Export limit exceeded: 364152 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364152 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-2221 2 Bitrock, Process-one 2 Install Builder, Ejabberd 2026-04-16 N/A
A third-party installer generation tool, possibly BitRock InstallBuilder, as used in products including Process-one ejabberd 1.1.1_1 and earlier, generates an installer that allows local users to cause a denial of service via a symlink attack on the bitrock_installer.log temporary file. NOTE: it is possible that this vulnerability is present in other products that use this installer.
CVE-2001-0665 1 Microsoft 1 Ie 2026-04-16 N/A
Internet Explorer 6 and earlier allows remote attackers to cause certain HTTP requests to be automatically executed and appear to come from the user, which could allow attackers to gain privileges or execute operations within web-based services, aka the "HTTP Request Encoding vulnerability."
CVE-2006-2227 1 Punbb 1 Punbb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in misc.php in PunBB 1.2.11 allows remote attackers to inject arbitrary web script or HTML via the req_message parameter, because the value of the redirect_url parameter is not sanitized.
CVE-2006-2228 1 W-agora 1 W-agora 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in w-Agora (aka Web-Agora) 4.2.0 allows remote attackers to inject arbitrary web script or HTML via a post with a BBCode tag that contains a JavaScript event name followed by whitespace before the '=' (equals) character, which bypasses a restrictive regular expression that attempts to remove onmouseover and other events.
CVE-2001-0666 1 Microsoft 1 Exchange Server 2026-04-16 N/A
Outlook Web Access (OWA) in Microsoft Exchange 2000 allows an authenticated user to cause a denial of service (CPU consumption) via a malformed OWA request for a deeply nested folder within the user's mailbox.
CVE-2001-0671 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflows in (1) send_status, (2) kill_print, and (3) chk_fhost in lpd in AIX 4.3 and 5.1 allow remote attackers to gain root privileges.
CVE-2001-0674 1 Robtex 1 Viking Server 2026-04-16 N/A
Directory traversal vulnerability in RobTex Viking Web server before 1.07-381 allows remote attackers to read arbitrary files via a hexadecimal encoded dot-dot attack (eg. http://www.server.com/%2e%2e/%2e%2e) in an HTTP URL request.
CVE-2001-0676 1 Ritlabs 1 The Bat 2026-04-16 N/A
Directory traversal vulnerability in Rit Research Labs The Bat! 1.48f and earlier allows a remote attacker to create arbitrary files via a "dot dot" attack in the filename for an attachment.
CVE-2006-2240 1 Fujitsu 4 Netshelter Fw, Netshelter Fw-l, Netshelter Fw-m and 1 more 2026-04-16 N/A
Unspecified vulnerability in the (1) web cache or (2) web proxy in Fujitsu NetShelter/FW allows remote attackers to cause a denial of service (device unresponsiveness) via certain DNS packets, as demonstrated by the OUSPG PROTOS DNS test suite.
CVE-2006-2259 1 Maxxcode 1 Maxxschedule 2026-04-16 N/A
SQL injection vulnerability in Logon.asp in MaxxSchedule 1.0 allows remote attackers to execute arbitrary SQL commands via the txtLogon parameter.
CVE-2001-0678 1 Trend Micro 2 Interscan Viruswall, Interscan Webmanager 2026-04-16 N/A
A buffer overflow in reggo.dll file used by Trend Micro InterScan VirusWall prior to 3.51 build 1349 for Windows NT 3.5 and InterScan WebManager 1.2 allows a local attacker to execute arbitrary code.
CVE-2001-0679 1 Trend Micro 1 Interscan Viruswall 2026-04-16 N/A
A buffer overflow in InterScan VirusWall 3.23 and 3.3 allows a remote attacker to execute arbitrary code by sending a long HELO command to the server.
CVE-2001-0684 1 Netscape 1 Collabra Server 2026-04-16 N/A
Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to cause a denial of service by sending seven or more characters to TCP port 5239.
CVE-2006-2274 2 Lksctp, Redhat 2 Stream Control Transmission Protocol, Enterprise Linux 2026-04-16 N/A
Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (infinite recursion and crash) via a packet that contains two or more DATA fragments, which causes an skb pointer to refer back to itself when the full message is reassembled, leading to infinite recursion in the sctp_skb_pull function.
CVE-2006-2276 2 Quagga, Redhat 2 Quagga, Enterprise Linux 2026-04-16 N/A
bgpd in Quagga 0.98 and 0.99 before 20060504 allows local users to cause a denial of service (CPU consumption) via a certain sh ip bgp command entered in the telnet interface.
CVE-2001-0687 1 Transsoft 1 Broker Ftp Server 2026-04-16 N/A
Broker FTP server 5.9.5 for Windows NT and 9x allows a remote attacker to retrieve privileged web server system information by (1) issuing a CD command (CD C:) followed by the LS command, (2) specifying arbitrary paths in the UNC format (\\computername\sharename).
CVE-2004-0032 1 Phpgedview 1 Phpgedview 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in search.php in PHPGEDVIEW 2.61 allows remote attackers to inject arbitrary HTML and web script via the firstname parameter.
CVE-2006-2284 2 Claroline, Dokeos 2 Claroline, Dokeos 2026-04-16 N/A
Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.5 allow remote attackers to execute arbitrary PHP code via a URL in the (1) clarolineRepositorySys parameter in ldap.inc.php and the (2) claro_CasLibPath parameter in casProcess.inc.php.
CVE-2001-0688 1 Transsoft 1 Broker Ftp Server 2026-04-16 N/A
Broker FTP Server 5.9.5.0 allows a remote attacker to cause a denial of service by repeatedly issuing an invalid CD or CWD ("CD . .") command.
CVE-2001-0690 4 Conectiva, Debian, Redhat and 1 more 5 Linux, Debian Linux, Linux and 2 more 2026-04-16 N/A
Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers.