Export limit exceeded: 365648 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (365648 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-4368 1 Integramod 1 Integramod Portal 2026-04-16 N/A
PHP remote file inclusion vulnerability in includes/functions_portal.php in IntegraMOD Portal 2.x and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2006-2230 1 Xine 1 Xine 2026-04-16 N/A
Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine 0.99.4 might allow attackers to cause a denial of service via format string specifiers in an MP3 filename specified on the command line. NOTE: this is a different vulnerability than CVE-2006-1905. In addition, if the only attack vectors involve a user-assisted, local command line argument of a non-setuid program, this issue might not be a vulnerability.
CVE-2006-0461 1 Pmachine 1 Expressionengine 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in core.input.php in ExpressionEngine 1.4.1 allows remote attackers to inject arbitrary web script or HTML via HTTP_REFERER (referer).
CVE-2006-0465 1 Active121 1 Site Manager 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in risultati_ricerca.php in active121 Site Manager allows remote attackers to inject arbitrary web script or HTML via the cerca parameter.
CVE-1999-0125 3 Redhat, Sgi, Sun 4 Linux, Irix, Solaris and 1 more 2026-04-16 N/A
Buffer overflow in SGI IRIX mailx program.
CVE-2006-0736 1 Novell 2 Linux Desktop, Open Enterprise Server 2026-04-16 N/A
Stack-based buffer overflow in the pam_micasa PAM authentication module in CASA on Novell Linux Desktop 9 and Open Enterprise Server 1 allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2006-0721 1 Runcms 1 Runcms 2026-04-16 N/A
SQL injection vulnerability in pmlite.php in RunCMS 1.2 and 1.3a allows remote attackers to execute arbitrary SQL commands via the to_userid parameter.
CVE-2006-2421 1 Pragma Systems 1 Fortressssh 2026-04-16 N/A
Stack-based buffer overflow in Pragma FortressSSH 4.0.7.20 allows remote attackers to execute arbitrary code via long SSH_MSG_KEXINIT messages, which may cause an overflow when being logged. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-0049 2 Gnu, Redhat 2 Privacy Guard, Enterprise Linux 2026-04-16 N/A
gpg in GnuPG before 1.4.2.2 does not properly verify non-detached signatures, which allows attackers to inject unsigned data via a data packet that is not associated with a control packet, which causes the check for concatenated signatures to report that the signature is valid, a different vulnerability than CVE-2006-0455.
CVE-2006-2348 1 Oasyssoft 1 E-business Designer 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in form_grupo.html in E-Business Designer (eBD) 3.1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: this issue might be resultant from SQL injection.
CVE-2004-2291 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Microsoft Windows Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code via an embedded script that uses Shell Helper objects and a shortcut (link) to execute the target script.
CVE-2006-1710 1 Design Nation 1 Dnguestbook 2026-04-16 N/A
SQL injection vulnerability in admin.php in Design Nation DNGuestbook 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) email and (2) id parameters.
CVE-2004-2472 1 Agnitum 1 Outpost Firewall 2026-04-16 N/A
Agnitum Outpost Pro Firewall 2.1 allows remote attackers to cause a denial of service (CPU consumption) via a flood of small, invalid packets, which can not be processed quickly enough by Outpost Pro.
CVE-2004-2281 1 Ibm 1 Lotus Notes 2026-04-16 N/A
Multiple unknown vulnerabilities in IBM Lotus Notes 6.5.x before 6.5.4 and 6.0.x before 6.0.5 have unknown impact and attack vectors, related to Java applets, as identified by (1) KSPR5YS6GR and (2) KSPR62F4D3.
CVE-2006-0690 1 Scheduling Management.com 1 Time Tracking Software 2026-04-16 N/A
Multiple SQL injection vulnerabilities in TTS Time Tracking Software 3.0 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2004-2272 1 Evan Sims 1 Effingerd 2026-04-16 N/A
Buffer overflow in the sockFinger_DataArrival function in efFingerD 0.2.12 allows remote attackers to cause a denial of service (daemon crash) via a long finger command.
CVE-2006-4254 1 Ibm 1 Aix 2026-04-16 N/A
Unspecified vulnerability in setlocale in IBM AIX 5.1.0 through 5.3.0 allows local users to gain privileges via unspecified vectors.
CVE-2004-2461 1 Gnu 1 Gnubiff 2026-04-16 N/A
Buffer overflow in pop3.c in gnubiff before 2.0.0 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code.
CVE-2004-2454 1 Amsn 1 Amsn 2026-04-16 N/A
aMSN 0.90 for Microsoft Windows allows local users to obtain sensitive information such as hashed passwords from (1) hotlog.htm and (2) config.xml.
CVE-2004-2260 1 Opera 1 Opera Browser 2026-04-16 N/A
Opera Browser 7.23, and other versions before 7.50, updates the address bar as soon as the user clicks a link, which allows remote attackers to redirect to other sites via the onUnload attribute.