Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-0382 1 Broadcom 1 Ccc Harvest 2026-04-16 N/A
Computer Associates CCC\Harvest 5.0 for Windows NT/2000 uses weak encryption for passwords, which allows a remote attacker to gain privileges on the application.
CVE-2001-0383 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
banners.php in PHP-Nuke 4.4 and earlier allows remote attackers to modify banner ad URLs by directly calling the Change operation, which does not require authentication.
CVE-2006-2068 1 Hitachi 9 Jp1-cm2-network Node Manager, Jp1-cm2-network Node Manager 250, Jpi Automatic Job Management System 2 and 6 more 2026-04-16 N/A
Unspecified vulnerability in Hitachi JP1 products allow remote attackers to cause a denial of service (application stop or fail) via unexpected requests or data.
CVE-2001-0385 1 Goahead Software 1 Goahead Webserver 2026-04-16 N/A
GoAhead webserver 2.1 allows remote attackers to cause a denial of service via an HTTP request to the /aux directory.
CVE-2006-4900 1 Broadcom 1 Etrust Security Command Center 2026-04-16 N/A
Directory traversal vulnerability in Computer Associates (CA) eTrust Security Command Center 1.0 and r8 up to SP1 CR2, allows remote authenticated users to read and delete arbitrary files via ".." sequences in the eSCCAdHocHtmlFile parameter to eSMPAuditServlet, which is not properly handled by the getadhochtml function.
CVE-2006-4901 1 Broadcom 4 Etrust Audit Client, Etrust Audit Datatools, Etrust Audit Policy Manager and 1 more 2026-04-16 N/A
Computer Associates (CA) eTrust Security Command Center 1.0 and r8 up to SP1 CR2, and eTrust Audit 1.5 and r8, allows remote attackers to spoof alerts and conduct replay attacks by invoking eTSAPISend.exe with the desired arguments.
CVE-2001-0386 1 Analogx 1 Simpleserver Www 2026-04-16 N/A
AnalogX SimpleServer:WWW 1.08 allows remote attackers to cause a denial of service via an HTTP request to the /aux directory.
CVE-2001-0388 3 Freebsd, Mandrakesoft, Suse 3 Freebsd, Mandrake Linux, Suse Linux 2026-04-16 N/A
time server daemon timed allows remote attackers to cause a denial of service via malformed packets.
CVE-2001-0394 1 Oreilly 1 Website Pro 2026-04-16 N/A
Remote manager service in Website Pro 3.0.37 allows remote attackers to cause a denial of service via a series of malformed HTTP requests to the /dyn directory.
CVE-2006-2070 1 Mybb 1 Devbb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in member.php in DevBB 1.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the member parameter in a viewpro action.
CVE-2006-3816 1 Krusader 1 Krusader 2026-04-16 N/A
Krusader 1.50-beta1 up to 1.70.0 stores passwords for remote connections in cleartext in the bookmark file (krbookmarks.xml), which allows attackers to steal passwords by obtaining the file.
CVE-2001-0399 1 Caucho Technology 1 Resin 2026-04-16 N/A
Caucho Resin 1.3b1 and earlier allows remote attackers to read source code for Javabean files by inserting a .jsp before the WEB-INF specifier in an HTTP request.
CVE-2001-0400 1 Matt Tourtillott 1 Nph-maillist 2026-04-16 N/A
nph-maillist.pl allows remote attackers to execute arbitrary commands via shell metacharacters ("`") in the email address.
CVE-2001-0401 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in tip in Solaris 8 and earlier allows local users to execute arbitrary commands via a long HOME environmental variable.
CVE-2006-2075 1 Don Moore 1 Mydns 2026-04-16 N/A
Unspecified vulnerability in MyDNS 1.1.0 allows remote attackers to cause a denial of service via a crafted DNS message, aka "Query-of-death," as demonstrated by the OUSPG PROTOS DNS test suite.
CVE-2006-3821 1 Adaptive Technology Resource Centre 1 Atutor 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.5.3 allow remote attackers to inject arbitrary web script or HTML via the (1) lang parameter in (a) index_list.php and (2) year, (3) month, and (4) day parameter in (b) registration.php.
CVE-2002-0349 1 Tiny Software 1 Tiny Personal Firewall 2026-04-16 N/A
Tiny Personal Firewall (TPF) 2.0.15, under certain configurations, will pop up an alert to the system even when the screen is locked, which could allow an attacker with physical access to the machine to hide activities or bypass access restrictions.
CVE-2002-0350 1 Hp 1 Procurve Switch 4000m 2026-04-16 N/A
HP Procurve Switch 4000M running firmware C.08.22 and C.09.09 allows remote attackers to cause a denial of service via a port scan of the management IP address, which disables the telnet service.
CVE-2002-0351 1 Matt Blaze 1 Cfs 2026-04-16 N/A
Buffer overflows in CFS daemon (cfsd) before 1.3.3-8.1, and 1.4x before 1.4.1-5, allow remote attackers to cause a denial of service and possibly execute arbitrary code.
CVE-2002-0352 1 Phorum 1 Phorum 2026-04-16 N/A
Phorum 3.3.2 allows remote attackers to determine the email addresses of the 10 most active users via a direct HTTP request to the stats.php program, which does not require authentication.