Export limit exceeded: 346176 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 346176 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346176 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-7180 | 1 Madwifi | 1 Madwifi | 2026-04-23 | N/A |
| ieee80211_output.c in MadWifi before 0.9.3 sends unencrypted packets before WPA authentication succeeds, which allows remote attackers to obtain sensitive information (related to network structure), and possibly cause a denial of service (disrupted authentication) and conduct spoofing attacks. | ||||
| CVE-2006-7181 | 1 Morcego Cms | 1 Morcego Cms | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Morcego CMS 0.9.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) fichero parameter to morcegoCMS.php or the (2) path parameter to adodb/adodb.inc.php. NOTE: vector 1 has been disputed by a third party who shows that $fichero can not be controlled by an attacker | ||||
| CVE-2006-7183 | 1 Photography-on-the-net | 1 Exhibit Engine 2 | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in styles.php in Exhibit Engine (EE) 1.22 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the toroot parameter. | ||||
| CVE-2006-7185 | 1 Cmsmelborp | 1 Cmsmelborp | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in includes/user_standard.php in CMSmelborp Beta allows remote attackers to execute arbitrary PHP code via a URL in the relative_root parameter. | ||||
| CVE-2006-7191 | 1 Ldap Account Manager | 1 Ldap Account Manager | 2026-04-23 | N/A |
| Untrusted search path vulnerability in lamdaemon.pl in LDAP Account Manager (LAM) before 1.0.0 allows local users to gain privileges via a modified PATH that points to a malicious rm program. | ||||
| CVE-2006-7193 | 1 Smarty | 1 Smarty | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in unit_test/test_cases.php in Smarty 2.6.1 allows remote attackers to execute arbitrary PHP code via a URL in the SMARTY_DIR parameter. NOTE: this issue is disputed by CVE and a third party because SMARTY_DIR is a constant | ||||
| CVE-2006-7194 | 1 Republique Francaise | 1 Agora | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in modules/Mysqlfinder/MysqlfinderAdmin.php in Agora 1.4 RC1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the _SESSION[PATH_COMPOSANT] parameter. | ||||
| CVE-2006-7195 | 2 Apache, Redhat | 5 Tomcat, Enterprise Linux, Network Satellite and 2 more | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in implicit-objects.jsp in Apache Tomcat 5.0.0 through 5.0.30 and 5.5.0 through 5.5.17 allows remote attackers to inject arbitrary web script or HTML via certain header values. | ||||
| CVE-2006-7202 | 1 Mambo | 1 Mambo Open Source | 2026-04-23 | N/A |
| The dofreePDF function in includes/pdf.php in Mambo 4.6.1 does not properly check access rights for database content, which allows remote attackers to read certain content via unspecified vectors. | ||||
| CVE-2006-7203 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-23 | N/A |
| The compat_sys_mount function in fs/compat.c in Linux kernel 2.6.20 and earlier allows local users to cause a denial of service (NULL pointer dereference and oops) by mounting a smbfs file system in compatibility mode ("mount -t smbfs"). | ||||
| CVE-2006-7206 | 1 Microsoft | 2 Internet Explorer, Windows Xp | 2026-04-23 | N/A |
| Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by creating a ADODB.Recordset object and making a series of calls to the NextRecordset method with a long string argument, which causes an "invalid memory access" in the SysFreeString function, a different issue than CVE-2006-3510 and CVE-2006-3899. | ||||
| CVE-2006-7208 | 1 Adam Van Dongen | 2 Com Forum, Phpbb Component | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in download.php in the Adam van Dongen Forum (com_forum) component (aka phpBB component) 1.2.4RC3 and earlier for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | ||||
| CVE-2006-7209 | 1 Zoneo-soft | 1 Phptraffica | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpTrafficA before 1.2beta2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to keywords results in the (1) main, (2) daily, (3) weekly, (4) monthly, (5) new trends, (6) individual page, and (7) search engine statistics. | ||||
| CVE-2006-7211 | 1 Firebirdsql | 1 Firebird | 2026-04-23 | N/A |
| fb_lock_mgr in Firebird 1.5 uses weak permissions (0666) for the semaphore array, which allows local users to cause a denial of service (blocked query processing) by locking semaphores. | ||||
| CVE-2006-7212 | 1 Firebirdsql | 1 Firebird | 2026-04-23 | N/A |
| Multiple buffer overflows in Firebird 1.5, one of which affects WNET, have unknown impact and attack vectors. NOTE: this issue might overlap CVE-2006-1240. | ||||
| CVE-2006-7213 | 1 Firebirdsql | 1 Firebird | 2026-04-23 | N/A |
| Firebird 1.5 allows remote authenticated users without SYSDBA and owner permissions to overwrite a database by creating a database. | ||||
| CVE-2006-7214 | 1 Firebirdsql | 1 Firebird | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in Firebird 1.5 allow remote attackers to (1) cause a denial of service (application crash) by sending many remote protocol versions; and (2) cause a denial of service (connection drop) via certain network traffic, as demonstrated by Nessus vulnerability scanning. | ||||
| CVE-2006-7226 | 1 Redhat | 2 Enterprise Linux, Enterprise Linux Desktop | 2026-04-23 | N/A |
| Perl-Compatible Regular Expression (PCRE) library before 6.7 does not properly calculate the compiled memory allocation for regular expressions that involve a quantified "subpattern containing a named recursion or subroutine reference," which allows context-dependent attackers to cause a denial of service (error or crash). | ||||
| CVE-2006-7231 | 1 Civica Software | 1 Civica | 2026-04-23 | N/A |
| SQL injection vulnerability in display.asp in Civica Software Civica allows remote attackers to execute arbitrary SQL commands via the Entry parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-7233 | 1 Ignite Realtime | 1 Openfire | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the login form (login.jsp) of the admin console in Openfire (formerly Wildfire) 2.6.0, and possibly other versions before 3.5.3, allows remote attackers to inject arbitrary web script or HTML via the url parameter. | ||||