Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0827 2 Microsoft, Netscape 3 Ie, Internet Explorer, Navigator 2026-04-16 N/A
By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing.
CVE-1999-0835 3 Ibm, Sco, Sun 4 Aix, Openserver, Unixware and 1 more 2026-04-16 N/A
Denial of service in BIND named via malformed SIG records.
CVE-2004-0534 1 Businessobjects 2 Infoview, Webintelligence 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Business Objects InfoView 5.1.4 through 5.1.8 for WebIntelligence 2.7.0 through 2.7.4 allows remote attackers to inject arbitrary web script or HTML via document names when uploading a document.
CVE-1999-0851 3 Ibm, Sco, Sun 4 Aix, Openserver, Unixware and 1 more 2026-04-16 N/A
Denial of service in BIND named via naptr.
CVE-1999-0873 1 Sky Communications 1 Skyfull 2026-04-16 N/A
Buffer overflow in Skyfull mail server via MAIL FROM command.
CVE-1999-0856 1 Slackware 1 Slackware Linux 2026-04-16 N/A
login in Slackware 7.0 allows remote attackers to identify valid users on the system by reporting an encryption error when an account is locked or does not exist.
CVE-1999-0859 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly.
CVE-2000-0431 1 Sun 2 Cobalt Raq 2, Cobalt Raq 3i 2026-04-16 N/A
Cobalt RaQ2 and RaQ3 does not properly set the access permissions and ownership for files that are uploaded via FrontPage, which allows attackers to bypass cgiwrap and modify files.
CVE-2006-2647 1 Ibm 1 Aix 2026-04-16 N/A
Untrusted search path vulnerability in update_flash for IBM AIX 5.1, 5.2 and 5.3 allows local users to execute arbitrary commands via unknown vectors involving lsmcode and possibly other commands.
CVE-2006-2643 1 Circle R 1 Monster Top List 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in Monster Top List (MTL) 1.4 allows remote attackers to inject arbitrary web script or HTML via the user_error_message parameter.
CVE-1999-0880 2 Bsdi, Caldera 2 Bsd Os, Openlinux 2026-04-16 N/A
Denial of service in WU-FTPD via the SITE NEWER command, which does not free memory properly.
CVE-1999-0903 1 Ibm 1 Aix 2026-04-16 N/A
genfilt in the AIX Packet Filtering Module does not properly filter traffic to destination ports greater than 32767.
CVE-1999-0910 1 Microsoft 3 Commercial Internet System, Site Server, Site Server Commerce 2026-04-16 N/A
Microsoft Site Server and Commercial Internet System (MCIS) do not set an expiration for a cookie, which could then be cached by a proxy and inadvertently used by a different user.
CVE-2006-2675 1 Ubbcentral 1 Ubb.threads 2026-04-16 N/A
PHP remote file inclusion vulnerability in ubbt.inc.php in UBBThreads 5.x and 6.x allows remote attackers to execute arbitrary PHP code via a URL in the (1) thispath or (2) configdir parameters.
CVE-2006-2692 1 Amule 1 Amule 2026-04-16 N/A
Multiple unspecified vulnerabilities in aMuleWeb for AMule before 2.1.2 allow remote attackers to read arbitrary image, HTML, or PHP files via unknown vectors, probably related to directory traversal.
CVE-1999-0920 1 University Of Washington 2 Imap, Pop2d 2026-04-16 N/A
Buffer overflow in the pop-2d POP daemon in the IMAP package allows remote attackers to gain privileges via the FOLD command.
CVE-1999-0933 1 Teamshare 1 Teamtrack 2026-04-16 N/A
TeamTrack web server allows remote attackers to read arbitrary files via a .. (dot dot) attack.
CVE-1999-1584 1 Sun 2 Openwindows, Sunos 2026-04-16 N/A
Unknown vulnerability in (1) loadmodule, and (2) modload if modload is installed with setuid/setgid privileges, in SunOS 4.1.1 through 4.1.3c, and Open Windows 3.0, allows local users to gain root privileges via environment variables, a different vulnerability than CVE-1999-1586.
CVE-2006-3905 1 Mywebland 1 Mybloggie 2026-04-16 N/A
SQL injection vulnerability in Webland MyBloggie 2.1.3 allows remote attackers to execute arbitrary SQL commands via the (1) post_id parameter in index.php and (2) search function.
CVE-2004-0800 2 Avaya, Sun 4 Call Management System Server, Dtmail, Solaris and 1 more 2026-04-16 N/A
Format string vulnerability in CDE Mailer (dtmail) on Solaris 8 and 9 allows local users to gain privileges via format strings in the argv[0] value.