Export limit exceeded: 29916 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29916 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-3551 | 1 Ncp Network Communications | 1 Secure Client | 2026-04-16 | N/A |
| NCP Secure Enterprise Client (aka VPN/PKI client) 8.30 Build 59, and possibly earlier versions, when the Link Firewall and Personal Firewall are both configured to block all inbound and outbound network traffic, allows context-dependent attackers to send inbound UDP traffic with source port 67 and destination port 68, and outbound UDP traffic with source port 68 and destination port 67. | ||||
| CVE-2006-0590 | 1 Jaia Interactive | 1 Mytopix | 2026-04-16 | N/A |
| MyTopix 1.2.3 allows remote attackers to obtain the installation path via an invalid hl parameter to index.php, which leads to path disclosure, possibly related to invalid SQL syntax. | ||||
| CVE-2006-0597 | 1 Stefan Ritt | 1 Elog Web Logbook | 2026-04-16 | N/A |
| Multiple stack-based buffer overflows in elogd.c in elog before 2.5.7 r1558-4 allow attackers to cause a denial of service (application crash) and possibly execute code via long "revision attributes". | ||||
| CVE-2006-3576 | 1 Sensesites | 1 Commonsense Cms | 2026-04-16 | N/A |
| SQL injection vulnerability in search.php in SenseSites CommonSense CMS 5.0 allows remote attackers to execute arbitrary SQL commands via the Date parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2006-0598 | 1 Stefan Ritt | 1 Elog Web Logbook | 2026-04-16 | N/A |
| Buffer overflow in elogd.c in elog before 2.5.7 r1558-4 allows attackers to execute code via unspecified variables, when writing to the log file. | ||||
| CVE-2006-3585 | 1 Jetbox | 1 Jetbox Cms | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Jetbox CMS 2.1 SR1 allow remote attackers to inject arbitrary web script or HTML via the (1) login parameter in admin/cms/index.php, (2) unspecified parameters in the "Supply news" page in formmail.php, (3) the URL in the "Site statistics" page, and the (5) query_string parameter when performing a search. | ||||
| CVE-2006-3586 | 1 Jetbox | 1 Jetbox Cms | 2026-04-16 | N/A |
| SQL injection vulnerability in Jetbox CMS 2.1 SR1 allows remote attackers to execute arbitrary SQL commands via the (1) frontsession COOKIE parameter and (2) view parameter in index.php, and the (3) login parameter in admin/cms/index.php. | ||||
| CVE-2006-0600 | 1 Stefan Ritt | 1 Elog Web Logbook | 2026-04-16 | N/A |
| elog before 2.5.7 r1558-4 allows remote attackers to cause a denial of service (infinite redirection) via a request with the fail parameter set to 1, which redirects to the same request. | ||||
| CVE-2006-3704 | 1 Oracle | 1 Database Server | 2026-04-16 | N/A |
| Unspecified vulnerability in the Oracle ODBC Driver for Oracle Database 10.1.0.4 has unknown impact and attack vectors, aka Oracle Vuln# 10.1.0.4. | ||||
| CVE-2006-0605 | 1 Unknown Domain | 1 Shoutbox | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Unknown Domain Shoutbox 2005.07.21 allow remote attackers to inject arbitrary web script or HTML, possibly via the (1) Handle or (2) Message fields. | ||||
| CVE-2006-3617 | 1 Pixelated By Lev | 1 Pixelated By Lev Guestbook | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in pblguestbook.php in Pixelated By Lev (PBL) Guestbook 1.32 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) name, (2) message (aka comments), (3) website, and (4) email parameters, which bypasses XSS protection mechanisms that check for SCRIPT tags but not others, as demonstrated by a javascript URI in an onMouseOver attribute and the src attribute in an iframe tag. NOTE: some vectors might overlap CVE-2006-2975, although the use of alternate manipulations makes it unclear. | ||||
| CVE-2006-0606 | 1 Unknown Domain | 1 Shoutbox | 2026-04-16 | N/A |
| SQL injection vulnerability in Unknown Domain Shoutbox 2005.07.21 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors. | ||||
| CVE-2006-0607 | 1 Hinton Design | 1 Phphd | 2026-04-16 | N/A |
| check.php in Hinton Design phphd 1.0 does not check passwords when certain cookies are provided, which allows remote attackers to bypass authentication. | ||||
| CVE-2006-0609 | 1 Hinton Design | 1 Phphd | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in add.php in Hinton Design phphd 1.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2006-0611 | 1 Atmail | 1 Atmail | 2026-04-16 | N/A |
| Directory traversal vulnerability in compose.pl in @Mail 4.3 and earlier for Windows allows remote attackers to upload arbitrary files to arbitrary locations via a .. (dot dot) in the unique parameter. | ||||
| CVE-2006-3653 | 1 Microsoft | 1 Works | 2026-04-16 | N/A |
| wksss.exe 8.4.702.0 in Microsoft Works Spreadsheet 8.0 allows remote attackers to cause a denial of service (CPU consumption or crash) via crafted (1) Works, (2) Excel, and (3) Lotus 1-2-3 files. | ||||
| CVE-2006-0612 | 1 Powersave | 1 Powersave | 2026-04-16 | N/A |
| Powersave daemon before 0.10.15.2 allows local users to gain privileges (unauthorized access to an X session) via unspecified vectors. NOTE: the provenance of this information is unknown; portions of the details are obtained from third party information. | ||||
| CVE-2006-3654 | 1 Microsoft | 1 Works | 2026-04-16 | N/A |
| Buffer overflow in wksss.exe 8.4.702.0 in Microsoft Works Spreadsheet 8.0 allows remote attackers to cause a denial of service (CPU consumption or crash) via crafted Excel files. | ||||
| CVE-2006-0617 | 1 Sun | 2 Jdk, Jre | 2026-04-16 | N/A |
| Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 Update 5 and earlier allow remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "fifth, sixth, and seventh issues." | ||||
| CVE-2006-3658 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by accessing the object references of a FolderItem ActiveX object, which triggers a null dereference in the security check. | ||||