Total
29944 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-3828 | 1 Kailash Nadh | 1 Boastmachine | 2026-04-16 | N/A |
| Incomplete blacklist vulnerability in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier allows remote authenticated administrators to bypass SQL injection protection mechanisms by using commas, quote characters, pound sign (#) characters, "UNION," and "SELECT," which are not filtered by the product, which only checks for "insert," "delete," "update," and "replace." | ||||
| CVE-1999-1008 | 2 Freebsd, Mandrakesoft | 2 Freebsd, Mandrake Linux | 2026-04-16 | N/A |
| xsoldier program allows local users to gain root access via a long argument. | ||||
| CVE-1999-1018 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| IPChains in Linux kernels 2.2.10 and earlier does not reassemble IP fragments before checking the header information, which allows a remote attacker to bypass the filtering rules using several fragments with 0 offsets. | ||||
| CVE-1999-1020 | 1 Novell | 1 Netware | 2026-04-16 | N/A |
| The installation of Novell Netware NDS 5.99 provides an unauthenticated client with Read access for the tree, which allows remote attackers to access sensitive information such as users, groups, and readable objects via CX.EXE and NLIST.EXE. | ||||
| CVE-1999-1029 | 1 Ssh | 1 Ssh2 | 2026-04-16 | N/A |
| SSH server (sshd2) before 2.0.12 does not properly record login attempts if the connection is closed before the maximum number of tries, allowing a remote attacker to guess the password without showing up in the audit logs. | ||||
| CVE-1999-1033 | 1 Microsoft | 1 Outlook Express | 2026-04-16 | N/A |
| Microsoft Outlook Express before 4.72.3612.1700 allows a malicious user to send a message that contains a .., which can inadvertently cause Outlook to re-enter POP3 command mode and cause the POP3 session to hang. | ||||
| CVE-2006-3841 | 1 Owasp | 1 Webscarab | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in WebScarab before 20060718-1904, when used with Microsoft Internet Explorer 6 SP2 or Konqueror 3.5.3, allows remote attackers to inject arbitrary web script or HTML via the URL, which is not sanitized before being returned in an error message when WebScarab is not able to access the URL. | ||||
| CVE-1999-1034 | 1 Att | 1 Svr4 | 2026-04-16 | N/A |
| Vulnerability in login in AT&T System V Release 4 allows local users to gain privileges. | ||||
| CVE-1999-1035 | 1 Microsoft | 1 Internet Information Server | 2026-04-16 | N/A |
| IIS 3.0 and 4.0 on x86 and Alpha allows remote attackers to cause a denial of service (hang) via a malformed GET request, aka the IIS "GET" vulnerability. | ||||
| CVE-2006-3914 | 1 Blackboard | 1 Blackboard Academic Suite | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Blackboard Academic Suite 6.2.3.23 allows remote authenticated users to inject arbitrary HTML or web script by bypassing client-side validation through disabling JavaScript when submitting an essay response, which has no server-side validation before being viewed via "View Attempt Details" in the Gradebook. | ||||
| CVE-1999-1042 | 1 Cisco | 1 Resource Manager | 2026-04-16 | N/A |
| Cisco Resource Manager (CRM) 1.0 and 1.1 creates world-readable log files and temporary files, which may expose sensitive information, to local users such as user IDs, passwords and SNMP community strings. | ||||
| CVE-2006-3940 | 1 Phpbb Group | 1 Phpbb-auction | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in phpbb-Auction allow remote attackers to execute arbitrary SQL commands via (1) the ar parameter in auction_room.php and (2) the u parameter in auction_store.php. NOTE: the auction_rating.php vector is already covered by CVE-2005-1234. NOTE: the original disclosure states that the product name is "PHP-Auction", but this is probably an error. | ||||
| CVE-2006-3943 | 1 Microsoft | 1 Ie | 2026-04-16 | N/A |
| Stack-based buffer overflow in NDFXArtEffects in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) via long (1) RGBExtraColor, (2) RGBForeColor, and (3) RGBBackColor properties. | ||||
| CVE-1999-0857 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| FreeBSD gdc program allows local users to modify files via a symlink attack. | ||||
| CVE-1999-1060 | 1 Tetrix | 1 Tetrinet | 2026-04-16 | N/A |
| Buffer overflow in Tetrix TetriNet daemon 1.13.16 allows remote attackers to cause a denial of service and possibly execute arbitrary commands by connecting to port 31457 from a host with a long DNS hostname. | ||||
| CVE-1999-1083 | 1 T. Hauck | 1 Jana Web Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Jana proxy web server 1.45 allows remote attackers to ready arbitrary files via a .. (dot dot) attack. | ||||
| CVE-2006-1232 | 1 Dsportal | 1 Dsdownload | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in DSDownload 1.0, with magic_quotes_gpc disabled, allow remote attackers to execute arbitrary SQL commands via the (1) key and (2) category parameters to (a) search.php and (b) downloads.php. | ||||
| CVE-1999-1089 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Buffer overflow in chfn command in HP-UX 9.X through 10.20 allows local users to gain privileges via a long command line argument. | ||||
| CVE-2006-3818 | 1 Novell | 1 Groupwise Webaccess | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the login page in Novell GroupWise WebAccess 6.5 before 20060721 and WebAccess 7 before 20060727 allows remote attackers to inject arbitrary web script or HTML via the GWAP.version parameter. | ||||
| CVE-1999-1094 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Buffer overflow in Internet Explorer 4.01 and earlier allows remote attackers to execute arbitrary commands via a long URL with the "mk:" protocol, aka the "MK Overrun security issue." | ||||