Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-1132 1 Lg Electronics 1 Lg Mobile Phone 2026-04-16 N/A
LG U8120 mobile phone allows remote attackers to cause a denial of service (device crash) via a malformed MIDI file.
CVE-2006-0616 1 Sun 2 Jdk, Jre 2026-04-16 N/A
Unspecified vulnerability in Sun Java JDK and JRE 5.0 Update 4 and earlier allows remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "fourth issue."
CVE-2006-4636 1 Szewo 1 Phpcommander 2026-04-16 N/A
Directory traversal vulnerability in SZEWO PhpCommander 3.0 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the Directory parameter, as demonstrated by parameter values naming Apache HTTP Server log files that apparently contain PHP code.
CVE-2005-1138 1 Kerio 1 Kerio Mailserver 2026-04-16 N/A
Unknown vulnerability in WebMail in Kerio MailServer before 6.0.9 allows remote attackers to cause a denial of service (CPU consumption) via certain e-mail messages.
CVE-2006-0617 1 Sun 2 Jdk, Jre 2026-04-16 N/A
Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 Update 5 and earlier allow remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "fifth, sixth, and seventh issues."
CVE-2006-4650 1 Cisco 1 Ios 2026-04-16 N/A
Cisco IOS 12.0, 12.1, and 12.2, when GRE IP tunneling is used and the RFC2784 compliance fixes are missing, does not verify the offset field of a GRE packet during decapsulation, which leads to an integer overflow that references data from incorrect memory locations, which allows remote attackers to inject crafted packets into the routing queue, possibly bypassing intended router ACLs.
CVE-2006-4654 1 Efs Software 1 Easy Address Book Web Server 2026-04-16 N/A
Format string vulnerability in Easy Address Book Web Server 1.2 allows remote attackers to cause a denial of service (crash) or "compromise the server" via encoded format string specifiers in the query string.
CVE-2006-4659 1 Panda 1 Panda Platinum Internet Security 2026-04-16 N/A
The Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 uses predictable URLs for the spam classification of each message, which allows remote attackers to cause Panda to classify arbitrary messages as spam via a web page that contains IMG tags with the predictable URLs. NOTE: this issue could also be regarded as a cross-site request forgery (CSRF) vulnerability.
CVE-2006-0621 1 Qnx 1 Rtos 2026-04-16 N/A
Multiple buffer overflows in QNX Neutrino RTOS 6.2.0 allow local users to execute arbitrary code via a long first argument to the (1) su or (2) passwd commands.
CVE-2006-4663 1 Linux 1 Linux Kernel 2026-04-16 7.8 High
The source code tar archive of the Linux kernel 2.6.16, 2.6.17.11, and possibly other versions specifies weak permissions (0666 and 0777) for certain files and directories, which might allow local users to insert Trojan horse source code that would be used during the next kernel compilation. NOTE: another researcher disputes the vulnerability, stating that he finds "Not a single world-writable file or directory." CVE analysis as of 20060908 indicates that permissions will only be weak under certain unusual or insecure scenarios
CVE-2006-4664 1 Premod Shadow 1 Premod Shadow 2026-04-16 N/A
PHP remote file inclusion vulnerability in includes/functions_portal.php in Premod Shadow 2.7.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2006-4669 1 Somery 1 Somery 2026-04-16 N/A
PHP remote file inclusion vulnerability in admin/system/include.php in Somery 0.4.6 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the skindir parameter.
CVE-2005-1893 1 Flatnuke 1 Flatnuke 2026-04-16 N/A
FlatNuke 2.5.3 allows remote attackers to obtain sensitive information via invalid parameters to certain scripts, which leaks the web document root in an error message.
CVE-2006-2716 1 Secure Elements 1 C5 Enterprise Vulnerability Management 2026-04-16 N/A
Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 uses a hard-coded user ID and password, which allows remote attackers to gain access to the server.
CVE-2005-1898 1 Phpthumb 1 Phpthumb 2026-04-16 N/A
The passthrough functionality in phpThumb.php in phpThumb() before 1.5.4 allows remote attackers to read files that are not images.
CVE-2005-1899 1 Rakkarsoft 1 Raknet 2026-04-16 N/A
Rakkarsoft RakNet network library 2.33 and earlier, when released before 30 May 2005, and as used in multiple products including nFusion Elite Warriors: Vietnam, allows remote attackers to cause a denial of service (infinite loop) via a zero-byte UDP packet.
CVE-2006-0837 1 Micromuse 1 Netcool Neusecure 2026-04-16 N/A
IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 has world-readable permissions for (1) /etc/neusecure.conf, (2) /opt/NeuSecure/etc/cms-3.0.236.buildconf, and (3) /opt/NeuSecure/bin/ns_archiver.log, which allows local users to read sensitive information such as passwords. NOTE: IBM has privately confirmed to CVE that a fix is available for these issues.
CVE-2005-1903 1 E-post Corporation 1 Spa-pro Mail Atsolomon 2026-04-16 N/A
Buffer overflow in the IMAP service for SPA-PRO Mail @Solomon 4.00 allows remote authenticated users to execute arbitrary code via a long CREATE command.
CVE-2005-1911 1 Leafnode 1 Leafnode 2026-04-16 N/A
The fetchnews NNTP client in leafnode 1.11.2 and earlier can hang while waiting for input that never arrives, which allows remote NNTP servers to cause a denial of service (news loss).
CVE-2006-2721 1 Variomat 1 Variomat 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in news.php in VARIOMAT allows remote attackers to inject arbitrary HTML or web script via the subcat parameter. NOTE: this issue might be resultant from SQL injection.