Export limit exceeded: 346253 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346253 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-5404 | 1 Symantec | 4 Automated Support Assistant, Norton Antivirus, Norton Internet Security and 1 more | 2026-04-23 | N/A |
| Unspecified vulnerability in an ActiveX control used in Symantec Automated Support Assistant, as used in Norton AntiVirus, Internet Security, and System Works 2005 and 2006, allows user-assisted remote attackers to obtain sensitive information via unspecified vectors. | ||||
| CVE-2006-5406 | 1 Passgo | 1 Defender | 2026-04-23 | N/A |
| Passgo Defender 5.2 creates the application directory with insecure permissions (Everyone/Full Control), which allows local users to read and modify sensitive files. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2007-2222 | 1 Microsoft | 5 Internet Explorer, Windows 2000, Windows 2003 Server and 2 more | 2026-04-23 | N/A |
| Multiple buffer overflows in the (1) ActiveListen (Xlisten.dll) and (2) ActiveVoice (Xvoice.dll) speech controls, as used by Microsoft Internet Explorer 5.01, 6, and 7, allow remote attackers to execute arbitrary code via a crafted ActiveX object that triggers memory corruption, as demonstrated via the ModeName parameter to the FindEngine function in ACTIVEVOICEPROJECTLib.DirectSS. | ||||
| CVE-2006-5408 | 1 Mobilesecure Inc | 2 Highwall Endpoint, Highwall Enterprise | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the wireless IDS management interface for Highwall Enterprise and Highwall Endpoint 4.0.2.11045 allow remote attackers to inject arbitrary HTML or web script via unspecified vectors. | ||||
| CVE-2006-5409 | 1 Mobilesecure Inc | 2 Highwall Endpoint, Highwall Enterprise | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in the wireless IDS management interface for Highwall Enterprise and Highwall Endpoint 4.0.2.11045 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2007-2225 | 1 Microsoft | 5 Outlook Express, Windows 2003 Server, Windows Mail and 2 more | 2026-04-23 | N/A |
| A component in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle certain HTTP headers when processing MHTML protocol URLs, which allows remote attackers to obtain sensitive information from other Internet Explorer domains, aka "URL Parsing Cross Domain Information Disclosure Vulnerability." | ||||
| CVE-2006-5416 | 1 F5 | 1 Firepass 1000 | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in my.acctab.php3 in F5 Networks FirePass 1000 SSL VPN 5.5, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the sid parameter. | ||||
| CVE-2006-5422 | 1 Lodel | 1 Lodel Cms | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in calcul-page.php in Lodel (patchlodel) 0.7.3 allows remote attackers to execute arbitrary PHP code via a URL in the home parameter. | ||||
| CVE-2006-5425 | 1 Xorp | 1 Extensible Open Router Platform | 2026-04-23 | N/A |
| XORP (eXtensible Open Router Platform) 1.2 and 1.3 allows remote attackers to cause a denial of service (application crash) via an Open Shortest Path First (OSPF) Link State Advertisement (LSA) with an invalid LSA length field. | ||||
| CVE-2007-2230 | 1 Broadcom | 1 Cleverpath Portal | 2026-04-23 | N/A |
| SQL injection vulnerability in CA Clever Path Portal allows remote authenticated users to execute limited SQL commands and retrieve arbitrary database contents via (1) the ofinterest parameter in a light search query, (2) description parameter in the advanced search query, and possibly other vectors. | ||||
| CVE-2006-5428 | 1 Cerberus | 1 Cerberus Helpdesk | 2026-04-23 | N/A |
| rpc.php in Cerberus Helpdesk 3.2.1 does not verify a client's privileges for a display_get_requesters operation, which allows remote attackers to bypass the GUI login and obtain sensitive information (ticket data) via a direct request. | ||||
| CVE-2007-2236 | 1 Punbb | 1 Punbb | 2026-04-23 | N/A |
| footer.php in PunBB 1.2.14 and earlier allows remote attackers to include local files in include/user/ via a cross-site scripting (XSS) attack, or via the pun_include tag, as demonstrated by use of admin_options.php to execute PHP code from an uploaded avatar file. | ||||
| CVE-2006-5434 | 1 P-news | 1 P-news | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in p-news.php in P-News 1.16 and 1.17 allows remote attackers to execute arbitrary PHP code via a URL in the pn_lang parameter. | ||||
| CVE-2006-5437 | 1 Phpadsnew | 1 Phpadsnew | 2026-04-23 | N/A |
| Directory traversal vulnerability in upgrade.php in phpAdsNew 2.0.8 allows remote attackers to read arbitrary files via a .. (dot dot) in the phpAds_config[language] parameter. NOTE: this issue could not be reproduced by a third party | ||||
| CVE-2007-3820 | 2 Kde, Redhat | 2 Konqueror, Enterprise Linux | 2026-04-23 | N/A |
| konqueror/konq_combo.cc in Konqueror 3.5.7 allows remote attackers to spoof the data: URI scheme in the address bar via a long URI with trailing whitespace, which prevents the beginning of the URI from being displayed. | ||||
| CVE-2006-5439 | 1 Comdev | 1 Comdev Misc Tools | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in adminfoot.php in Comdev Misc Tools 4.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2007-3823 | 1 Ipswitch | 1 Ws Ftp | 2026-04-23 | N/A |
| The Logging Server (Logsrv.exe) in IPSwitch WS_FTP 7.5.29.0 allows remote attackers to cause a denial of service (daemon crash) by sending a crafted packet containing a long string to port 5151/udp. | ||||
| CVE-2007-2246 | 2 Hp, Sendmail | 2 Hp-ux, Sendmail | 2026-04-23 | N/A |
| Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running sendmail 8.9.3 or 8.11.1; and HP-UX B.11.23 when running sendmail 8.11.1; allows remote attackers to cause a denial of service via unknown attack vectors. NOTE: due to the lack of details from HP, it is not known whether this issue is a duplicate of another CVE such as CVE-2006-1173 or CVE-2006-4434. | ||||
| CVE-2007-3824 | 1 Mehmet Zati Karahan | 1 Mzk Blog | 2026-04-23 | N/A |
| SQL injection vulnerability in katgoster.asp in MzK Blog (tr) allows remote attackers to execute arbitrary SQL commands via the katID parameter. | ||||
| CVE-2007-2252 | 1 Exponent | 1 Exponent Cms | 2026-04-23 | N/A |
| Directory traversal vulnerability in iconspopup.php in Exponent CMS 0.96.6 Alpha and earlier allows remote attackers to obtain sensitive information via a .. (dot dot) in the icodir parameter. | ||||