Search Results (365836 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0209 1 University Of Kansas 1 Lynx 2026-04-16 N/A
Buffer overflow in Lynx 2.x allows remote attackers to crash Lynx and possibly execute commands via a long URL in a malicious web page.
CVE-2000-0221 1 Nortel 1 Nautica Marlin 2026-04-16 N/A
The Nautica Marlin bridge allows remote attackers to cause a denial of service via a zero length UDP packet to the SNMP port.
CVE-2006-1089 1 Punbb 1 Punbb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in header.php in PunBB 1.2.10 allows remote attackers to inject arbitrary web script or HTML via the URL, which is not properly handled when the PHP_SELF variable is used to handle a pun_page tag.
CVE-2006-1091 1 Kaspersky Lab 1 Kaspersky Anti-virus 2026-04-16 N/A
Kaspersky Antivirus 5.0.5 and 5.5.3 allows remote attackers to cause a denial of service (CPU and memory consumption) via unknown attack vectors.
CVE-2006-4460 1 Clemens Wacha 1 Php Iaddressbook 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in PHP iAddressBook before 0.96 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2000-0229 4 Alessandro Rubini, Debian, Redhat and 1 more 4 Gpm, Debian Linux, Linux and 1 more 2026-04-16 N/A
gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root.
CVE-2006-1097 1 Datenbank Module 1 Datenbank Module 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Datenbank MOD 2.7 and earlier for Woltlab Burning Board allow remote attackers to inject arbitrary web script or HTML via the fileid parameter to (1) info_db.php or (2) database.php.
CVE-2006-4221 1 Ibm 1 Egatherer 2026-04-16 N/A
Stack-based buffer overflow in the IBM Access Support eGatherer ActiveX control before 3.20.0284.0 allows remote attackers to execute arbitrary code via a long filename parameter to the RunEgatherer method.
CVE-2006-1116 1 Ncipher 1 Ncore 2026-04-16 N/A
The CBC-MAC integrity functions in the nCipher nCore API before 2.18 transmit the initialization vector IV as part of a message when the implementation uses a non-zero IV, which allows remote attackers to bypass integrity checks and modify messages without being detected.
CVE-2006-1118 1 Bmail 1 Bmail 2026-04-16 N/A
SQL injection vulnerability in bmail before Aardvark PR9.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving GBK character sets.
CVE-2006-1119 2 Cpanel, Netenberg 2 Cpanel, Fantastico De Luxe 2026-04-16 N/A
fantastico in Cpanel does not properly handle when it has insufficient permissions to perform certain file operations, which allows remote authenticated users to obtain the full pathname, which is leaked in a PHP error message.
CVE-2006-1129 1 Ekinboard 1 Ekinboard 2026-04-16 N/A
SQL injection vulnerability in config.php in EKINboard 1.0.3 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the username cookie.
CVE-2000-0255 1 Nbase-xyplex 1 Edgeblaster 2026-04-16 N/A
The Nbase-Xyplex EdgeBlaster router allows remote attackers to cause a denial of service via a scan for the FormMail CGI program.
CVE-2000-0257 1 Novell 1 Netware 2026-04-16 N/A
Buffer overflow in the NetWare remote web administration utility allows remote attackers to cause a denial of service or execute commands via a long URL.
CVE-2005-4628 1 Help Desk Point Software 1 Helpdeskpoint 2026-04-16 N/A
SQL injection vulnerability in index.php in HelpDeskPoint 2.38 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2006-1138 1 Xerox 12 Copycentre C65, Copycentre C65 Firmware, Copycentre C75 and 9 more 2026-04-16 N/A
Unspecified vulnerability in the web server code in Xerox CopyCentre and Xerox WorkCentre Pro, running software 1.001.02.073 or earlier, or 1.001.02.074 before 1.001.02.715, allows remote attackers to cause a denial of service (memory corruption) via unknown vectors.
CVE-2000-0263 1 Redhat 1 Linux 2026-04-16 N/A
The X font server xfs in Red Hat Linux 6.x allows an attacker to cause a denial of service via a malformed request.
CVE-2006-1149 1 Owl 1 Owl Intranet Engine 2026-04-16 N/A
PHP remote file inclusion vulnerability in lib/OWL_API.php in OWL Intranet Engine 0.82, when register_globals is enabled, allows remote attackers to include arbitrary files via a URL in the xrms_file_root parameter, which is not initialized before use.
CVE-2000-0264 1 Panda 1 Panda Security 2026-04-16 N/A
Panda Security 3.0 with registry editing disabled allows users to edit the registry and gain privileges by directly executing a .reg file or using other methods.
CVE-2006-1150 1 Teg 1 Tenes Empanadas Graciela 2026-04-16 N/A
Buffer overflow in Tenes Empanadas Graciela (TEG) 0.11.1, automatically appends an _ (underscore) to the end of duplicate nicknames, which allows remote attackers to cause a denial of service (application crash) by creating multiple users with long, identical nicknames, which triggers an off-by-one error.