Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-2486 1 Yapbb 1 Yapbb 2026-04-16 N/A
SQL injection vulnerability in find.php in YapBB 1.2 Beta2 and earlier allows remote attackers to execute arbitrary SQL commands via the userID parameter.
CVE-1999-0381 2 Debian, Linux 2 Debian Linux, Linux Kernel 2026-04-16 N/A
super 3.11.6 and other versions have a buffer overflow in the syslog utility which allows a local user to gain root access.
CVE-1999-0390 2 Redhat, Suse 2 Linux, Suse Linux 2026-04-16 N/A
Buffer overflow in Dosemu Slang library in Linux.
CVE-2001-0163 1 Cisco 1 Aironet Ap340 2026-04-16 N/A
Cisco AP340 base station produces predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections.
CVE-1999-0125 3 Redhat, Sgi, Sun 4 Linux, Irix, Solaris and 1 more 2026-04-16 N/A
Buffer overflow in SGI IRIX mailx program.
CVE-2006-2931 1 Hotwebscripts 1 Cms Mundo 2026-04-16 N/A
CMS Mundo before 1.0 build 008 does not properly verify uploaded image files, which allows remote attackers to execute arbitrary PHP code by uploading and later directly accessing certain files.
CVE-1999-0391 1 Microsoft 3 Terminal Server, Windows 2000, Windows Nt 2026-04-16 N/A
The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user.
CVE-1999-0393 1 Eric Allman 1 Sendmail 2026-04-16 N/A
Remote attackers can cause a denial of service in Sendmail 8.8.x and 8.9.2 by sending messages with a large number of headers.
CVE-1999-0394 2026-04-16 N/A
DPEC Online Courseware allows an attacker to change another user's password without knowing the original password.
CVE-2006-2630 1 Symantec 2 Client Security, Norton Antivirus 2026-04-16 N/A
Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Security 3.1 allows remote attackers to execute arbitrary code via unknown attack vectors.
CVE-2006-3252 1 Algorithmic Research 1 Privatewire Gateway 2026-04-16 N/A
Buffer overflow in the Online Registration Facility for Algorithmic Research PrivateWire VPN software up to 3.7 allows remote attackers to execute arbitrary code via a long GET request.
CVE-2006-2634 1 Neocrome 1 Seditio 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Neocrome Land Down Under (LDU) in Neocrome Seditio 102 allows remote attackers to inject arbitrary web script or HTML via an HTTP Referer field.
CVE-2001-0154 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
HTML e-mail feature in Internet Explorer 5.5 and earlier allows attackers to execute attachments by setting an unusual MIME type for the attachment, which Internet Explorer does not process correctly.
CVE-1999-0399 1 Khaled Mardam-bey 1 Mirc 2026-04-16 N/A
The DCC server command in the Mirc 5.5 client doesn't filter characters from file names properly, allowing remote attackers to place a malicious file in a different location, possibly allowing the attacker to execute commands.
CVE-2006-2716 1 Secure Elements 1 C5 Enterprise Vulnerability Management 2026-04-16 N/A
Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 uses a hard-coded user ID and password, which allows remote attackers to gain access to the server.
CVE-1999-0401 1 Linux 1 Linux Kernel 2026-04-16 N/A
A race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files.
CVE-2003-0774 2 Redhat, Sane 4 Enterprise Linux, Linux, Sane and 1 more 2026-04-16 N/A
saned in sane-backends 1.0.7 and earlier does not quickly handle connection drops, which allows remote attackers to cause a denial of service (segmentation fault) when invalid memory is accessed.
CVE-2006-2729 1 Jan Chmelik 1 Photoalbum Bandw 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in superalbum/index.php in Photoalbum B&W 1.3 allows remote attackers to inject arbitrary web script or HTML via the gal parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-1070 1 Dvguestbook 1 Dvguestbook 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in dv_gbook.php in DVguestbook 1.0 allows remote attackers to inject arbitrary web script or HTML via the f parameter.
CVE-2006-2733 1 Mini-nuke 1 Mini-nuke 2026-04-16 N/A
membership.asp in Mini-Nuke 2.3 and earlier uses plaintext security codes, which allows remote attackers to register multiple times via automated scripts.