Export limit exceeded: 363815 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29946 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-2648 | 1 Aspbb | 1 Aspbb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in perform_search.asp for ASPBB 0.52 and earlier allows remote attackers to inject arbitrary HTML or web script via the search parameter. | ||||
| CVE-2006-2629 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| Race condition in Linux kernel 2.6.15 to 2.6.17, when running on SMP platforms, allows local users to cause a denial of service (crash) by creating and exiting a large number of tasks, then accessing the /proc entry of a task that is exiting, which causes memory corruption that leads to a failure in the prune_dcache function or a BUG_ON error in include/linux/list.h. | ||||
| CVE-2006-2630 | 1 Symantec | 2 Client Security, Norton Antivirus | 2026-04-16 | N/A |
| Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Security 3.1 allows remote attackers to execute arbitrary code via unknown attack vectors. | ||||
| CVE-2006-2632 | 1 Andrew Godwin | 1 Bytehoard | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Andrew Godwin ByteHoard 2.1 and earlier allows remote authenticated users to inject arbitrary web script or HTML via file descriptions. | ||||
| CVE-2006-2633 | 1 Andrew Godwin | 1 Bytehoard | 2026-04-16 | N/A |
| Absolute path traversal vulnerability in the copy action in index.php in Andrew Godwin ByteHoard 2.1 and earlier allows remote authenticated users to create or overwrite files in other users' directories by specifying the absolute path of the directory in the infolder parameter and simultaneously specifying the filename in the filepath parameter. | ||||
| CVE-2006-2639 | 1 Phpsimplechoose | 1 Phpsimplechoose | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the input forms in prattmic and Master5006 PHPSimpleChoose 0.3 allows remote attackers to inject arbitrary web script or HTML via a javascript URI in the SRC attribute of an IMG element. | ||||
| CVE-2006-2641 | 1 John Frank | 1 Asset Manager | 2026-04-16 | N/A |
| ** UNVERIFIABLE ** NOTE: this issue does not contain any verifiable or actionable details. Cross-site scripting (XSS) vulnerability in John Frank Asset Manager (AssetMan) 2.4a and earlier allows remote attackers to inject arbitrary web script or HTML via "any of its input." NOTE: the original disclosure is based on vague researcher claims without vendor acknowledgement; therefore this identifier cannot be linked with any future identifier that identifies more specific vectors. Perhaps this should not be included in CVE. | ||||
| CVE-2004-2607 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| A numeric casting discrepancy in sdla_xfer in Linux kernel 2.6.x up to 2.6.5 and 2.4 up to 2.4.29-rc1 allows local users to read portions of kernel memory via a large len argument, which is received as an int but cast to a short, which prevents a read loop from filling a buffer. | ||||
| CVE-2006-2642 | 1 Php-residence | 1 Php-residence | 2026-04-16 | N/A |
| ** UNVERIFIABLE ** NOTE: this issue does not contain any verifiable or actionable details. Cross-site scripting (XSS) vulnerability in Marco M. F. De Santis Php-residence 0.6 and earlier allows remote attackers to inject arbitrary web script or HTML via "any of its input." NOTE: the original disclosure is based on vague researcher claims without vendor acknowledgement; therefore this identifier cannot be linked with any future identifier that identifies more specific vectors. Perhaps this should not be included in CVE. | ||||
| CVE-2006-2643 | 1 Circle R | 1 Monster Top List | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Monster Top List (MTL) 1.4 allows remote attackers to inject arbitrary web script or HTML via the user_error_message parameter. | ||||
| CVE-2006-2652 | 1 Wikini | 1 Wikini | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in WikiNi 0.4.2 and earlier allows remote attackers to inject arbitrary HTML and web script by editing a Wiki page to contain the script. | ||||
| CVE-2002-1025 | 1 Macromedia | 1 Jrun | 2026-04-16 | N/A |
| JRun 3.0 through 4.0 allows remote attackers to read JSP source code via an encoded null byte in an HTTP GET request, which causes the server to send the .JSP file unparsed. | ||||
| CVE-2006-2665 | 1 V-webmail | 1 V-webmail | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in includes/mailaccess/pop3/core.php in V-Webmail 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[pear_dir] parameter. | ||||
| CVE-2006-2666 | 1 V-webmail | 1 V-webmail | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in includes/mailaccess/pop3.php in V-Webmail 1.5 through 1.6.4 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[pear_dir] parameter. | ||||
| CVE-2006-2673 | 1 E-board | 1 Elite-board | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.html in Bulletin Board Elite-Board (E-Board) 1.1 allows remote attackers to inject arbitrary web script or HTML via the search box. | ||||
| CVE-2004-2618 | 1 Pegasi Web Server | 1 Pegasi Web Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Pegasi Web Server (PWS) 0.2.2 allows remote attackers to inject arbitrary web script or HTML via the URI, directly after the initial '/' (slash). | ||||
| CVE-2006-2675 | 1 Ubbcentral | 1 Ubb.threads | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in ubbt.inc.php in UBBThreads 5.x and 6.x allows remote attackers to execute arbitrary PHP code via a URL in the (1) thispath or (2) configdir parameters. | ||||
| CVE-2006-2676 | 1 Sitescape | 1 Sitescape Forum | 2026-04-16 | N/A |
| Dispatch.cgi/_user/uservCard/ in SiteScape Forum 7.2 and possibly earlier generates different responses in a way that allows remote attackers to enumerate valid usernames. | ||||
| CVE-1999-0189 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Solaris rpcbind listens on a high numbered UDP port, which may not be filtered since the standard port number is 111. | ||||
| CVE-1999-0198 | 2026-04-16 | N/A | ||
| finger .@host on some systems may print information on some user accounts. | ||||