Export limit exceeded: 29908 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29908 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-1451 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| MySQL Manager in Apple Mac OS X 10.3.9 and 10.4.6, when setting up a new MySQL database server, does not use the "New MySQL root password" that is provided, which causes the MySQL root password to be blank and allows local users to gain full privileges to that database. | ||||
| CVE-2006-1452 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| Stack-based buffer overflow in Preview in Apple Mac OS 10.4 up to 10.4.6 allows local users to execute arbitrary code via a deep directory hierarchy. | ||||
| CVE-2006-1465 | 1 Apple | 1 Quicktime | 2026-04-16 | N/A |
| Buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickTime AVI video format file. | ||||
| CVE-2006-1464 | 1 Apple | 1 Quicktime | 2026-04-16 | N/A |
| Buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickTime MPEG4 (M4P) video format file. | ||||
| CVE-2006-1472 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Unspecified vulnerability in AFP Server in Apple Mac OS X 10.3.9 allows remote attackers to determine names of unauthorized files and folders via unknown vectors related to the search results. | ||||
| CVE-2006-1482 | 1 Conftool | 1 Conftool | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in ConfTool 1.1 allows remote attackers to inject arbitrary web script or HTML via the page parameter. | ||||
| CVE-2006-1483 | 1 Desiderata Software | 1 Blazix Web Server | 2026-04-16 | N/A |
| Blazix Web Server before 1.2.6, when running on Windows, allows remote attackers to obtain the source code of JSP files via (1) . (dot), (2) space, and (3) slash characters in the extension of a URL. | ||||
| CVE-2006-1492 | 1 Nikolay Avrionov | 1 Explorer Xp | 2026-04-16 | N/A |
| Directory traversal vulnerability in dir.php in Explorer XP allows remote attackers to read arbitrary files via the chemin parameter. | ||||
| CVE-2006-1489 | 1 Fusionzone | 1 Couponzone | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in FusionZONE CouponZONE local.cfm in 4.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) companyid, (2) scat, and (3) coid parameters. | ||||
| CVE-2006-1511 | 1 Microsoft | 1 .net Framework | 2026-04-16 | N/A |
| Buffer overflow in the ILASM assembler in the Microsoft .NET 1.0 and 1.1 Framework might allow user-assisted attackers to execute arbitrary code via a .il file that calls a function with a long name. | ||||
| CVE-2006-1510 | 1 Microsoft | 1 .net Framework | 2026-04-16 | N/A |
| Buffer overflow in calloc.c in the Microsoft Windows XP SP2 ntdll.dll system library, when used by the ILDASM disassembler in the Microsoft .NET 1.0 and 1.1 SDK, might allow user-assisted attackers to execute arbitrary code via a crafted .dll file with a large static method. | ||||
| CVE-2006-1544 | 1 Vscripts | 1 Vnews | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in news.php in vscripts (aka Kuba Kunkiewicz) VNews 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) autorkomentarza and (2) tresckomentarza parameters. | ||||
| CVE-2006-1551 | 1 Georges Auberger | 1 Pajax | 2026-04-16 | N/A |
| Eval injection vulnerability in pajax_call_dispatcher.php in PAJAX 0.5.1 and earlier allows remote attackers to execute arbitrary code via the (1) $method and (2) $args parameters. | ||||
| CVE-2006-1561 | 1 Vscripts | 1 Vbook | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in vscripts (aka Kuba Kunkiewicz) [V]Book (aka VBook) 2.0 allows remote attackers to execute arbitrary SQL commands via the x parameter. | ||||
| CVE-2006-1572 | 1 O2php.com | 1 Oxygen | 2026-04-16 | N/A |
| SQL injection vulnerability in post.php in Oxygen 1.1.3 allows remote attackers to execute arbitrary SQL commands via the fid parameter in a newthread action. | ||||
| CVE-2006-1557 | 1 Skintech | 1 X-changer | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in X-Changer 0.2 allow remote attackers to execute arbitrary SQL commands via the (1) from and (2) into parameters in a calculate action, and the (3) id parameter in an edit action to index.php. | ||||
| CVE-2006-1570 | 1 Esqlanelapse | 1 Esqlanelapse | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Esqlanelapse 2.0 and 2.2 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. | ||||
| CVE-2006-1569 | 1 Redcms | 1 Redcms | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in RedCMS 0.1 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameters to (a) login.php or (b) register.php; or (3) u parameter to (c) profile.php. | ||||
| CVE-2006-1581 | 1 Blanknberg | 1 Blanknberg | 2026-04-16 | N/A |
| Directory traversal vulnerability in index.php in Blank'N'Berg 0.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the _path parameter. | ||||
| CVE-2006-4502 | 1 Ztml | 1 Ezportal Ztml Cms | 2026-04-16 | N/A |
| ezPortal/ztml CMS 1.0 allows remote attackers to bypass authentication controls via a direct request to the "Administration Area" script. | ||||