Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0277 1 Bolintech 1 Dream Ftp Server 2026-04-16 N/A
Format string vulnerability in Dream FTP 1.02 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the username.
CVE-2004-0288 1 Mnogosearch 1 Mnogosearch 2026-04-16 N/A
Buffer overflow in the UdmDocToTextBuf function in mnoGoSearch 3.2.13 through 3.2.15 could allow remote attackers to execute arbitrary code by indexing a large document.
CVE-2004-0893 1 Microsoft 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more 2026-04-16 N/A
The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability."
CVE-2006-0380 1 Freebsd 1 Freebsd 2026-04-16 N/A
A logic error in FreeBSD kernel 5.4-STABLE and 6.0 causes the kernel to calculate an incorrect buffer length, which causes more data to be copied to userland than intended, which could allow local users to read portions of kernel memory.
CVE-2006-0381 1 Freebsd 1 Freebsd 2026-04-16 N/A
A logic error in the IP fragment cache functionality in pf in FreeBSD 5.3, 5.4, and 6.0, and OpenBSD, when a 'scrub fragment crop' or 'scrub fragment drop-ovl' rule is being used, allows remote attackers to cause a denial of service (crash) via crafted packets that cause a packet fragment to be inserted twice.
CVE-2006-0402 1 Jason Geiger 1 Zoph 2026-04-16 N/A
SQL injection vulnerability in Zoph before 0.5pre1 allows remote attackers to execute arbitrary SQL commands.
CVE-2006-0406 1 Mybulletinboard 1 Mybulletinboard 2026-04-16 N/A
search.php in MyBB 1.0.2 allows remote attackers to obtain sensitive information via a certain search request that reveals the table prefix in a SQL error message, possibly due to invalid parameters.
CVE-2006-0407 1 Azbb 1 Az Bulletin Board 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in post.php in AZ Bulletin Board (AZbb) 1.1.00 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) nickname parameter and (2) an iframe tag in the topic parameter. NOTE: the original disclosure specified the name parameter, but a correction was later provided. NOTE: followup posts have both disputed and confirmed the original claim.
CVE-2006-0417 1 Mywebland 1 Minibloggie 2026-04-16 N/A
SQL injection vulnerability in login.php in miniBloggie 1.0 and earlier, when gpc_magic_quotes is disabled, allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username and (2) password parameters.
CVE-2006-3054 1 Vbzoom 1 Vbzoom 2026-04-16 N/A
Multiple SQL injection vulnerabilities in VBZooM 1.11 allow remote attackers to execute arbitrary SQL commands via the (1) sobjectID or (2) MAINID parameters to (a) show.php or (3) MainID parameter to (b) subject.php.
CVE-2006-3057 1 Gnome 1 Dhcdbd 2026-04-16 N/A
Unspecified vulnerability in NetworkManager daemon for DHCP (dhcdbd) allows remote attackers to cause a denial of service (crash) via certain invalid DHCP responses that trigger memory corruption.
CVE-1999-0008 2 Hp, Sun 3 Hp-ux, Solaris, Sunos 2026-04-16 N/A
Buffer overflow in NIS+, in Sun's rpc.nisd program.
CVE-1999-0088 1 Ibm 1 Aix 2026-04-16 N/A
IRIX and AIX automountd services (autofsd) allow remote users to execute root commands.
CVE-1999-0116 1 Ibm 2 Aix, Sng 2026-04-16 N/A
Denial of service when an attacker sends many SYN packets to create multiple connections without ever sending an ACK to complete the connection, aka SYN flood.
CVE-1999-0120 1 Sun 1 Sunos 2026-04-16 N/A
Sun/Solaris utmp file allows local users to gain root access if it is writable by users other than root.
CVE-1999-0128 5 Digital, Ibm, Linux and 2 more 9 Osf 1, Aix, Sng and 6 more 2026-04-16 N/A
Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death.
CVE-1999-0137 1 Fred N. Van Kempen 1 Dip 2026-04-16 N/A
The dip program on many Linux systems allows local users to gain root access via a buffer overflow.
CVE-1999-0146 1 Ncsa 2 Campas, Servers 2026-04-16 N/A
The campas CGI program provided with some NCSA web servers allows an attacker to execute arbitrary commands via encoded carriage return characters in the query string, as demonstrated by reading the password file.
CVE-1999-0152 1 Data General 1 Dg Ux 2026-04-16 N/A
The DG/UX finger daemon allows remote command execution through shell metacharacters.
CVE-1999-0164 1 Sun 1 Sunos 2026-04-16 N/A
A race condition in the Solaris ps command allows an attacker to overwrite critical files.