Export limit exceeded: 359645 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359645 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-4614 | 1 Pocket Pc | 1 Pocket Pc | 2026-04-16 | N/A |
| PDAapps Verichat for Pocket PC 1.30bh stores usernames and passwords in plaintext in the Windows Mobile registry, which allows local users to obtain sensitive information via keys under \HKEY_CURRENT_USER\Software\PDAapps\VeriChat. | ||||
| CVE-1999-1451 | 1 Microsoft | 2 Internet Information Server, Site Server | 2026-04-16 | N/A |
| The Winmsdp.exe sample file in IIS 4.0 and Site Server 3.0 allows remote attackers to read arbitrary files. | ||||
| CVE-1999-1478 | 1 Microsoft | 1 Internet Information Server | 2026-04-16 | N/A |
| The Sun HotSpot Performance Engine VM allows a remote attacker to cause a denial of service on any server running HotSpot via a URL that includes the [ character. | ||||
| CVE-1999-1496 | 3 Debian, Redhat, Todd Miller | 3 Debian Linux, Linux, Sudo | 2026-04-16 | N/A |
| Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 allows local users to determine the existence of arbitrary files by attempting to execute the target filename as a program, which generates a different error message when the file does not exist. | ||||
| CVE-2006-0755 | 1 Dotproject | 1 Dotproject | 2026-04-16 | 5.6 Medium |
| Multiple PHP remote file include vulnerabilities in dotProject 2.0.1 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary commands via the baseDir parameter in (1) db_adodb.php, (2) db_connect.php, (3) session.php, (4) vw_usr_roles.php, (5) calendar.php, (6) date_format.php, and (7) tasks/gantt.php; and the dPconfig[root_dir] parameter in (8) projects/gantt.php, (9) gantt2.php, and (10) vw_files.php. NOTE: the vendor disputes this issue, stating that the product documentation clearly recommends that the system administrator disable register_globals, and that the check.php script warns against this setting. Also, the vendor says that the protection.php/siteurl vector is incorrect because protection.php does not exist in the product | ||||
| CVE-1999-1516 | 1 Tenfour | 1 Tfs Gateway Smtp | 2026-04-16 | N/A |
| A buffer overflow in TenFour TFS Gateway SMTP mail server 3.2 allows an attacker to crash the mail server and possibly execute arbitrary code by offering more than 128 bytes in a MAIL FROM string. | ||||
| CVE-1999-1524 | 1 Flowpoint | 1 Flowpoint Dsl Router | 2026-04-16 | N/A |
| FlowPoint DSL router firmware versions prior to 3.0.8 allows a remote attacker to exploit a password recovery feature from the network and conduct brute force password guessing, instead of limiting the feature to the serial console port. | ||||
| CVE-2006-4764 | 1 Wtools | 1 Wtools | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in common.php in Thomas LETE WTools 0.0.1-ALPH allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter. | ||||
| CVE-1999-1548 | 1 Cabletron | 1 Smartswitch Router 8000 Firmware | 2026-04-16 | N/A |
| Cabletron SmartSwitch Router (SSR) 8000 firmware 2.x can only handle 200 ARP requests per second allowing a denial of service attack to succeed with a flood of ARP requests exceeding that limit. | ||||
| CVE-1999-1553 | 1 Xcmail | 1 Xcmail | 2026-04-16 | N/A |
| Buffer overflow in XCmail 0.99.6 with autoquote enabled allows remote attackers to execute arbitrary commands via a long subject line. | ||||
| CVE-1999-1573 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Multiple unknown vulnerabilities in the "r-cmnds" (1) remshd, (2) rexecd, (3) rlogind, (4) rlogin, (5) remsh, (6) rcp, (7) rexec, and (8) rdist for HP-UX 10.00 through 11.00 allow attackers to gain privileges or access files. | ||||
| CVE-1999-1575 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.ocx), (4) Thumbnail Image (imgthumb.ocx), (5) Image Admin (imgadmin.ocx), (6) HHOpen (hhopen.ocx), (7) Registration Wizard (regwizc.dll), and (8) IE Active Setup (setupctl.dll) ActiveX controls for Internet Explorer (IE) 4.01 and 5.0 are marked as "Safe for Scripting," which allows remote attackers to create and modify files and execute arbitrary commands. | ||||
| CVE-2006-0756 | 1 Dotproject | 1 Dotproject | 2026-04-16 | N/A |
| dotProject 2.0.1 and earlier leaves (1) phpinfo.php and (2) check.php accessible under the /docs/ directory after installation, which allows remote attackers to obtain sensitive configuration information. NOTE: the vendor disputes this issue, saying that it could only occur if the administrator ignores the installation instructions as well as warnings generated by check.php | ||||
| CVE-1999-1577 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Buffer overflow in HHOpen ActiveX control (hhopen.ocx) 1.0.0.1 for Internet Explorer 4.01 and 5 allows remote attackers to execute arbitrary commands via long arguments to the OpenHelp method. | ||||
| CVE-1999-1592 | 2 Sendmail, Sun | 2 Sendmail, Sunos | 2026-04-16 | N/A |
| Multiple unspecified vulnerabilities in sendmail 5, as installed on Sun SunOS 4.1.3_U1 and 4.1.4, have unspecified attack vectors and impact. NOTE: this might overlap CVE-1999-0129. | ||||
| CVE-2000-0029 | 1 Sco | 1 Unixware | 2026-04-16 | N/A |
| UnixWare pis and mkpis commands allow local users to gain privileges via a symlink attack. | ||||
| CVE-2000-0058 | 1 Handspring | 1 Visor Network Hotsync | 2026-04-16 | N/A |
| Network HotSync program in Handspring Visor does not have authentication, which allows remote attackers to retrieve email and files. | ||||
| CVE-2000-0067 | 1 Cybercash | 1 Merchant Connection Kit | 2026-04-16 | N/A |
| CyberCash Merchant Connection Kit (MCK) allows local users to modify files via a symlink attack. | ||||
| CVE-2000-0072 | 1 Computer Power Solutions | 1 Visual Casel | 2026-04-16 | N/A |
| Visual Casel (Vcasel) does not properly prevent users from executing files, which allows local users to use a relative pathname to specify an alternate file which has an approved name and possibly gain privileges. | ||||
| CVE-2006-4780 | 1 Phpbbxs | 1 Phpbb Xs | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in includes/functions.php in phpBB XS 0.58 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | ||||