Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-2437 1 Caucho Technology 1 Resin 2026-04-16 N/A
The viewfile servlet in the documentation package (resin-doc) for Caucho Resin 3.0.17 and 3.0.18 allows remote attackers to obtain the source code for file under the web root via the file parameter.
CVE-2006-2444 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The snmp_trap_decode function in the SNMP NAT helper for Linux kernel before 2.6.16.18 allows remote attackers to cause a denial of service (crash) via unspecified remote attack vectors that cause failures in snmp_trap_decode that trigger (1) frees of random memory or (2) frees of previously-freed memory (double-free) by snmp_trap_decode as well as its calling function, as demonstrated via certain test cases of the PROTOS SNMP test suite.
CVE-2005-1518 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Unknown vulnerability in Solaris 7 through 9, when using Federated Naming Services (FNS), autofs, and FNS X.500 configuration, allows local users to cause a denial of service (automountd crash) when "accessing" /xfn/_x500.
CVE-2005-1519 2 Redhat, Squid 2 Enterprise Linux, Squid 2026-04-16 N/A
Squid 2.5 STABLE9 and earlier, when the DNS client port is unfiltered and the environment does not prevent IP spoofing, allows remote attackers to spoof DNS lookups.
CVE-2005-1525 1 The Cacti Group 1 Cacti 2026-04-16 N/A
SQL injection vulnerability in config_settings.php for Cacti before 0.8.6e allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2005-1543 1 Novell 5 Zenworks, Zenworks Desktops, Zenworks Remote Management and 2 more 2026-04-16 N/A
Multiple stack-based and heap-based buffer overflows in Remote Management authentication (zenrem32.exe) on Novell ZENworks 6.5 Desktop and Server Management, ZENworks for Desktops 4.x, ZENworks for Servers 3.x, and Remote Management allows remote attackers to execute arbitrary code via (1) unspecified vectors, (2) type 1 authentication requests, and (3) type 2 authentication requests.
CVE-2005-1553 1 Geovision 1 Digital Surveillance System 2026-04-16 N/A
GeoVision Digital Video Surveillance System 6.04, 6.1 and 7.0 uses a weak encryption scheme to encrypt passwords, which allows remote attackers to obtain the password via sniffing.
CVE-2005-1558 1 Neteyes 1 Nexusway 2026-04-16 N/A
The web module in Neteyes Nexusway allows remote attackers to bypass authentication and gain administrator privileges by setting the cyclone500_auth cookie.
CVE-2005-1559 1 Neteyes 1 Nexusway 2026-04-16 N/A
The web module in Neteyes Nexusway allows remote attackers to execute arbitrary commands via hex-encoded shell metacharacters in the ip parameter for (1) nslookup.cgi or (2) ping.cgi.
CVE-2005-1896 1 Flatnuke 1 Flatnuke 2026-04-16 N/A
Directory traversal vulnerability in thumb.php in FlatNuke 2.5.3 allows remote attackers to read arbitrary images or obtain the installation path via the image parameter.
CVE-2005-1900 1 Sawmill 1 Sawmill 2026-04-16 N/A
Sawmill before 7.1.6 allows remote attackers to bypass authentication and (1) gain administrative privileges or (2) add a license.
CVE-2005-1914 1 Centericq 1 Centericq 2026-04-16 N/A
CenterICQ 4.20.0 and earlier creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack on the gg.token.PID temporary file.
CVE-2006-2539 1 Sybase 1 Easerver 2026-04-16 N/A
Sybase EAServer 5.0 for HP-UX Itanium, 5.2 for IBM AIX, HP-UX PA-RISC, Linux x86, and Sun Solaris SPARC, and 5.3 for Sun Solaris SPARC does not properly protect passwords when they are being entered via the GUI, which allows local users to obtain the cleartext passwords via the getSelectedText function in javax.swing.JPasswordField component.
CVE-2006-2541 1 John Andersson 1 Zixforum 2026-04-16 N/A
SQL injection vulnerability in settings.asp in Zixforum 1.12 allows remote attackers to execute arbitrary SQL commands via the layid parameter to (1) login.asp and (2) main.asp.
CVE-2006-2543 1 Xtreme Scripts 1 Xtreme Topsites 2026-04-16 N/A
Xtreme Topsites 1.1 allows remote attackers to trigger MySQL errors and possibly conduct SQL injection attacks via unspecified vectors in join.php.
CVE-2006-2544 1 Xtreme Scripts 1 Xtreme Topsites 2026-04-16 N/A
Multiple SQL injection vulnerabilities in Xtreme Topsites 1.1, with magic_quotes_gpc disabled, allow remote attackers to execute arbitrary SQL commands via the (1) searchthis parameter in lostid.php and (2) id parameter in stats.php. NOTE: the provenance of this information is unknown; portions of the details are obtained from third party information.
CVE-2005-1932 1 Lpanel 1 Lpanel 2026-04-16 N/A
Lpanel 1.59 and earlier, and other versions before 1.597, allows remote authenticated users to modify certain critical variables and (1) modify DNS settings for arbitrary domains via the domain parameter to diagnose.php, (2) close, open, or respond to arbitrary support tickets via the close, open, or pid parameter to view_ticket.php, (3) obtain sensitive information on arbitrary invoices via the inv parameter to viewreceipt.php, or (4) modify domain information for arbitrary domains via the editdomain parameter to domains.php.
CVE-2006-2554 1 Genecys 1 Genecys 2026-04-16 N/A
Buffer overflow in the tell_player_surr_changes function in Genecys 0.2 and earlier might allow remote attackers to execute arbitrary code via long arguments.
CVE-2005-2019 1 Freebsd 1 Freebsd 2026-04-16 N/A
ipfw in FreeBSD 5.4, when running on Symmetric Multi-Processor (SMP) or Uni Processor (UP) systems with the PREEMPTION kernel option enabled, does not sufficiently lock certain resources while performing table lookups, which can cause the cache results to be corrupted during multiple concurrent lookups, allowing remote attackers to bypass intended access restrictions.
CVE-2005-2021 1 Cpanel 1 Cpanel 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in cPanel 9.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the user parameter in the login page.