Export limit exceeded: 361823 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361823 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-2092 | 1 Hp | 1 Storageworks Secure Path Windows | 2026-04-16 | N/A |
| Unspecified vulnerability in HP StorageWorks Secure Path for Windows 4.0C-SP2 before 20060419 allows remote attackers to cause an unspecified denial of service via unknown vectors. | ||||
| CVE-2006-2093 | 1 Nessus | 1 Nessus | 2026-04-16 | N/A |
| Nessus before 2.2.8, and 3.x before 3.0.3, allows user-assisted attackers to cause a denial of service (memory consumption) via a NASL script that calls split with an invalid sep parameter. NOTE: a design goal of the NASL language is to facilitate sharing of security tests by guaranteeing that a script "can not do anything nasty." This issue is appropriate for CVE only if Nessus users have an expectation that a split statement will not use excessive memory. | ||||
| CVE-2004-2475 | 1 Google | 1 Toolbar | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Google Toolbar 2.0.114.1 allows remote attackers to inject arbitrary web script via about.html in the About section. NOTE: some followup posts suggest that the demonstration code's use of the res:// protocol does not cross privilege boundaries, since it is not allowed in the Internet Zone. Thus this might not be a vulnerability. | ||||
| CVE-2006-2094 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Microsoft Internet Explorer before Windows XP Service Pack 2 and Windows Server 2003 Service Pack 1, when Prompt is configured in Security Settings, uses modal dialogs to verify that a user wishes to run an ActiveX control or perform other risky actions, which allows user-assisted remote attackers to construct a race condition that tricks a user into clicking an object or pressing keys that are actually applied to a "Yes" approval for executing the control. | ||||
| CVE-2004-2479 | 2 National Science Foundation, Redhat | 2 Squid Web Proxy Cache, Enterprise Linux | 2026-04-16 | N/A |
| Squid Web Proxy Cache 2.5 might allow remote attackers to obtain sensitive information via URLs containing invalid hostnames that cause DNS operations to fail, which results in references to previously used error messages. | ||||
| CVE-2006-2096 | 1 Neocrome | 1 Land Down Under | 2026-04-16 | N/A |
| plug.php in Land Down Under (LDU) 802 and earlier allows remote attackers to obtain sensitive information via an invalid (1) month or (2) year parameter, which reveals the path in an error message. | ||||
| CVE-2004-2481 | 1 Myproxy | 1 Myproxy | 2026-04-16 | N/A |
| MyProxy 6.58 allows remote authenticated users in the Users Tab to connect to arbitrary hosts from the MyProxy server, possibly bypassing access restrictions, by connecting to the proxy and issuing a CONNECT command. | ||||
| CVE-2004-2483 | 1 Kerio | 1 Winroute Firewall | 2026-04-16 | N/A |
| Kerio WinRoute Firewall before 6.0.9 uses information from PTR queries in response to A queries, which allows remote attackers to poison the DNS cache or cause a denial of service (connection loss). | ||||
| CVE-2004-2484 | 1 Php Gift Registry | 1 Phpgiftreg | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in PHP Gift Registry 1.3.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the message parameter to (1) event.php or (2) index.php. | ||||
| CVE-2004-2490 | 1 Ibm | 2 Informix Dynamic Server, Informix Extended Parallel Server | 2026-04-16 | N/A |
| Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.xC1 and 9.40.xC2 allows local users to execute arbitrary code via a long GL_PATH environment variable. | ||||
| CVE-2006-2098 | 1 Php Thumbnail Autoindex | 1 Php Thumbnail Autoindex | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in Thumbnail AutoIndex before 2.0 allows remote attackers to execute arbitrary PHP code via (1) README.html or (2) HEADER.html. | ||||
| CVE-2004-2492 | 1 Hitachi | 1 Groupmax World Wide Web Desktop | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Groupmax World Wide Web (GmaxWWW) Desktop 5, 6, and Desktop for Jichitai 6, allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter. | ||||
| CVE-2006-2100 | 1 Magic Iso Maker | 1 Magic Iso Maker | 2026-04-16 | N/A |
| Directory traversal vulnerability in Magic ISO 5.0 Build 0166 allows remote attackers to write arbitrary files via a .. (dot dot) in a filename in an ISO image. | ||||
| CVE-2006-4540 | 1 Learn.com | 1 Learncenter | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in learncenter.asp in Learn.com LearnCenter allows remote attackers to inject arbitrary web script or HTML via the id parameter. | ||||
| CVE-2004-2498 | 1 Hitachi | 2 Web Page Generator, Web Page Generator Enterprise | 2026-04-16 | N/A |
| Unspecified vulnerability in the error handler in Hitachi Web Page Generator and Web Page Generator Enterprise 4.01 and earlier, when using the default error template and debug mode is set to ON, allows remote attackers to determine internal directory structures via unknown attack vectors. | ||||
| CVE-2004-2499 | 1 Hitachi | 2 Web Page Generator, Web Page Generator Enterprise | 2026-04-16 | N/A |
| Unspecified vulnerability in Hitachi Web Page Generator and Web Page Generator Enterprise 4.01 and earlier allows remote attackers to cause a denial of service via unknown attack vectors when a web site is "improperly accessed." | ||||
| CVE-2006-4541 | 1 Iss | 1 Blackice Pc Protection | 2026-04-16 | N/A |
| RapDrv.sys in BlackICE PC Protection 3.6.cpn, cpj, cpiE, and possibly 3.6 and earlier, allows local users to cause a denial of service (crash) via a NULL third argument to the NtOpenSection API function. NOTE: it was later reported that 3.6.cqn is also affected. | ||||
| CVE-2004-2503 | 1 Inweb | 1 Mail Server | 2026-04-16 | N/A |
| INweb Mail Server 2.40 allows remote attackers to cause a denial of service (crash) via a large number of connect/disconnect actions to the (1) POP3 and (2) SMTP services. | ||||
| CVE-2006-2103 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-16 | N/A |
| SQL injection vulnerability in MyBB (MyBulletinBoard) 1.1.1 allows remote authenticated administrators to execute arbitrary SQL commands via the (1) query string ($querystring variable) in (a) admin/adminlogs.php, which is not properly handled by adminfunctions.php; or (2) setid, (3) expand, (4) title, or (5) sid2 parameters to (b) admin/templates.php. | ||||
| CVE-2004-2510 | 1 Ubbcentral | 1 Ubb.threads | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in showflat.php in Infopop UBB.Threads before 6.5 allows remote attackers to inject arbitrary web script or HTML via the Cat parameter. | ||||