Export limit exceeded: 344977 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 344977 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344977 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-2153 | 1 Jbmc Software | 1 Directadmin | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in HTM_PASSWD in DirectAdmin Hosting Management allows remote attackers to inject arbitrary web script or HTML via the domain parameter. | ||||
| CVE-2006-2322 | 1 Cisco | 2 Application Velocity System 3110, Application Velocity System 3120 | 2026-04-16 | N/A |
| The transparent proxy feature of the Cisco Application Velocity System (AVS) 3110 5.0 and 4.0 and earlier, and 3120 5.0.0 and earlier, has a default configuration that allows remote attackers to proxy arbitrary TCP connections, aka Bug ID CSCsd32143. | ||||
| CVE-2006-2511 | 1 Frontrange | 1 Iheat | 2026-04-16 | N/A |
| The ActiveX version of FrontRange iHEAT allows remote authenticated users to run arbitrary programs or access arbitrary files on the host machine by uploading a file with an extension that is not associated with an application, and selecting a file from the "Open With..." dialog. | ||||
| CVE-2006-2154 | 1 Emc | 1 Retrospect | 2026-04-16 | N/A |
| EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and 7.5 before 7.5.1.105 does not drop privileges before opening files, which allows local users to execute arbitrary code via the File>Open dialog. | ||||
| CVE-2006-2155 | 1 Emc | 1 Retrospect | 2026-04-16 | N/A |
| EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and 7.5 before 7.5.1.105 allows local users to execute arbitrary code by replacing the Retrospect.exe file, possibly due to improper file permissions. | ||||
| CVE-2006-2156 | 1 X7 Group | 1 X7 Chat | 2026-04-16 | N/A |
| Directory traversal vulnerability in help/index.php in X7 Chat 2.0 and earlier allows remote attackers to include arbitrary files via .. (dot dot) sequences in the help_file parameter. | ||||
| CVE-2006-2324 | 1 180solutions | 1 Zango | 2026-04-16 | N/A |
| 180solutions Zango downloads "required Adware components" without checking integrity or authenticity, which might allow context-dependent attackers to execute arbitrary code by subverting the DNS resolution of static.zangocash.com. | ||||
| CVE-2006-2157 | 1 Plogger | 1 Plogger | 2026-04-16 | N/A |
| SQL injection vulnerability in gallery.php in Plogger Beta 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter, when the level is set to "slideshow". NOTE: This is a different vulnerability than CVE-2005-4246. | ||||
| CVE-2006-2512 | 1 Hitachi | 4 Eur Print Service, Eur Print Service For Ilf, Eur Professional and 1 more | 2026-04-16 | N/A |
| SQL injection vulnerability in Hitachi EUR Professional Edition, EUR Viewer, EUR Print Service, and EUR Print Service for ILF allows remote authenticated users to execute arbitrary SQL commands via unknown attack vectors. | ||||
| CVE-2006-2158 | 1 Stadtaus | 1 Guestbook Script | 2026-04-16 | N/A |
| Dynamic variable evaluation vulnerability in index.php in Stadtaus Guestbook Script 1.7 and earlier, when register_globals is enabled, allows remote attackers to modify arbitrary program variables via parameters, which are evaluated as PHP variable variables, as demonstrated by performing PHP remote file inclusion using the include_files array parameter. | ||||
| CVE-2006-2159 | 1 Russcom Network | 1 Loginphp | 2026-04-16 | N/A |
| CRLF injection vulnerability in help.php in Russcom Network Loginphp allows remote attackers to spoof e-mails and inject MIME headers via CRLF sequences in the email address. | ||||
| CVE-2006-2513 | 1 Sun | 1 Java System Directory Server | 2026-04-16 | N/A |
| Unspecified vulnerability in the installation process in Sun Java System Directory Server 5.2 causes wrong user data to be written to a file created by the installation, which allows remote attackers or local users to gain privileges. | ||||
| CVE-2001-1097 | 1 Cisco | 1 Ios | 2026-04-16 | N/A |
| Cisco routers and switches running IOS 12.0 through 12.2.1 allows a remote attacker to cause a denial of service via a flood of UDP packets. | ||||
| CVE-2006-2160 | 1 Russcom Network | 1 Loginphp | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Russcom Network Loginphp (Russcom.Loginphp) allows remote attackers to inject arbitrary web script or HTML via the username field when registering. | ||||
| CVE-2006-2514 | 1 Coppermine | 1 Coppermine Photo Gallery | 2026-04-16 | N/A |
| Coppermine galleries before 1.4.6, when running on Apache with mod_mime installed, allows remote attackers to upload arbitrary files via a filename with multiple file extensions. | ||||
| CVE-2001-1111 | 1 Khamil Landross And Zack Jones | 1 Eftp | 2026-04-16 | N/A |
| EFTP 2.0.7.337 stores user passwords in plaintext in the eftp2users.dat file. | ||||
| CVE-2006-2515 | 1 Hiox India | 1 Guest Book | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Hiox Guestbook 3.1 allows remote attackers to inject arbitrary web script or HTML via the input forms for signing the guestbook. | ||||
| CVE-2001-1119 | 1 Ti Kan | 1 Xmcd | 2026-04-16 | N/A |
| cda in xmcd 3.0.2 and 2.6 in SuSE Linux allows local users to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2006-1723 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2026-04-16 | N/A |
| Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors related to DHTML. NOTE: due to the lack of sufficient public details from the vendor as of 20060413, it is unclear how CVE-2006-1529, CVE-2006-1530, CVE-2006-1531, and CVE-2006-1723 are different. | ||||
| CVE-2006-1724 | 3 Debian, Mozilla, Redhat | 6 Debian Linux, Firefox, Mozilla Suite and 3 more | 2026-04-16 | N/A |
| Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to DHTML. | ||||