Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-0202 1 Paypal 1 Php Toolkit 2026-04-16 N/A
Dave Nielsen and Patrick Breitenbach PayPal Web Services (aka PHP Toolkit) 0.50 and possibly earlier has (1) world-readable permissions for ipn/logs/ipn_success.txt, which allows local users to view sensitive information (payment data), and (2) world-writable permissions for ipn/logs, which allows local users to delete or replace payment data.
CVE-2006-0204 1 Wordcircle 1 Wordcircle 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Wordcircle 2.17 allow remote attackers to inject arbitrary web script or HTML via (1) the "Course name" field in index.php when the frm parameter has the value "mine" and (2) possibly certain other fields in unspecified scripts.
CVE-2006-0206 1 Light Weight Calendar 1 Light Weight Calendar 2026-04-16 N/A
Eval injection vulnerability in Light Weight Calendar (LWC) 1.0 (20040909) and earlier allows remote attackers to execute arbitrary PHP code via the date parameter in cal.php, which is included by index.php.
CVE-1999-0240 2026-04-16 N/A
Some filters or firewalls allow fragmented SYN packets with IP reserved bits in violation of their implemented policy.
CVE-1999-0241 3 Sgi, Sun, Xfree86 Project 4 Irix, Solaris, Sunos and 1 more 2026-04-16 N/A
Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm.
CVE-1999-0242 1 Slackware 1 Slackware Linux 2026-04-16 N/A
Remote attackers can access mail files via POP3 in some Linux systems that are using shadow passwords.
CVE-2002-0721 1 Microsoft 2 Data Engine, Sql Server 2026-04-16 N/A
Microsoft SQL Server 7.0 and 2000 installs with weak permissions for extended stored procedures that are associated with helper functions, which could allow unprivileged users, and possibly remote attackers, to run stored procedures with administrator privileges via (1) xp_execresultset, (2) xp_printstatements, or (3) xp_displayparamstmt.
CVE-1999-0244 1 Livingston 1 Radius 2026-04-16 N/A
Livingston RADIUS code has a buffer overflow which can allow remote execution of commands as root.
CVE-1999-0245 1 Linux 1 Linux Kernel 2026-04-16 N/A
Some configurations of NIS+ in Linux allowed attackers to log in as the user "+".
CVE-2002-0722 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to misrepresent the source of a file in the File Download dialogue box to trick users into thinking that the file type is safe to download, aka "File Origin Spoofing."
CVE-2003-1462 1 Mod Survey 1 Mod Survey 2026-04-16 N/A
mod_survey 3.0.0 through 3.0.15-pre6 does not check whether a survey exists before creating a subdirectory for it, which allows remote attackers to cause a denial of service (disk consumption and possible crash).
CVE-1999-0247 1 Isc 1 Inn 2026-04-16 N/A
Buffer overflow in nnrpd program in INN up to version 1.6 allows remote users to execute arbitrary commands.
CVE-1999-0248 1 Ssh 1 Ssh 2026-04-16 N/A
A race condition in the authentication agent mechanism of sshd 1.2.17 allows an attacker to steal another user's credentials.
CVE-1999-0259 1 Infodrom 1 Cfingerd 2026-04-16 N/A
cfingerd lists all users on a system via search.**@target.
CVE-2002-0723 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 5.5 and 6.0 does not properly verify the domain of a frame within a browser window, which allows remote attackers to read client files or invoke executable objects via the Object tag, aka "Cross Domain Verification in Object Tag."
CVE-1999-0262 1 Renaud Deraison 1 Faxsurvey 2026-04-16 N/A
Hylafax faxsurvey CGI script on Linux allows remote attackers to execute arbitrary commands via shell metacharacters in the query string.
CVE-2003-1466 1 Phorum 1 Phorum 2026-04-16 N/A
Unspecified vulnerability in Phorum 3.4 through 3.4.2 allows remote attackers to use Phorum as a connection proxy to other sites via (1) register.php or (2) login.php.
CVE-2004-1968 1 Openbb 1 Openbb 2026-04-16 N/A
The readmsg action in myhome.php in Open Bulletin Board (OpenBB) 1.0.6 and earlier allows remote attackers to read arbitrary messages by modifying the id parameter.
CVE-1999-0270 1 Sgi 1 Irix 2026-04-16 N/A
Directory traversal vulnerability in pfdispaly.cgi program (sometimes referred to as "pfdisplay") for SGI's Performer API Search Tool (performer_tools) allows remote attackers to read arbitrary files.
CVE-2004-1199 1 Apple 1 Safari 2026-04-16 N/A
Safari 1.2.4 on Mac OS X 10.3.6 allows remote attackers to cause a denial of service (application crash from memory exhaustion), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays.