Export limit exceeded: 363815 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-2648 1 Aspbb 1 Aspbb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in perform_search.asp for ASPBB 0.52 and earlier allows remote attackers to inject arbitrary HTML or web script via the search parameter.
CVE-2006-2629 1 Linux 1 Linux Kernel 2026-04-16 N/A
Race condition in Linux kernel 2.6.15 to 2.6.17, when running on SMP platforms, allows local users to cause a denial of service (crash) by creating and exiting a large number of tasks, then accessing the /proc entry of a task that is exiting, which causes memory corruption that leads to a failure in the prune_dcache function or a BUG_ON error in include/linux/list.h.
CVE-2006-2630 1 Symantec 2 Client Security, Norton Antivirus 2026-04-16 N/A
Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Security 3.1 allows remote attackers to execute arbitrary code via unknown attack vectors.
CVE-2006-2632 1 Andrew Godwin 1 Bytehoard 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Andrew Godwin ByteHoard 2.1 and earlier allows remote authenticated users to inject arbitrary web script or HTML via file descriptions.
CVE-2006-2633 1 Andrew Godwin 1 Bytehoard 2026-04-16 N/A
Absolute path traversal vulnerability in the copy action in index.php in Andrew Godwin ByteHoard 2.1 and earlier allows remote authenticated users to create or overwrite files in other users' directories by specifying the absolute path of the directory in the infolder parameter and simultaneously specifying the filename in the filepath parameter.
CVE-2006-2639 1 Phpsimplechoose 1 Phpsimplechoose 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the input forms in prattmic and Master5006 PHPSimpleChoose 0.3 allows remote attackers to inject arbitrary web script or HTML via a javascript URI in the SRC attribute of an IMG element.
CVE-2006-2641 1 John Frank 1 Asset Manager 2026-04-16 N/A
** UNVERIFIABLE ** NOTE: this issue does not contain any verifiable or actionable details. Cross-site scripting (XSS) vulnerability in John Frank Asset Manager (AssetMan) 2.4a and earlier allows remote attackers to inject arbitrary web script or HTML via "any of its input." NOTE: the original disclosure is based on vague researcher claims without vendor acknowledgement; therefore this identifier cannot be linked with any future identifier that identifies more specific vectors. Perhaps this should not be included in CVE.
CVE-2004-2607 1 Linux 1 Linux Kernel 2026-04-16 N/A
A numeric casting discrepancy in sdla_xfer in Linux kernel 2.6.x up to 2.6.5 and 2.4 up to 2.4.29-rc1 allows local users to read portions of kernel memory via a large len argument, which is received as an int but cast to a short, which prevents a read loop from filling a buffer.
CVE-2006-2642 1 Php-residence 1 Php-residence 2026-04-16 N/A
** UNVERIFIABLE ** NOTE: this issue does not contain any verifiable or actionable details. Cross-site scripting (XSS) vulnerability in Marco M. F. De Santis Php-residence 0.6 and earlier allows remote attackers to inject arbitrary web script or HTML via "any of its input." NOTE: the original disclosure is based on vague researcher claims without vendor acknowledgement; therefore this identifier cannot be linked with any future identifier that identifies more specific vectors. Perhaps this should not be included in CVE.
CVE-2006-2643 1 Circle R 1 Monster Top List 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in Monster Top List (MTL) 1.4 allows remote attackers to inject arbitrary web script or HTML via the user_error_message parameter.
CVE-2006-2652 1 Wikini 1 Wikini 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in WikiNi 0.4.2 and earlier allows remote attackers to inject arbitrary HTML and web script by editing a Wiki page to contain the script.
CVE-2002-1025 1 Macromedia 1 Jrun 2026-04-16 N/A
JRun 3.0 through 4.0 allows remote attackers to read JSP source code via an encoded null byte in an HTTP GET request, which causes the server to send the .JSP file unparsed.
CVE-2006-2665 1 V-webmail 1 V-webmail 2026-04-16 N/A
PHP remote file inclusion vulnerability in includes/mailaccess/pop3/core.php in V-Webmail 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[pear_dir] parameter.
CVE-2006-2666 1 V-webmail 1 V-webmail 2026-04-16 N/A
PHP remote file inclusion vulnerability in includes/mailaccess/pop3.php in V-Webmail 1.5 through 1.6.4 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[pear_dir] parameter.
CVE-2006-2673 1 E-board 1 Elite-board 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in search.html in Bulletin Board Elite-Board (E-Board) 1.1 allows remote attackers to inject arbitrary web script or HTML via the search box.
CVE-2004-2618 1 Pegasi Web Server 1 Pegasi Web Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Pegasi Web Server (PWS) 0.2.2 allows remote attackers to inject arbitrary web script or HTML via the URI, directly after the initial '/' (slash).
CVE-2006-2675 1 Ubbcentral 1 Ubb.threads 2026-04-16 N/A
PHP remote file inclusion vulnerability in ubbt.inc.php in UBBThreads 5.x and 6.x allows remote attackers to execute arbitrary PHP code via a URL in the (1) thispath or (2) configdir parameters.
CVE-2006-2676 1 Sitescape 1 Sitescape Forum 2026-04-16 N/A
Dispatch.cgi/_user/uservCard/ in SiteScape Forum 7.2 and possibly earlier generates different responses in a way that allows remote attackers to enumerate valid usernames.
CVE-1999-0189 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Solaris rpcbind listens on a high numbered UDP port, which may not be filtered since the standard port number is 111.
CVE-1999-0198 2026-04-16 N/A
finger .@host on some systems may print information on some user accounts.