Export limit exceeded: 29908 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29908 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-0057 | 5 Eric Allman, Freebsd, Hp and 2 more | 7 Vacation, Freebsd, Hp-ux and 4 more | 2026-04-16 | N/A |
| Vacation program allows command execution by remote users through a sendmail command. | ||||
| CVE-1999-0781 | 3 Freebsd, Kde, Linux | 3 Freebsd, Kde, Linux Kernel | 2026-04-16 | N/A |
| KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables. | ||||
| CVE-2006-2479 | 1 Bitrix | 1 Bitrix Site Manager | 2026-04-16 | N/A |
| The Update functionality in Bitrix Site Manager 4.1.x does not verify the authenticity of downloaded updates, which allows remote attackers to obtain sensitive information and ultimately execute arbitrary PHP code via DNS cache poisoning that redirects the user to a malicious site. | ||||
| CVE-2006-3515 | 1 Myiosoft.com | 1 Ajaxportal | 2026-04-16 | N/A |
| SQL injection vulnerability in the loginADP function in ajaxp.php in AjaxPortal 3.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password parameters. | ||||
| CVE-2006-2651 | 1 Vacation Rentals | 1 Vacation Rental Script | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Vacation Rental Script 1.0 allows remote attackers to inject arbitrary web script or HTML via the obj parameter. | ||||
| CVE-2006-0494 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-16 | N/A |
| Directory traversal vulnerability in MyBB (aka MyBulletinBoard) 1.02 allows local users with MyBB administrative privileges to include and possibly execute arbitrary local files via directory traversal sequences and a nul (%00) character in the plugin parameter. | ||||
| CVE-2006-3060 | 1 Webexceluk | 1 P.a.i.d | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in P.A.I.D 2.2 allows remote attackers to inject arbitrary web script or HTML via the (1) read parameter in index.php, (2) farea parameter in faq.php, and (3) unspecified input fields on the "My Account" login page. | ||||
| CVE-2001-0746 | 1 Iplanet | 1 Iplanet Web Server | 2026-04-16 | N/A |
| Buffer overflow in Web Publisher in iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a request for a long URI with (1) GETPROPERTIES, (2) GETATTRIBUTENAMES, or other methods. | ||||
| CVE-2006-0587 | 1 Gallery Project | 1 Gallery | 2026-04-16 | N/A |
| Unspecified vulnerability in util.php in Gallery before 1.5.2-pl2 allows remote authenticated users with trick an owner into modifying stored album data and possibly executing arbitrary code via unspecified vectors involving a crafted link to a crafted file. | ||||
| CVE-2005-3745 | 2 Apache, Redhat | 2 Struts, Rhel Application Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Apache Struts 1.2.7, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the query string, which is not properly quoted or filtered when the request handler generates an error message. | ||||
| CVE-2006-0606 | 1 Unknown Domain | 1 Shoutbox | 2026-04-16 | N/A |
| SQL injection vulnerability in Unknown Domain Shoutbox 2005.07.21 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors. | ||||
| CVE-2006-0607 | 1 Hinton Design | 1 Phphd | 2026-04-16 | N/A |
| check.php in Hinton Design phphd 1.0 does not check passwords when certain cookies are provided, which allows remote attackers to bypass authentication. | ||||
| CVE-2005-0038 | 1 Powerdns | 1 Powerdns | 2026-04-16 | N/A |
| The DNS implementation of PowerDNS 2.9.16 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop. | ||||
| CVE-2005-0051 | 1 Microsoft | 1 Windows Xp | 2026-04-16 | N/A |
| The Server service (srvsvc.dll) in Windows XP SP1 and SP2 allows remote attackers to obtain sensitive information (users who are accessing resources) via an anonymous logon using a named pipe, which is not properly authenticated, aka the "Named Pipe Vulnerability." | ||||
| CVE-2005-0096 | 2 Redhat, Squid | 2 Enterprise Linux, Squid | 2026-04-16 | N/A |
| Memory leak in the NTLM fakeauth_auth helper for Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (memory consumption). | ||||
| CVE-2005-0120 | 1 Helvis | 1 Helvis | 2026-04-16 | N/A |
| helvis 1.8h2_1 and earlier allows local users to delete arbitrary files via the elvprsv setuid program. | ||||
| CVE-2006-0643 | 1 Wiredred | 1 E Pop Web Conferencing | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in WiredRed e/pop Web Conferencing 4.1.0.755 allows remote authenticated users to inject arbitrary web script or HTML via the topic name of a conference. | ||||
| CVE-2006-3194 | 1 Singapore | 1 Singapore | 2026-04-16 | N/A |
| Directory traversal vulnerability in index.php in singapore 0.10.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) sequence and trailing null (%00) byte in the (1) gallery and (2) template parameter. | ||||
| CVE-2006-1928 | 1 Cisco | 1 Ios Xr | 2026-04-16 | N/A |
| Cisco IOS XR, when configured for Multi Protocol Label Switching (MPLS) and running on Cisco CRS-1 routers, allows remote attackers to cause a denial of service (Modular Services Cards (MSC) crash or "MPLS packet handling problems") via certain MPLS packets, as identified by Cisco bug IDs (1) CSCsd15970 and (2) CSCsd55531. | ||||
| CVE-2006-4658 | 1 Panda | 1 Panda Platinum Internet Security | 2026-04-16 | N/A |
| Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 uses sequential message numbers in generated URLs that are not filtered if the user replies to a message, which might allow remote attackers to determine mail usage patterns. | ||||