Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-3566 1 Hivemail 1 Hivemail 2026-04-16 N/A
search.results.php in HiveMail 3.1 and earlier allows remote attackers to obtain the installation path via certain manipulations related to the (1) searchdate and (2) folderids parameters.
CVE-2006-3657 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (stack overflow exception) via a DXImageTransform.Microsoft.Gradient ActiveX object with a long (1) StartColorStr or (2) EndColorStr property.
CVE-2006-3666 1 Myiosoft.com 1 Ajaxportal 2026-04-16 N/A
SQL injection vulnerability in AjaxPortal 3.0, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the 'Search' field, a different vulnerability than CVE-2006-3515.
CVE-2006-3672 1 Kde 1 Konqueror 2026-04-16 N/A
KDE Konqueror 3.5.1 and earlier allows remote attackers to cause a denial of service (application crash) by calling the replaceChild method on a DOM object, which triggers a null dereference, as demonstrated by calling document.replaceChild with a 0 (zero) argument.
CVE-2006-3673 1 Armagetron 1 Armagetron Advanced 2026-04-16 N/A
nNetObject.cpp in Armagetron Advanced 2.8.2 and earlier allows remote attackers to cause a denial of service (application crash) via a large owner value, which causes an assert error.
CVE-2006-3674 1 Armagetron 1 Armagetron Advanced 2026-04-16 N/A
nNetObject.cpp in Armagetron Advanced 2.8.2 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a large number handled by the id_req_handler function.
CVE-2006-3675 1 Counterpane 1 Passwordsafe 2026-04-16 N/A
Password Safe 2.11, 2.16 and 3.0BETA1 does not respect the configuration settings for locking the password database when certain dialogue windows are open, which might allow attackers with physical access to obtain the database contents.
CVE-2006-3680 1 Photocycle 1 Photocycle 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in photocycle in Photocycle 1.0 allows remote attackers to inject arbitrary web script or HTML via the phpage parameter.
CVE-2006-3684 1 Softcomplex 1 Php Event Calendar 2026-04-16 N/A
PHP remote file inclusion vulnerability in calendar.php in SoftComplex PHP Event Calendar 1.4 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_calendar parameter, which overwrites the $path_to_calendar variable from an extract function call.
CVE-2006-3690 1 Minibb 1 Forum 2026-04-16 N/A
Multiple PHP remote file inclusion vulnerabilities in MiniBB Forum 1.5a and earlier allow remote attackers to execute arbitrary PHP code via a URL in the absolute_path parameter to (1) components/com_minibb.php or (2) components/minibb/index.php.
CVE-2005-4207 1 Btgrup 1 Admin Webcontroller Script 2026-04-16 N/A
SQL injection vulnerability in BTGrup Admin WebController Script allows remote attackers to execute SQL commands via the (1) Username and (2) Password fields.
CVE-2005-0895 1 Netcomm 1 Nb1300 2026-04-16 N/A
Netcomm 1300NB DSL Modem allows remote attackers to cause a denial of service (device hang) via a large number of ping packets.
CVE-2006-3710 1 Oracle 1 Application Server 2026-04-16 N/A
Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2.3, 9.0.3.1, 9.0.4.2, and 10.1.2.0.0 has unknown impact and attack vectors, aka Oracle Vuln# (1) AS05 and (2) AS08.
CVE-2006-3784 1 Symantec 1 Pcanywhere 2026-04-16 N/A
Symantec pcAnywhere 12.5 uses weak default permissions for the "Symantec\pcAnywhere\Hosts" folder, which allows local users to gain privileges by inserting a superuser .cif (aka caller or CallerID) file into the folder, and then using a pcAnywhere client to login as a local administrator.
CVE-2006-3787 1 Kerio 1 Personal Firewall 2026-04-16 N/A
kpf4ss.exe in Sunbelt Kerio Personal Firewall 4.3.x before 4.3.268 does not properly hook the CreateRemoteThread API function, which allows local users to cause a denial of service (crash) and bypass protection mechanisms by calling CreateRemoteThread.
CVE-2006-3793 1 Sitedepth 1 Sitedepth Cms 2026-04-16 N/A
PHP remote file inclusion vulnerability in constants.php in SiteDepth CMS 3.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the SD_DIR parameter.
CVE-2003-0076 2 Dcgui, Qt-dcgui 2 Dcgui, Qt-dcgui 2026-04-16 N/A
Unknown vulnerability in the directory parser for Direct Connect 4 Linux (dcgui) before 0.2.2 allows remote attackers to read files outside the sharelist.
CVE-2006-3797 1 Deluxebb 1 Deluxebb 2026-04-16 N/A
SQL injection vulnerability in DeluxeBB 1.07 and earlier allows remote attackers to bypass authentication, spoof users, and modify settings via the (1) memberpw and (2) membercookie cookies.
CVE-2006-3801 2 Mozilla, Redhat 3 Firefox, Seamonkey, Enterprise Linux 2026-04-16 N/A
Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 does not properly clear a JavaScript reference to a frame or window, which leaves a pointer to a deleted object that allows remote attackers to execute arbitrary native code.
CVE-2006-3804 2 Mozilla, Redhat 3 Seamonkey, Thunderbird, Enterprise Linux 2026-04-16 N/A
Heap-based buffer overflow in Mozilla Thunderbird before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service (crash) via a VCard attachment with a malformed base64 field, which copies more data than expected due to an integer underflow.