Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-3899 1 Google 1 Talk 2026-04-16 N/A
The automatic update feature in Google Talk allows remote attackers to cause a denial of service (CPU and memory consumption) by poisoning a target's DNS cache and causing a large update file to be sent, which consumes large amounts of CPU and memory during the signature verification, aka BenjiBug.
CVE-2000-0080 1 Ibm 1 Aix 2026-04-16 N/A
AIX techlibss allows local users to overwrite files via a symlink attack.
CVE-2000-0083 1 Hp 1 Hp-ux 2026-04-16 N/A
HP asecure creates the Audio Security File audio.sec with insecure permissions, which allows local users to cause a denial of service or gain additional privileges.
CVE-2006-2798 1 Phpcommunitycalendar 1 Phpcommunitycalendar 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in phpCommunityCalendar 4.0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) LoName parameter in (a) week.php and (b) month.php and (2) AddressLink parameter in (c) event.php.
CVE-2006-2806 1 Apache 1 James 2026-04-16 N/A
The SMTP server in Apache Java Mail Enterprise Server (aka Apache James) 2.2.0 allows remote attackers to cause a denial of service (CPU consumption) via a long argument to the MAIL command.
CVE-2000-0115 1 Microsoft 1 Internet Information Server 2026-04-16 N/A
IIS allows local users to cause a denial of service via invalid regular expressions in a Visual Basic script in an ASP page.
CVE-2006-2809 1 Ar-blog 1 Ar-blog 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php in ar-blog 5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) count parameter, and possibly the (2) next, (3) Year_the_news, and (4) mo parameters. NOTE: the year and month vectors are already covered by CVE-2006-0333.
CVE-2003-1159 1 Plug And Play 1 Plug And Play Web Server Proxy 2026-04-16 N/A
Plug and Play Web Server Proxy 1.0002c allows remote attackers to cause a denial of service (server crash) via an invalid URI in an HTTP GET request to TCP port 8080.
CVE-2003-1164 1 Mldonkey 1 Mldonkey 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Mldonkey 2.5-4 allows remote attackers to inject arbitrary web script or HTML via the URI, which is injected into the HTML error page.
CVE-2003-1165 1 Brs 1 Webweaver 2026-04-16 N/A
Buffer overflow in BRS WebWeaver 1.06 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP request with a long User-Agent header.
CVE-2005-2109 1 Wordpress 1 Wordpress 2026-04-16 N/A
wp-login.php in WordPress 1.5.1.2 and earlier allows remote attackers to change the content of the forgotten password e-mail message via the message variable, which is not initialized before use.
CVE-2005-4429 1 Cs-cart 1 Cs-cart 2026-04-16 N/A
SQL injection vulnerability in CS-Cart 1.3.0 allows remote attackers to execute arbitrary SQL commands via the (1) sort_by and (2) sort_order parameters to index.php.
CVE-2006-3759 1 Mybulletinboard 1 Mybulletinboard 2026-04-16 N/A
Unspecified vulnerability in MyBB (aka MyBulletinBoard) 1.1.4, related has unspecified impact and attack vectors related to "user group manipulation."
CVE-2003-1182 1 Mpm 1 Mpm Guestbook 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in MPM Guestbook 1.2 allows remote attackers to inject arbitrary web script or HTML via the lng parameter.
CVE-2006-3762 1 Touch Control 1 Activex Control 2026-04-16 N/A
The Touch Control ActiveX control 2.0.0.55 allows remote attackers to read and possibly execute arbitrary files via a "file///" URI in the sPath parameter to the Execute function.
CVE-2003-1189 1 Nokia 1 Ipso 2026-04-16 N/A
Unknown vulnerability in Nokia IPSO 3.7, configured as IP Clusters, allows remote attackers to cause a denial of service via unknown attack vectors.
CVE-2005-3518 1 Punbb 1 Punbb 2026-04-16 N/A
SQL injection vulnerability in search.php in PunBB 1.2.7 and 1.2.8 allows remote attackers to execute arbitrary SQL commands via the old_searches parameter.
CVE-2006-3769 1 Top Xl 1 Top Xl 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Top XL 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) pass and (2) pass2 parameters in (a) add.php or the (3) id parameter in (b) members/index.php.
CVE-2003-1203 1 Mambo 1 Mambo Site Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php for Mambo Site Server 4.0.10 allows remote attackers to execute script on other clients via the ?option parameter.
CVE-2006-3772 1 Php-post 1 Php-post 2026-04-16 N/A
PHP-Post 0.21 and 1.0, and possibly earlier versions, when auto-login is enabled, allows remote attackers to bypass security restrictions and obtain administrative privileges by modifying the logincookie[user] setting in the login cookie.