Export limit exceeded: 29909 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29909 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-1456 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Buffer overflow in QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted RTSP request, which is not properly handled during message logging. | ||||
| CVE-2006-1457 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Safari on Apple Mac OS X 10.4.6, when "Open `safe' files after downloading" is enabled, will automatically expand archives, which could allow remote attackers to overwrite arbitrary files via an archive that contains a symlink. | ||||
| CVE-2006-2575 | 1 Pyrosoft Inc | 1 Netpanzer | 2026-04-16 | N/A |
| The setFrame function in Lib/2D/Surface.hpp for NetPanzer 0.8 and earlier allows remote attackers to cause a denial of service (crash) via a client flag (frameNum) that is greater than 41, which triggers an assert error. | ||||
| CVE-2006-1488 | 1 Activecampaign | 1 Supporttrio | 2026-04-16 | N/A |
| ActiveCampaign SupportTrio 2.5 allows remote attackers to obtain the full path of the server via invalid (1) article or (2) print parameters in a kb action to index.php, or (3) an invalid category parameter to modules/KB/pdf.php, which leaks the path in an error message. | ||||
| CVE-2006-1489 | 1 Fusionzone | 1 Couponzone | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in FusionZONE CouponZONE local.cfm in 4.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) companyid, (2) scat, and (3) coid parameters. | ||||
| CVE-2006-1492 | 1 Nikolay Avrionov | 1 Explorer Xp | 2026-04-16 | N/A |
| Directory traversal vulnerability in dir.php in Explorer XP allows remote attackers to read arbitrary files via the chemin parameter. | ||||
| CVE-2001-0266 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Vulnerability in Software Distributor SD-UX in HP-UX 11.0 and earlier allows local users to gain privileges. | ||||
| CVE-2006-1493 | 1 Nikolay Avrionov | 1 Explorer Xp | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in dir.php in Explorer XP allows remote attackers to inject arbitrary web script or HTML via the chemin parameter. NOTE: it is possible that this issue is resultant from CVE-2006-1492. | ||||
| CVE-2006-1495 | 2 Netoffice, Phpcollab | 2 Netoffice, Phpcollab | 2026-04-16 | N/A |
| SQL injection vulnerability in general/sendpassword.php in (1) PHPCollab 2.4 and 2.5.rc3, and (2) NetOffice 2.5.3-pl1 and 2.6.0b2 allows remote attackers to execute arbitrary SQL commands via the loginForm parameter in the "forgotten password" option. | ||||
| CVE-2006-2031 | 1 Phpmyadmin | 1 Phpmyadmin | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin 2.8.0.3, 2.8.0.2, 2.8.1-dev, and 2.9.0-dev allows remote attackers to inject arbitrary web script or HTML via the lang parameter. | ||||
| CVE-2006-2445 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| Race condition in run_posix_cpu_timers in Linux kernel before 2.6.16.21 allows local users to cause a denial of service (BUG_ON crash) by causing one CPU to attach a timer to a process that is exiting. | ||||
| CVE-2006-1496 | 1 Vihor | 1 Vihordesign | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in ViHor Design allow remote attackers to inject arbitrary web script or HTML via (1) a remote URL in the page parameter, which is processed by an fopen call, or (2) HTML or script in the page parameter, which is returned to the client in an error message for the failed fopen call. | ||||
| CVE-2006-2032 | 1 Corenews | 1 Corenews | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Core CoreNews 2.0.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) icon_id and (2) userid parameters in preview.php. | ||||
| CVE-2006-1497 | 1 Vihor | 1 Vihordesign | 2026-04-16 | N/A |
| Directory traversal vulnerability in index.php in ViHor Design allows remote attackers to read arbitrary files via the page parameter. | ||||
| CVE-2006-1498 | 1 Mediawiki | 1 Mediawiki | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in MediaWiki before 1.5.8 and 1.4.15 allows remote attackers to inject arbitrary web script or HTML via crafted encoded links. | ||||
| CVE-2006-1499 | 1 Source Workshop | 1 Vcounter | 2026-04-16 | N/A |
| SQL injection vulnerability in vCounter.php in vCounter 1.0 allows remote attackers to execute arbitrary SQL commands via the URI (_SERVER[REQUEST_URI] variable). | ||||
| CVE-2006-1514 | 1 Abcmidi | 1 Abcmidi | 2026-04-16 | N/A |
| Multiple buffer overflows in the abcmidi-yaps translator in abcmidi 20050101, and other versions, allow remote attackers to execute arbitrary code via crafted ABC music files that trigger the overflows during translation into PostScript. | ||||
| CVE-2006-1515 | 1 Typespeed | 1 Typespeed | 2026-04-16 | N/A |
| Buffer overflow in the addnewword function in typespeed 0.4.4 and earlier might allow remote attackers to execute arbitrary code via unknown vectors. | ||||
| CVE-2006-2039 | 1 Ubertec | 1 Help Center Live | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in the osTicket module in Help Center Live before 2.1.0 allow remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2006-1516 | 3 Mysql, Oracle, Redhat | 3 Mysql, Mysql, Enterprise Linux | 2026-04-16 | N/A |
| The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read. | ||||