Search Results (361816 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-2345 1 Oracle 1 Database Server 2026-04-16 N/A
Unknown multiple vulnerabilities in Oracle9i Database Server 9.0.1.4, 9.0.1.5, 9.2.0.3, and 9.2.0.4 allow local users with the ability to invoke SQL to cause a denial of service or obtain sensitive information.
CVE-2006-2073 1 Isc 1 Bind 2026-04-16 N/A
Unspecified vulnerability in ISC BIND allows remote attackers to cause a denial of service via a crafted DNS message with a "broken" TSIG, as demonstrated by the OUSPG PROTOS DNS test suite.
CVE-2004-2346 1 Minihttpserver.net 1 Forum Web Server 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Forum Web Server 1.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the Subject field in post1.htm and (2) the File Description field in postfile2.htm.
CVE-2006-2075 1 Don Moore 1 Mydns 2026-04-16 N/A
Unspecified vulnerability in MyDNS 1.1.0 allows remote attackers to cause a denial of service via a crafted DNS message, aka "Query-of-death," as demonstrated by the OUSPG PROTOS DNS test suite.
CVE-2006-4297 1 Oscommerce 1 Oscommerce 2026-04-16 N/A
SQL injection vulnerability in shopping_cart.php in osCommerce before 2.2 Milestone 2 060817 allows remote attackers to execute arbitrary SQL commands via id array parameters.
CVE-2004-2347 1 Leif M. Wright 1 Web Blog 2026-04-16 N/A
blog.cgi in Leif M. Wright Web Blog 1.1 and 1.1.5 allows remote attackers to execute arbitrary commands via shell metacharacters such as '|' in the file parameter of ViewFile requests.
CVE-2006-2076 1 Pdnsd 1 Pdnsd 2026-04-16 N/A
Memory leak in Paul Rombouts pdnsd before 1.2.4 allows remote attackers to cause a denial of service (memory consumption) via a DNS query with an unsupported (1) QTYPE or (2) QCLASS, as demonstrated by the OUSPG PROTOS DNS test suite.
CVE-2004-2348 1 Sybari 1 Antigen 2026-04-16 N/A
Sybari AntiGen for Domino 7.0 Build 722 SR2 allows remote attackers to cause a denial of service (hang) via an encrypted ZIP file with the "include full path info" option set, as used by certain variants of the Beagle/Bagle worm.
CVE-2004-2350 1 Phpbb Group 1 Phpbb 2026-04-16 N/A
SQL injection vulnerability in search.php for phpBB 1.0 through 2.0.6 allows remote attackers to execute arbitrary SQL and gain privileges via the search_results parameter.
CVE-2006-4305 2 Mysql, Sap-db 2 Maxdb, Sap-db 2026-04-16 N/A
Buffer overflow in SAP DB and MaxDB before 7.6.00.30 allows remote attackers to execute arbitrary code via a long database name when connecting via a WebDBM client.
CVE-2004-2356 1 Fizmez 1 Fizmez Web Server 2026-04-16 N/A
Early termination vulnerability in Fizmez Web Server 1.0 allows remote attackers to cause a denial of service (crash) by connecting to the server and then disconnecting without sending any data, which triggers a null pointer dereference.
CVE-2004-2357 1 Proofpoint 1 Proofpoint Protection Server 2026-04-16 N/A
The embedded MySQL 4.0 server for Proofpoint Protection Server does not require a password for the root user of MySQL, which allows remote attackers to read or modify the backend database.
CVE-2004-2358 1 Phpbb Group 1 Phpbb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in admin_words.php for phpBB 2.0.6c allows remote attackers to inject arbitrary web script or HTML via the id parameter.
CVE-2004-2359 1 Dell 1 Truemobile 1300 Wlan Mini-pci Card Util Trayapplet 2026-04-16 N/A
Dell TrueMobile 1300 WLAN Mini-PCI Card Util TrayApplet 3.10.39.0 does not properly drop SYSTEM privileges when started from the systray applet, which allows local users to gain privileges by accessing the Help functionality.
CVE-2004-2370 1 Cerulean Studios 2 Trillian, Trillian Pro 2026-04-16 N/A
Stack-based buffer overflow in Trillian 0.71 through 0.74f and Trillian Pro 1.0 through 2.01 allows remote attackers to execute arbitrary code via a Yahoo Messenger packet with a long key name.
CVE-2006-2078 1 Furukawa Electric 2 Fitelnet, Mucho-ev Pk 2026-04-16 N/A
Multiple unspecified vulnerabilities in multiple FITELnet products, including FITELnet-F40, F80, F100, F120, F1000, and E20/E30, allow remote attackers to cause a denial of service via crafted DNS messages that trigger errors in (1) ProxyDNS or (2) PKI-Resolver, as demonstrated by the OUSPG PROTOS DNS test suite.
CVE-2006-4319 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in the format command in Solaris 8, 9, and 10 allows local users with access to format (such as the "File System Management" RBAC profile) to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2006-4307.
CVE-2004-2386 2 Denis Sbragion, Peter Astrand 2 Sredird, Sercd 2026-04-16 N/A
Format string vulnerability in the LogMsg function in sercd before 2.3.1 and sredird 2.2.1 and earlier allows remote attackers to execute arbitrary code via format string specifiers passed from the HandleCPCCommand function.
CVE-2004-2387 2 Denis Sbragion, Peter Astrand 2 Sredird, Sercd 2026-04-16 N/A
Buffer overflow in the HandleCPCCommand function of sercd before 2.3.1 and sredird 2.2.1 and earlier allows remote attackers to execute arbitrary code.
CVE-2004-2390 1 Jabberstudio 1 Jabber Gadu-gadu Transport 2026-04-16 N/A
The roster import functionality in Jabber Gadu-Gadu Transport (a.k.a. jabber-gg-transport) 2.0.x before 2.0.8, when using libgadu 1.0 and later, allows attackers to cause a denial of service via unknown vectors.