Export limit exceeded: 362074 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (362074 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-6183 | 1 3com | 1 3ctftpsvc | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in 3Com 3CTftpSvc 2.0.1, and possibly earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a long mode field (aka transporting mode) in a (1) GET or (2) PUT command. | ||||
| CVE-2006-6178 | 1 Trend Micro | 1 Officescan | 2026-04-23 | N/A |
| Buffer overflow in PCCSRV\Web_console\RemoteInstallCGI\Wizard.exe for Trend Micro OfficeScan 7.3 before build 7.3.0.1087 allows remote attackers to execute arbitrary code via unknown attack vectors. | ||||
| CVE-2007-0615 | 1 Hitachi | 2 Hibun Advanced Edition Server, Jpi Hibun Advanced Edition Server | 2026-04-23 | N/A |
| Unspecified vulnerability in Hitachi JP1/HIBUN Advanced Edition Management Server and Log Server before 20070124 allows remote attackers to cause a denial of service (application stop) via unexpected data. | ||||
| CVE-2006-6176 | 1 Blogn | 1 Blogn | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in admin.php in Blogn before 1.9.4 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. | ||||
| CVE-2006-6174 | 1 Tdiary | 1 Tdiary | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in tDiary before 2.0.3 and 2.1.x before 2.1.4.20061126 allows remote attackers to inject arbitrary web script or HTML via the conf parameter in (1) tdiary.rb and (2) skel/conf.rhtml. | ||||
| CVE-2006-6172 | 2 Mplayer, Xine | 2 Mplayer, Real Media Input Plugin | 2026-04-23 | N/A |
| Buffer overflow in the asmrp_eval function in the RealMedia RTSP stream handler (asmrp.c) for Real Media input plugin, as used in (1) xine/xine-lib, (2) MPlayer 1.0rc1 and earlier, and possibly others, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a rulebook with a large number of rulematches. | ||||
| CVE-2006-6171 | 1 Proftpd Project | 1 Proftpd | 2026-04-23 | N/A |
| ProFTPD 1.3.0a and earlier does not properly set the buffer size limit when CommandBufferSize is specified in the configuration file, which leads to an off-by-two buffer underflow. NOTE: in November 2006, the role of CommandBufferSize was originally associated with CVE-2006-5815, but this was an error stemming from a vague initial disclosure. NOTE: ProFTPD developers dispute this issue, saying that the relevant memory location is overwritten by assignment before further use within the affected function, so this is not a vulnerability | ||||
| CVE-2006-5831 | 1 Aiocp | 1 Aiocp | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in admin/code/index.php in All In One Control Panel (AIOCP) 1.3.007 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the load_page parameter. | ||||
| CVE-2006-5837 | 1 Simplechat | 1 Simplechat | 2026-04-23 | N/A |
| Static code injection vulnerability in chat_panel.php in the SimpleChat 1.0.0 module for iWare Professional CMS allows remote attackers to inject arbitrary PHP code into chat_log.php via the msg parameter. | ||||
| CVE-2006-5842 | 1 Unicore | 1 Unicore Client | 2026-04-23 | N/A |
| The keystore file in Unicore Client before 5.6 build 5, when running on Unix systems, has insecure default permissions, which allows local users to obtain sensitive information. | ||||
| CVE-2007-0490 | 1 Open-realty | 1 Open-realty | 2026-04-23 | N/A |
| index.php in Open-Realty 2.3.4 allows remote attackers to obtain sensitive information (the full path) via an invalid listingID parameter in a listingview action. | ||||
| CVE-2007-0495 | 1 Phpsherpa | 1 Phpsherpa | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in include/config.inc.php in PhpSherpa allows remote attackers to execute arbitrary PHP code via a URL in the racine parameter. | ||||
| CVE-2006-5852 | 1 Openbase International Ltd | 1 Openbase | 2026-04-23 | N/A |
| Untrusted search path vulnerability in openexec in OpenBase SQL before 10.0.1 allows local users to gain privileges via a modified PATH that references a malicious helper binary, as demonstrated by (1) cp, (2) rm, and (3) killall, different vectors than CVE-2006-5327. | ||||
| CVE-2007-0499 | 1 Sangwan Kim | 1 Phpindexpage | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in config.php in Sangwan Kim phpIndexPage 1.0.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the env[inc_path] parameter. | ||||
| CVE-2006-5855 | 1 Ibm | 1 Tivoli Storage Manager | 2026-04-23 | N/A |
| Multiple buffer overflows in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in (1) the language field at logon that begins with a 0x18 byte, (2) two unspecified parameters to the SmExecuteWdsfSession function, and (3) the contact field in an open registration message. | ||||
| CVE-2007-0505 | 1 Drupal | 2 Project, Project Issue Tracking Module | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in the Project issue tracking 4.7.0 through 5.x before 20070123, a module for Drupal, allows remote authenticated users to execute arbitrary code by attaching a file with executable or multiple extensions to a project issue. | ||||
| CVE-2006-5858 | 2 Adobe, Microsoft | 3 Coldfusion, Jrun, Internet Information Services | 2026-04-23 | N/A |
| Adobe ColdFusion MX 7 through 7.0.2, and JRun 4, when run on Microsoft IIS, allows remote attackers to read arbitrary files, list directories, or read source code via a double URL-encoded NULL byte in a ColdFusion filename, such as a CFM file. | ||||
| CVE-2006-5860 | 1 Adobe | 2 Coldfusion, Jrun | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the administrator console for Adobe JRun 4.0, as used in ColdFusion, allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2006-5863 | 1 Otterware | 1 Letterit2 | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in inc/session.php for LetterIt 2 allows remote attackers to execute arbitrary PHP code via a URL in the lang parameter. | ||||
| CVE-2006-5865 | 1 Damien Benier | 1 Myalbum | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in language.inc.php in MyAlbum 3.02 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the langs_dir parameter. | ||||