Export limit exceeded: 345048 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 345048 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345048 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-1385 | 1 Kismac | 1 Kismac | 2026-04-16 | N/A |
| Stack-based buffer overflow in the parseTaggedData function in WavePacket.mm in KisMAC R54 through R73p allows remote attackers to execute arbitrary code via multiple SSIDs in a Cisco vendor tag in a 802.11 management frame. | ||||
| CVE-2005-0467 | 1 Putty | 1 Putty | 2026-04-16 | N/A |
| Multiple integer overflows in the (1) sftp_pkt_getstring and (2) fxp_readdir_recv functions in the PSFTP and PSCP clients for PuTTY 0.56, and possibly earlier versions, allow remote malicious web sites to execute arbitrary code via SFTP responses that corrupt the heap after insufficient memory has been allocated. | ||||
| CVE-2005-0470 | 3 Gentoo, Suse, Wpa Supplicant | 3 Linux, Suse Linux, Wpa Supplicant | 2026-04-16 | N/A |
| Buffer overflow in wpa_supplicant before 0.2.7 allows remote attackers to cause a denial of service (segmentation fault) via invalid EAPOL-Key packet data. | ||||
| CVE-2006-1387 | 1 Twiki | 1 Twiki | 2026-04-16 | N/A |
| TWiki 4.0, 4.0.1, and 20010901 through 20040904 allows remote authenticated users with edit rights to cause a denial of service (infinite recursion leading to CPU and memory consumption) via INCLUDE by URL statements that form a loop, such as a page that includes itself. | ||||
| CVE-2005-0471 | 1 Sun | 2 Jdk, Jre | 2026-04-16 | N/A |
| Sun Java JRE 1.1.x through 1.4.x writes temporary files with long filenames that become predictable on a file system that uses 8.3 style short names, which allows remote attackers to write arbitrary files to known locations and facilitates the exploitation of vulnerabilities in applications that rely on unpredictable file names. | ||||
| CVE-2006-1388 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Unspecified vulnerability in Microsoft Internet Explorer 6.0 allows remote attackers to execute HTA files via unknown vectors. | ||||
| CVE-2006-1389 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Unspecified vulnerability in swagentd in HP-UX B.11.00, B.11.04, and B.11.11 allows remote attackers to cause a denial of service (application crash) via unspecified vectors. | ||||
| CVE-2000-0449 | 1 Omnis | 1 Studio | 2026-04-16 | N/A |
| Omnis Studio 2.4 uses weak encryption (trivial encoding) for encrypting database fields. | ||||
| CVE-2005-0472 | 3 Mandrakesoft, Redhat, Rob Flynn | 5 Mandrake Linux, Mandrake Linux Corporate Server, Enterprise Linux and 2 more | 2026-04-16 | N/A |
| Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ. | ||||
| CVE-2006-2564 | 1 Alstrasoft | 1 E-friends | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in AlstraSoft E-Friends allow remote attackers to inject arbitrary web script or HTML by (1) posting a blog, (2) posting a listing, (3) posting an event, (4) adding comments, or (5) sending a message. | ||||
| CVE-2005-0473 | 3 Mandrakesoft, Redhat, Rob Flynn | 5 Mandrake Linux, Mandrake Linux Corporate Server, Enterprise Linux and 2 more | 2026-04-16 | N/A |
| The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208. | ||||
| CVE-2006-1391 | 1 Pablo Software Solutions | 2 Baby Asp Web Server, Quick And Easy Web Server | 2026-04-16 | N/A |
| The (a) Quick 'n Easy Web Server before 3.1.1 and (b) Baby ASP Web Server 2.7.2 allows remote attackers to obtain the source code of ASP files via (1) . (dot) and (2) space characters in the extension of a URL. | ||||
| CVE-2005-0261 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| lspath in AIX 5.2, 5.3, and possibly earlier versions, does not drop privileges before processing the -f option, which allows local users to read one line of arbitrary files. | ||||
| CVE-2006-2410 | 1 Raydium | 1 Raydium | 2026-04-16 | N/A |
| raydium_network_netcall_exec function in network.c in Raydium SVN revision 312 and earlier allows remote attackers to cause a denial of service (application crash) via a packet of type 0xFF, which causes a null dereference. | ||||
| CVE-2006-2537 | 3 Horizontal Shooter Bor, Openbor, Senile Team | 3 Horizontal Shooter Bor, Openbor, Beats Of Rage | 2026-04-16 | N/A |
| Multiple format string vulnerabilities in (a) OpenBOR 2.0046 and earlier, (b) Beats of Rage (BOR) 1.0029 and earlier, and (c) Horizontal Shooter BOR (HOR) 2.0000 and earlier allow remote attackers to execute code via format string specifiers in configurations used in various mod files, as demonstrated by the (1) music identifier in data/scenes/intro.txt, which is not properly handled in the update function, and (2) background identifier in data/easy/1aeasy.txt, which is not properly handled in the shutdown function. | ||||
| CVE-2006-2411 | 1 Raydium | 1 Raydium | 2026-04-16 | N/A |
| Buffer overflow in raydium_network_read function in network.c in Raydium SVN revision 312 and earlier allows remote attackers to execute arbitrary code by sending packets with long global variables to the client. | ||||
| CVE-2006-2538 | 2 Ie Tab, Mozilla | 2 Ie Tab, Firefox | 2026-04-16 | N/A |
| IE Tab 1.0.9 plugin for Mozilla Firefox 1.5.0.3 allows remote user-assisted attackers to cause a denial of service (application crash), possibly due to a null dereference, via certain Javascript, as demonstrated using a url parameter to the content/reloaded.html page in a chrome:// URI. Some third-party researchers claim that they are unable to reproduce this vulnerability. | ||||
| CVE-2006-2413 | 1 Gnunet | 1 Gnunet | 2026-04-16 | N/A |
| GNUnet before SVN revision 2781 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an empty UDP datagram, possibly involving FIONREAD errors. | ||||
| CVE-2006-2414 | 1 Timo Sirainen | 1 Dovecot | 2026-04-16 | N/A |
| Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command. | ||||
| CVE-2006-2415 | 1 Flexchat | 1 Flexchat | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in FlexChat 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) username and (2) CFTOKEN parameter in (a) index.cfm and (3) CFTOKEN and (4) CFID parameter in (b) chat.cfm. | ||||