Export limit exceeded: 29921 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29921 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-0821 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| FreeBSD seyon allows local users to gain privileges by providing a malicious program in the -emulator argument. | ||||
| CVE-2000-0405 | 1 Atstake | 1 Antisniff | 2026-04-16 | N/A |
| Buffer overflow in L0pht AntiSniff allows remote attackers to execute arbitrary commands via a malformed DNS response packet. | ||||
| CVE-1999-0822 | 1 Qualcomm | 1 Qpopper | 2026-04-16 | N/A |
| Buffer overflow in Qpopper (qpop) 3.0 allows remote root access via AUTH command. | ||||
| CVE-1999-0823 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| Buffer overflow in FreeBSD xmindpath allows local users to gain privileges via -f argument. | ||||
| CVE-2006-1520 | 1 Libspf | 1 Libspf | 2026-04-16 | N/A |
| Format string vulnerability in ANSI C Sender Policy Framework library (libspf) before 1.0.0-p5, when debugging is enabled, allows remote attackers to execute arbitrary code via format string specifiers, possibly in an e-mail address. | ||||
| CVE-2006-1529 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2026-04-16 | N/A |
| Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due to the lack of sufficient public details from the vendor as of 20060413, it is unclear how CVE-2006-1529, CVE-2006-1530, CVE-2006-1531, and CVE-2006-1723 are different. | ||||
| CVE-2006-3080 | 1 Axent | 1 Axentforum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in viewposts.cfm in aXentForum II and earlier allows remote attackers to inject arbitrary web script or HTML via the startrow parameter. | ||||
| CVE-2006-1559 | 1 Php | 1 Php Script Index | 2026-04-16 | N/A |
| SQL injection vulnerability in PHP Script Index allows remote attackers to execute arbitrary SQL commands via the search parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-1583 | 1 Juliusz Julas Gonera | 1 Warcraft Iii Replay Parser Php | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Warcraft III Replay Parser for PHP 1.8c allows remote attackers to inject arbitrary web script or HTML via the page parameter. NOTE: post-disclosure analysis by CVE suggests that the "page" parameter is not used in this product, and "id" might be the affected parameter. | ||||
| CVE-2006-1585 | 1 3dsrc | 1 Monalbum | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in MonAlbum 0.8.7 allow remote attackers to execute arbitrary SQL commands via (1) the pc parameter in (a) index.php and (2) pnom, (3) pcourriel, and (4) pcommentaire parameters in (b) image_agrandir.php. | ||||
| CVE-2006-1627 | 1 Adobe | 1 Acrobat Reader | 2026-04-16 | N/A |
| Adobe Document Server for Reader Extensions 6.0 does not provide proper access control, which allows remote authenticated users to perform privileged actions by modifying the (1) actionID and (2) pageID parameters. NOTE: due to an error during reservation, this identifier was inadvertently associated with multiple issues. Other CVE identifiers have been assigned to handle other problems that are covered by the same disclosure. | ||||
| CVE-2006-1645 | 1 Reloadcms | 1 Reloadcms | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Anton Vlasov and Rostislav Gaitkuloff ReloadCMS 1.2.5 and earlier allows remote attackers to inject arbitrary web script or HTML and gain leverage to execute arbitrary PHP code via the User-Agent HTTP header, which is displayed by admin/modules/general/statistic.php in the administration panel. | ||||
| CVE-2006-1690 | 1 Manic Web | 1 Mwnewsletter | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in subscribe.php in MWNewsletter 1.0.0b allows remote attackers to inject arbitrary web script or HTML via the user_name parameter. | ||||
| CVE-2006-1716 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in inc/functions_post.php in MyBB (aka MyBulletinBoard) 1.10 allows remote attackers to inject arbitrary web script or HTML via a JavaScript event in a BBCode img tag. NOTE: the email vector is already covered by CVE-2006-1625, although it might stem from the same core issue. | ||||
| CVE-2006-1717 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in newthread.php in MyBB (aka MyBulletinBoard) 1.10, when configured to permit new threads by unregistered users, allows remote attackers to inject arbitrary web script or HTML via the username. | ||||
| CVE-2006-1839 | 1 Php Album | 1 Php Album | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in language.php in PHP Album 0.3.2.3, when register_globals is enabled, allows remote attackers to execute arbitrary code via an FTP URL in the data_dir parameter, which satisfies the file_exists function call. | ||||
| CVE-2006-1755 | 1 Matthew Dingley | 1 Md News | 2026-04-16 | N/A |
| SQL injection vulnerability in admin.php in MD News 1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2006-1780 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| The Bourne shell (sh) in Solaris 8, 9, and 10 allows local users to cause a denial of service (sh crash) via an unspecified attack vector that causes sh processes to crash during creation of temporary files. | ||||
| CVE-2006-1788 | 1 Adobe | 1 Document Server | 2026-04-16 | N/A |
| Adobe Document Server for Reader Extensions 6.0, during log on, provides different error messages depending on whether the user ID is valid or invalid, which allows remote attackers to more easily identify valid user IDs via brute force attacks. | ||||
| CVE-2006-1796 | 1 Wordpress | 1 Wordpress | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the paging links functionality in template-functions-links.php in Wordpress 1.5.2, and possibly other versions before 2.0.1, allows remote attackers to inject arbitrary web script or HTML to Internet Explorer users via the request URI ($_SERVER['REQUEST_URI']). | ||||