadband Operating System, Cisco 6xx Routers 2026-04-16 N/A
Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a large ICMP echo (ping) packet.
CVE-2001-0065 1 Max-wilhelm Bruker 1 Bftpd 2026-04-16 N/A
Buffer overflow in bftpd 1.0.13 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long SITE CHOWN command.
CVE-2001-0066 2 Kevin Lindsay, Redhat 2 Secure Locate, Linux 2026-04-16 N/A
Secure Locate (slocate) allows local users to corrupt memory via a malformed database file that specifies an offset value that accesses memory outside of the intended buffer.
CVE-2006-2861 1 Particle Soft 1 Particle Wiki 2026-04-16 N/A
SQL injection vulnerability in index.php in Particle Wiki 1.0.2 and earlier allows remote attackers to execute arbitrary SQL commands via the version parameter.
CVE-2006-2868 1 Claroline 1 Claroline 2026-04-16 N/A
Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.6 allow remote attackers to execute arbitrary PHP code via a URL in the includePath cookie to (1) auth/extauth/drivers/mambo.inc.php or (2) auth/extauth/drivers/postnuke.inc.php.
CVE-2001-0067 1 Judd Montgomery 1 Jpilot 2026-04-16 N/A
The installation of J-Pilot creates the .jpilot directory with the user's umask, which could allow local attackers to read other users' PalmOS backup information if their umasks are not securely set.
CVE-2001-0068 1 Apple 1 Mac Os Runtime For Java 2026-04-16 N/A
Mac OS Runtime for Java (MRJ) 2.2.3 allows remote attackers to use malicious applets to read files outside of the CODEBASE context via the ARCHIVE applet parameter.
CVE-2001-0069 1 Debian 1 Debian Linux 2026-04-16 N/A
dialog before 0.9a-20000118-3bis in Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack.
CVE-2001-0070 1 Upland Solutions 1 1st Up Mail Server 2026-04-16 N/A
Buffer overflow in 1st Up Mail Server 4.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long MAIL FROM command.
CVE-2001-0071 2 Gnu, Redhat 2 Privacy Guard, Linux 2026-04-16 N/A
gpg (aka GnuPG) 1.0.4 and other versions does not properly verify detached signatures, which allows attackers to modify the contents of a file without detection.
CVE-2002-0843 3 Apache, Oracle, Redhat 8 Http Server, Application Server, Database Server and 5 more 2026-04-16 N/A
Buffer overflows in the ApacheBench benchmark support program (ab.c) in Apache before 1.3.27, and Apache 2.x before 2.0.43, allow a malicious web server to cause a denial of service and possibly execute arbitrary code via a long response.
CVE-2001-0072 2 Gnu, Redhat 2 Privacy Guard, Linux 2026-04-16 N/A
gpg (aka GnuPG) 1.0.4 and other versions imports both public and private keys from public key servers without notifying the user about the private keys, which could allow an attacker to break the web of trust.
CVE-2001-0073 1 Nsa 1 Security-enhanced Linux 2026-04-16 N/A
Buffer overflow in the find_default_type function in libsecure in NSA Security-enhanced Linux, which may allow attackers to modify critical data in memory.