Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0257 1 Novell 1 Netware 2026-04-16 N/A
Buffer overflow in the NetWare remote web administration utility allows remote attackers to cause a denial of service or execute commands via a long URL.
CVE-2005-4628 1 Help Desk Point Software 1 Helpdeskpoint 2026-04-16 N/A
SQL injection vulnerability in index.php in HelpDeskPoint 2.38 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter.
CVE-2006-1138 1 Xerox 12 Copycentre C65, Copycentre C65 Firmware, Copycentre C75 and 9 more 2026-04-16 N/A
Unspecified vulnerability in the web server code in Xerox CopyCentre and Xerox WorkCentre Pro, running software 1.001.02.073 or earlier, or 1.001.02.074 before 1.001.02.715, allows remote attackers to cause a denial of service (memory corruption) via unknown vectors.
CVE-2000-0263 1 Redhat 1 Linux 2026-04-16 N/A
The X font server xfs in Red Hat Linux 6.x allows an attacker to cause a denial of service via a malformed request.
CVE-2006-1149 1 Owl 1 Owl Intranet Engine 2026-04-16 N/A
PHP remote file inclusion vulnerability in lib/OWL_API.php in OWL Intranet Engine 0.82, when register_globals is enabled, allows remote attackers to include arbitrary files via a URL in the xrms_file_root parameter, which is not initialized before use.
CVE-2000-0264 1 Panda 1 Panda Security 2026-04-16 N/A
Panda Security 3.0 with registry editing disabled allows users to edit the registry and gain privileges by directly executing a .reg file or using other methods.
CVE-2006-1150 1 Teg 1 Tenes Empanadas Graciela 2026-04-16 N/A
Buffer overflow in Tenes Empanadas Graciela (TEG) 0.11.1, automatically appends an _ (underscore) to the end of duplicate nicknames, which allows remote attackers to cause a denial of service (application crash) by creating multiple users with long, identical nicknames, which triggers an off-by-one error.
CVE-2000-0283 1 Sgi 1 Irix 2026-04-16 N/A
The default installation of IRIX Performance Copilot allows remote attackers to access sensitive system information via the pmcd daemon.
CVE-2006-1151 1 M Phorum 1 M Phorum 2026-04-16 N/A
Cross-site scripting vulnerability in index.php in M-Phorum 0.2 allows remote attackers to inject arbitrary web script or HTML via the go parameter.
CVE-2006-1160 1 Efs Software 1 Efs Web Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Easy File Sharing (EFS) Web Server 3.2 allows remote attackers to inject arbitrary web script or HTML via the Description field in creating a folder or uploading a file.
CVE-2006-1168 2 Ncompress, Redhat 2 Ncompress, Enterprise Linux 2026-04-16 N/A
The decompress function in compress42.c in (1) ncompress 4.2.4 and (2) liblzw allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code, via crafted data that leads to a buffer underflow.
CVE-2006-1182 1 Adobe 2 Document Server, Graphics Server 2026-04-16 N/A
Adobe Graphics Server 2.0 and 2.1 (formerly AlterCast) and Adobe Document Server (ADS) 5.0 and 6.0 allows local users to read files with certain extensions or overwrite arbitrary files and execute code via a crafted SOAP request to the AlterCast web service in which the request uses the (1) saveContent or (2) saveOptimized ADS commands, or the (3) loadContent command.
CVE-2006-1194 1 Enet 1 Enet Library 2026-04-16 N/A
Integer signedness error in the enet_protocol_handle_incoming_commands function in protocol.c for ENet library CVS version Jul 2005 and earlier, as used in products including (1) Cube, (2) Sauerbraten, and (3) Duke3d_w32, allows remote attackers to cause a denial of service (application crash) via a packet with a large command length value, which leads to an invalid memory access.
CVE-2006-1203 1 Txtforum 1 Txtforum 2026-04-16 N/A
PHP remote file include vulnerability in common.php in txtForum 1.0.4-dev and earlier allows remote attackers to include and execute arbitrary PHP code via a URL in the skin parameter to login.php, and possibly other parameters to other PHP scripts, related to include statements in common.php.
CVE-2000-0332 1 Ultrascripts 1 Ultraboard 2026-04-16 N/A
UltraBoard.pl or UltraBoard.cgi CGI scripts in UltraBoard 1.6 allows remote attackers to read arbitrary files via a pathname string that includes a dot dot (..) and ends with a null byte.
CVE-2006-2025 2 Libtiff, Redhat 2 Libtiff, Enterprise Linux 2026-04-16 N/A
Integer overflow in the TIFFFetchData function in tif_dirread.c for libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted TIFF image.
CVE-2006-2614 1 Sun 1 N1 System Manager 2026-04-16 N/A
Sun N1 System Manager 1.1 for Solaris 10 before patch 121161-01 records system passwords in the world-readable scripts (1) /cr/hd_jobs_db.sh, (2) /cr/hd_plan_checkin.sh, and (3) /cr/oracle_plan_checkin.sh, which allows local users to obtain System Manager passwords.
CVE-2000-0352 1 University Of Washington 1 Pine 2026-04-16 N/A
Pine before version 4.21 does not properly filter shell metacharacters from URLs, which allows remote attackers to execute arbitrary commands via a malformed URL.
CVE-2004-0704 1 Mozilla 1 Bugzilla 2026-04-16 N/A
Unknown vulnerability in (1) duplicates.cgi and (2) buglist.cgi in Bugzilla 2.16.x before 2.16.6, 2.18 before 2.18rc1, when configured to hide products, allows remote attackers to view hidden products.
CVE-2004-0706 1 Mozilla 1 Bugzilla 2026-04-16 N/A
Bugzilla 2.17.5 through 2.17.7 embeds the password in an image URL, which could allow local users to view the password in the web server log files.