Search Results (363286 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1975 1 Php Arena 1 Pafiledb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the category module in pafiledb.php for paFileDB 3.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter, a vulnerability that is closely related to CVE-2004-1551.
CVE-1999-0800 1 Allaire 1 Forums 2026-04-16 N/A
The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm.
CVE-2005-4686 1 Punbb 1 Punbb 2026-04-16 N/A
PunBB 1.2.9, when used alone or with F-ART BLOG:CMS, includes config.php before calling the unregister_globals function, which allows attackers to obtain unspecified sensitive information.
CVE-2006-4302 1 Sun 2 J2se, Java Web Start 2026-04-16 N/A
The Java Plug-in J2SE 1.3.0_02 through 5.0 Update 5, and Java Web Start 1.0 through 1.2 and J2SE 1.4.2 through 5.0 Update 5, allows remote attackers to exploit vulnerabilities by specifying a JRE version that contain vulnerabilities.
CVE-1999-0820 1 Freebsd 1 Freebsd 2026-04-16 N/A
FreeBSD seyon allows users to gain privileges via a modified PATH variable for finding the xterm and seyon-emu commands.
CVE-1999-0836 1 Sco 1 Unixware 2026-04-16 N/A
UnixWare uidadmin allows local users to modify arbitrary files via a symlink attack.
CVE-1999-0840 1 Sun 1 Sunos 2026-04-16 N/A
Buffer overflow in CDE dtmail and dtmailpr programs allows local users to gain privileges via a long -f option.
CVE-2005-4688 1 Punbb 1 Punbb 2026-04-16 N/A
PunBB 1.2.9 does not require password entry when changing the e-mail address in an account's profile, which might allow an attacker to make an address change via a hijacked login session.
CVE-1999-0844 1 Deerfield 1 Mdaemon 2026-04-16 N/A
Denial of service in MDaemon WorldClient and WebConfig services via a long URL.
CVE-1999-0845 1 Sco 1 Unixware 2026-04-16 N/A
Buffer overflow in SCO su program allows local users to gain root access via a long username.
CVE-1999-0394 2026-04-16 N/A
DPEC Online Courseware allows an attacker to change another user's password without knowing the original password.
CVE-1999-0853 1 Netscape 2 Enterprise Server, Fasttrack Server 2026-04-16 N/A
Buffer overflow in Netscape Enterprise Server and Netscape FastTrack Server allows remote attackers to gain privileges via the HTTP Basic Authentication procedure.
CVE-1999-0870 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 4.01 allows remote attackers to read arbitrary files by pasting a file name into the file upload control, aka untrusted scripted paste.
CVE-2005-4689 1 Six Apart 1 Movable Type 2026-04-16 N/A
Six Apart Movable Type 3.16 stores account names and password hashes in a cookie, which allows remote attackers to login to an account by sniffing the cookie.
CVE-1999-0865 1 Stalker 1 Communigate Pro 2026-04-16 N/A
Buffer overflow in CommuniGatePro via a long string to the HTTP configuration port.
CVE-2005-4691 1 Netbsd 1 Netbsd 2026-04-16 N/A
imake in NetBSD before 2.0.3, NetBSD-current before 12 September 2005, certain versions of X.Org, and certain versions of XFree86 allows local users to overwrite arbitrary files via a symlink attack on the temporary file for the file.0 target, which is used for a pre-formatted manual page.
CVE-1999-0873 1 Sky Communications 1 Skyfull 2026-04-16 N/A
Buffer overflow in Skyfull mail server via MAIL FROM command.
CVE-1999-0876 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Buffer overflow in Internet Explorer 4.0 via EMBED tag.
CVE-1999-0877 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 5 allows remote attackers to read files via an ExecCommand method called on an IFRAME.
CVE-2004-1927 1 Tiki 1 Tikiwiki Cms\/groupware 2026-04-16 N/A
Directory traversal vulnerability in the map feature (tiki-map.phtml) in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to determine the existence of arbitrary files via .. (dot dot) sequences in the mapfile parameter.