Export limit exceeded: 365780 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (365780 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-0339 | 1 Bitcomet | 1 Bitcomet | 2026-04-16 | N/A |
| Buffer overflow in BitComet Client 0.60 allows remote attackers to execute arbitrary code, when the publisher's name link is clicked, via a long publisher URI in a torrent file. | ||||
| CVE-2006-2944 | 1 Cgi-rescue | 1 Form2mail | 2026-04-16 | N/A |
| Unspecified vulnerability in CGI-RESCUE FORM2MAIL 1.21 and earlier allows remote attackers to inject email headers, which facilitates sending spam messages. NOTE: the details for this issue are obtained from third party information. | ||||
| CVE-2006-0337 | 1 F-secure | 4 F-secure Anti-virus, F-secure Internet Security, Internet Gatekeeper and 1 more | 2026-04-16 | N/A |
| Buffer overflow in multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allows remote attackers to execute arbitrary code via crafted ZIP archives. | ||||
| CVE-2006-0333 | 1 Ar-blog | 1 Ar-blog | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in ar-blog 5.2 allows remote attackers to inject arbitrary web script or HTML via the (1) month or (2) year parameter to index.php. | ||||
| CVE-2006-0349 | 1 Epic Designs | 1 Eggblog | 2026-04-16 | N/A |
| SQL injection vulnerability in eggblog 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to blog.php. | ||||
| CVE-2006-0330 | 1 Gallery Project | 1 Gallery | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Gallery before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors, possibly involving the user name (fullname). | ||||
| CVE-2006-0328 | 1 Philippe Jounin | 1 Tftpd32 | 2026-04-16 | N/A |
| Format string vulnerability in Tftpd32 2.81 allows remote attackers to cause a denial of service via format string specifiers in a filename in a (1) GET or (2) SEND request. | ||||
| CVE-2003-0025 | 1 Horde | 1 Imp | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in IMP 2.2.8 and earlier allow remote attackers to perform unauthorized database activities and possibly gain privileges via certain database functions such as check_prefs() in db.pgsql, as demonstrated using mailbox.php3. | ||||
| CVE-2006-0327 | 1 Typo3 | 1 Typo3 | 2026-04-16 | N/A |
| TYPO3 3.7.1 allows remote attackers to obtain sensitive information via a direct request to (1) thumbs.php, (2) showpic.php, or (3) tables.php, which causes them to incorrectly define a variable and reveal the path in an error message when a require function call fails. | ||||
| CVE-2002-2268 | 1 Netdave | 1 Webster Http Server | 2026-04-16 | N/A |
| Buffer overflow in Webster HTTP Server allows remote attackers to execute arbitrary code via a long URL. | ||||
| CVE-2006-4424 | 1 Coinsoft Technologies | 1 Phpcoin | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in coin_includes/constants.php in phpCOIN 1.2.3 allows remote attackers to execute arbitrary PHP code via the _CCFG[_PKG_PATH_INCL] parameter. | ||||
| CVE-2006-4231 | 1 Irfanview | 1 Irfanview | 2026-04-16 | N/A |
| IrfanView 3.98 (with plugins) allows remote attackers to cause a denial of service (application crash) via a crafted CUR image file. | ||||
| CVE-2005-2831 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, aka a variant of the "COM Object Instantiation Memory Corruption Vulnerability," a different vulnerability than CVE-2005-2127. | ||||
| CVE-2000-1005 | 1 Extropia | 1 Extropia Webstore | 2026-04-16 | N/A |
| Directory traversal vulnerability in html_web_store.cgi and web_store.cgi CGI programs in eXtropia WebStore allows remote attackers to read arbitrary files via a .. (dot dot) attack on the page parameter. | ||||
| CVE-2006-4421 | 1 Yapig | 1 Yapig | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in template/default/thanks_comment.php in Yet Another PHP Image Gallery (YaPIG) 0.95b allows remote attackers to inject arbitrary web script or HTML via the D_REFRESH_URL parameter. | ||||
| CVE-2005-3435 | 1 Archilles | 1 Newsworld | 2026-04-16 | 9.8 Critical |
| admin_news.php in Archilles Newsworld up to 1.3.0 allows attackers to bypass authentication by obtaining the password hash for another user, for example through another Newsworld vulnerability, and specifying the hash in the pwd argument. | ||||
| CVE-2005-3343 | 1 Tkdiff | 1 Tkdiff | 2026-04-16 | N/A |
| tkdiff before 4.1.1 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2006-4420 | 1 Phaos | 1 Phaos | 2026-04-16 | N/A |
| Directory traversal vulnerability in include_lang.php in Phaos 0.9.2 allows remote attackers to include arbitrary local files via ".." sequences in the lang parameter. | ||||
| CVE-2005-3329 | 1 Rsa | 1 Authentication Agent For Web | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in RSA Authentication Agent for Web 5.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the image parameter in a GetPic operation. | ||||
| CVE-2005-3327 | 1 Network Appliance | 1 Data Ontap | 2026-04-16 | N/A |
| Network Appliance Data ONTAP 7.0 and earlier allows iSCSI Initiators to bypass iSCSI authentication via a modified client that skips the Security (Start) mode, as required by the Login Negotiation protocol, and uses Operational mode without proving identity. | ||||