Export limit exceeded: 359675 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 359675 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359675 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0429 | 2 Linux, Redhat | 2 Linux Kernel, Linux | 2026-04-16 | N/A |
| The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a a binary compatibility interface (lcall). | ||||
| CVE-2006-0828 | 1 Xerox | 6 Workcentre 232, Workcentre 238, Workcentre 245 and 3 more | 2026-04-16 | N/A |
| Unspecified vulnerability in ESS/ Network Controller and MicroServer Web Server in Xerox WorkCentre Pro and Xerox WorkCentre running software 13.027.24.015 and 14.027.24.015 allows remote attackers to "reduce effectiveness of security features" via unknown attack vectors. | ||||
| CVE-2002-0546 | 1 Nullsoft | 1 Winamp | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in the mini-browser for Winamp 2.78 and 2.79 allows remote attackers to execute script via an ID3v1 or ID3v2 tag in an MP3 file. | ||||
| CVE-2006-0830 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| The scripting engine in Internet Explorer allows remote attackers to cause a denial of service (resource consumption) and possibly execute arbitrary code via a web page that contains a recurrent call to an infinite loop in Javascript or VBscript, which consumes the stack, as demonstrated by resetting the "location" variable within the loop. | ||||
| CVE-2002-0447 | 1 Xerver | 1 Xerver | 2026-04-16 | N/A |
| Directory traversal vulnerability in Xerver Free Web Server 2.10 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in an HTTP GET request. | ||||
| CVE-2002-0448 | 1 Xerver | 1 Xerver | 2026-04-16 | N/A |
| Xerver Free Web Server 2.10 and earlier allows remote attackers to cause a denial of service (crash) via an HTTP request that contains many "C:/" sequences. | ||||
| CVE-2006-0834 | 1 Uniden | 1 Uip1868p | 2026-04-16 | N/A |
| Uniden UIP1868P VoIP Telephone and Router has a default password of admin for the web-based configuration utility, which allows remote attackers to obtain sensitive information on the device such as telephone numbers called, and possibly connect to other hosts. NOTE: it is possible that this password was configured by a reseller, not the original vendor; if so, then this is not a vulnerability in the product. | ||||
| CVE-2002-0454 | 1 Qualcomm | 1 Qpopper | 2026-04-16 | N/A |
| Qpopper (aka in.qpopper or popper) 4.0.3 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a very large string, which causes an infinite loop. | ||||
| CVE-2002-0458 | 1 Linux-sottises | 1 News-tnk | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in News-TNK 1.2.1 and earlier allows remote attackers to execute arbitrary Javascript via the WEB parameter. | ||||
| CVE-2006-0835 | 1 Mitridat | 1 Web Calendar Pro | 2026-04-16 | N/A |
| SQL injection vulnerability in dropbase.php in MitriDAT Web Calendar Pro allows remote attackers to modify internal SQL queries and cause a denial of service (inaccessible database) via the tabls parameter. | ||||
| CVE-2006-0836 | 1 Mozilla | 1 Thunderbird | 2026-04-16 | N/A |
| Mozilla Thunderbird 1.5 allows user-assisted attackers to cause an unspecified denial of service by tricking the user into importing an LDIF file with a long field into the address book, as demonstrated by a long homePhone field. | ||||
| CVE-2006-0837 | 1 Micromuse | 1 Netcool Neusecure | 2026-04-16 | N/A |
| IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 has world-readable permissions for (1) /etc/neusecure.conf, (2) /opt/NeuSecure/etc/cms-3.0.236.buildconf, and (3) /opt/NeuSecure/bin/ns_archiver.log, which allows local users to read sensitive information such as passwords. NOTE: IBM has privately confirmed to CVE that a fix is available for these issues. | ||||
| CVE-2006-4707 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in admin/global.php (aka the Admin CP login form) in MyBB (aka MyBulletinBoard) 1.1.7 allows remote attackers to inject arbitrary web script or HTML via the query string ($_SERVER[PHP_SELF]). | ||||
| CVE-2002-0480 | 1 Iss | 1 Realsecure Nokia | 2026-04-16 | N/A |
| ISS RealSecure for Nokia devices before IPSO build 6.0.2001.141d is configured to allow a user "skank" on a machine "starscream" to become a key manager when the "first time connection" feature is enabled and before any legitimate administrators have connected, which could allow remote attackers to gain access to the device during installation. | ||||
| CVE-2006-0838 | 1 Micromuse | 1 Netcool Neusecure | 2026-04-16 | N/A |
| IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 stores cleartext passwords in the (1) CMS_DBPASS, (2) CMSM_DBPASS, and (3) RPT_DBPASS fields in /etc/neusecure.conf, and in (4) /opt/NeuSecure/bin/ns_archiver.log, which allows local users to gain privileges. NOTE: IBM has privately confirmed to CVE that a fix is available for these issues. | ||||
| CVE-2006-4714 | 1 Spoonlabs | 1 Vivvo Article Management Cms | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in index.php in SpoonLabs Vivvo Article Management CMS (aka phpWordPress) 3.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the classified_path parameter. | ||||
| CVE-2002-1550 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| dump_smutil.sh in IBM AIX allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2001-0153 | 1 Microsoft | 2 Visual Basic, Visual Studio | 2026-04-16 | N/A |
| Buffer overflow in VB-TSQL debugger object (vbsdicli.exe) in Visual Studio 6.0 Enterprise Edition allows remote attackers to execute arbitrary commands. | ||||
| CVE-2006-0843 | 1 Leif M. Wright | 1 Web Blog | 2026-04-16 | N/A |
| Leif M. Wright's Blog 3.5 stores the config file and other txt files under the web root with insufficient access control, which allows remote attackers to read the administrator's password. | ||||
| CVE-2006-4716 | 1 Fire Soft Board | 1 Fire Soft Board | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in demarrage.php in Fire Soft Board (FSB) RC3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the racine parameter. | ||||