Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-0670 1 Bluez Project 1 Hcidump 2026-04-16 N/A
Buffer overflow in l2cap.c in hcidump 1.29 allows remote attackers to cause a denial of service (crash) through a wireless Bluetooth connection via a malformed Logical Link Control and Adaptation Protocol (L2CAP) packet.
CVE-2002-2059 1 Intel 4 D845bg Motherboard, D845hv Motherboard, D845pt Motherboard and 1 more 2026-04-16 N/A
BIOS D845BG, D845HV, D845PT and D845WN on Intel motherboards does not properly restrict access to configuration information when BIOS passwords are enabled, which could allow local users to change the default boot device via the F8 key.
CVE-2002-2062 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in ftp.htt in Internet Explorer 5.5 and 6.0, when running on Windows 2000 with "Enable folder view for FTP sites" and "Enable Web content in folders" selected, allows remote attackers to inject arbitrary web script or HTML via the hostname portion of an FTP URL.
CVE-1999-0671 1 Toxsoft 1 Nextftp 2026-04-16 N/A
Buffer overflow in ToxSoft NextFTP client through CWD command.
CVE-2003-1039 1 Sap 1 Mysap Business Suite 2026-04-16 N/A
Multiple buffer overflows in the mySAP.com architecture for SAP allow remote attackers to execute arbitrary code via a long HTTP Host header to (1) Message Server, (2) Web Dispatcher, or (3) Application Server.
CVE-2005-1800 1 Clam Anti-virus 1 Clamav 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Jaws Glossary gadget 0.4 to 0.5.1 allows remote attackers to inject arbitrary web script or HTML via the term parameter in a view or ViewTerm action to index.php.
CVE-2003-1061 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Race condition in Solaris 2.6 through 9 allows local users to cause a denial of service (kernel panic), as demonstrated via the namefs function, pipe, and certain STREAMS routines.
CVE-2006-4825 1 Softcomplex 1 Php Event Calendar 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in cl_files/index.php in SoftComplex PHP Event Calendar 1.5.1, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) ti, (2) bi, or (3) cbgi parameters.
CVE-2006-4833 1 Verso Netperformer 1 Frame Relay Access Device Act 2026-04-16 N/A
Verso NetPerformer FRAD ACT SDM-95xx 7.xx (R1) and earlier, SDM-93xx 10.x.x (R2) and earlier, and SDM-92xx 9.x.x (R1) and earlier allow remote attackers to cause a denial of service (hang or reboot) via an ICMP packet with the same destination and source address and port, aka the "Land" vulnerability.
CVE-2003-1040 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Linux 2026-04-16 N/A
kmod in the Linux kernel does not set its uid, suid, gid, or sgid to 0, which allows local users to cause a denial of service (crash) by sending certain signals to kmod.
CVE-2006-4852 1 Quadcomm 1 Q-shop 2026-04-16 N/A
SQL injection vulnerability in browse.asp in QuadComm Q-Shop 3.5 allows remote attackers to execute arbitrary SQL commands via the OrderBy parameter.
CVE-2006-4859 1 Limbo Cms 1 Limbo Cms 2026-04-16 N/A
Unrestricted file upload vulnerability in contact.html.php in the Contact (com_contact) component in Limbo (aka Lite Mambo) CMS 1.0.4.2L and earlier allows remote attackers to upload PHP code to the images/contact folder via a filename with a double extension in the contact_attach parameter in a contact option in index.php, which bypasses an insufficiently restrictive regular expression.
CVE-1999-0749 1 Microsoft 2 Windows 95, Windows 98 2026-04-16 N/A
Buffer overflow in Microsoft Telnet client in Windows 95 and Windows 98 via a malformed Telnet argument.
CVE-1999-0758 1 Netscape 2 Enterprise Server, Fasttrack Server 2026-04-16 N/A
Netscape Enterprise 3.5.1 and FastTrack 3.01 servers allow a remote attacker to view source code to scripts by appending a %20 to the script's URL.
CVE-1999-0450 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-04-16 N/A
In IIS, an attacker could determine a real path using a request for a non-existent URL that would be interpreted by Perl (perl.exe).
CVE-1999-0801 1 Bmc 1 Patrol Agent 2026-04-16 N/A
BMC Patrol allows remote attackers to gain access to an agent by spoofing frames.
CVE-2005-2048 1 Duware 1 Duforum 2026-04-16 N/A
Multiple SQL injection vulnerabilities in DUware DUforum 3.1, and possibly other versions, allow remote attackers to execute arbitrary SQL commands via the (1) iMsg parameter to messages.asp, iFor parameter to (2) post.asp or (3) forums.asp, or (4) id parameter to userEdit.asp. NOTE: vectors 1 and 3 were later reported to affect version 3.0.
CVE-2005-2049 1 Duware 1 Duclassmate 2026-04-16 N/A
Multiple SQL injection vulnerabilities in DUware DUclassmate 1.2 allow remote attackers to execute arbitrary SQL commands via the (1) iState parameter to default.asp or (2) iPro parameter to edit.asp.
CVE-2005-2050 1 Tor 1 Tor 2026-04-16 N/A
Unknown vulnerability in Tor before 0.1.0.10 allows remote attackers to read arbitrary memory and possibly key information from the exit server's process space.
CVE-1999-1257 1 Xyplex 1 Maxserver Xyplex Terminal Server 2026-04-16 N/A
Xyplex terminal server 6.0.1S1, and possibly other versions, allows remote attackers to bypass the password prompt by entering (1) a CTRL-Z character, or (2) a ? (question mark).