Export limit exceeded: 345106 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345106 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-2084 | 1 Farsinews | 1 Farsinews | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in FarsiNews 2.5.3 Pro and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) month and (2) year parameters in (a) index.php, and the (3) mod parameter in (b) admin.php. | ||||
| CVE-2006-2085 | 1 Speedproject | 2 Speedcommander, Squeez | 2026-04-16 | N/A |
| Multiple buffer overflows in (1) CxAce60.dll and (2) CxAce60u.dll in SpeedProject Squeez 5.10 Build 4460, and SpeedCommander 10.52 Build 4450 and 11.01 Build 4450, allow user-assisted remote attackers to execute arbitrary code via an ACE archive that contains a file with a long filename. | ||||
| CVE-2006-2086 | 1 Juniper | 1 Junipersetup Control | 2026-04-16 | N/A |
| Buffer overflow in JuniperSetupDLL.dll, loaded from JuniperSetup.ocx by the Juniper SSL-VPN Client when accessing a Juniper NetScreen IVE device running IVE OS before 4.2r8.1, 5.0 before 5.0r6.1, 5.1 before 5.1r8, 5.2 before 5.2r4.1, or 5.3 before 5.3r2.1, allows remote attackers to execute arbitrary code via a long argument in the ProductName parameter. | ||||
| CVE-2006-2087 | 1 Hitachi | 4 Groupmax Integrated Desktop, Groupmax Mail, Groupmax World Wide Web and 1 more | 2026-04-16 | N/A |
| The Gmax Mail client in Hitachi Groupmax before 20060426 allows remote attackers to cause a denial of service (application hang or erroneous behavior) via an attachment with an MS-DOS device filename. | ||||
| CVE-2006-2088 | 1 Devsyn | 1 Open Bulletin Board | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Devsyn Open Bulletin Board (OpenBB) 1.0.6 allow remote attackers to inject arbitrary web script or HTML via (1) the FID parameter in board.php and (2) the TID parameter in read.php. NOTE: the SQL injection issues are already covered by CVE-2005-1612 (read.php) and CVE-2005-2566 (board.php). | ||||
| CVE-2006-1590 | 2 Kevin Johnson, Roman Danyliw | 2 Basic Analysis And Security Engine, Analysis Console For Intrusion Databases \(acid\) | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the PrintFreshPage function in (1) Basic Analysis and Security Engine (BASE) 1.2.4 and (2) Analysis Console for Intrusion Databases (ACID) 0.9.6b23 allows remote attackers to inject arbitrary web script or HTML via the (a) back parameter to base_graph_main.php, (b) netmask parameter to base_stat_ipaddr.php, or (c) submit parameter to base_qry_alert.php within BASE, or (d) query string to acid_main.php in ACID, which causes the request URI ($_SERVER['REQUEST_URI']) to be inserted into a refresh operation. | ||||
| CVE-2006-2089 | 1 Mysmartbb | 1 Mysmartbb | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in misc.php in MySmartBB 1.1.x allow remote attackers to inject arbitrary web script or HTML via the (1) id and (2) username parameters. | ||||
| CVE-2001-0468 | 1 Ftpfs | 1 Ftpfs | 2026-04-16 | N/A |
| Buffer overflow in FTPFS allows local users to gain root privileges via a long user name. | ||||
| CVE-2006-2494 | 1 Lacaveprods | 1 Intellitamper | 2026-04-16 | N/A |
| Stack-based buffer overflow in IntelliTamper 2.07 allows remote attackers to execute arbitrary code via a crafted .map file. | ||||
| CVE-2006-1591 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2026-04-16 | N/A |
| Heap-based buffer overflow in Microsoft Windows Help winhlp32.exe allows user-assisted attackers to execute arbitrary code via crafted embedded image data in a .hlp file. | ||||
| CVE-2006-2495 | 1 S9y | 1 Serendipity | 2026-04-16 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Entry Manager in Serendipity before 1.0-beta3 allows remote attackers to perform unauthorized actions as a logged-in user via a link or IMG tag. | ||||
| CVE-2006-1592 | 2 X-doom, Zdaemon | 2 X-doom, Zdaemon | 2026-04-16 | N/A |
| Buffer overflow in the is_client_wad_ok function in w_wad.cpp for (1) Zdaemon 1.08.01 and (2) X-Doom allows remote attackers to execute arbitrary code via a long filename argument. | ||||
| CVE-2001-0477 | 1 Webcalendar | 1 Webcalendar | 2026-04-16 | N/A |
| Vulnerability in WebCalendar 0.9.26 allows remote command execution. | ||||
| CVE-2006-1594 | 1 Claroline | 1 Claroline | 2026-04-16 | N/A |
| Multiple directory traversal vulnerabilities in document/rqmkhtml.php in Claroline 1.7.4 and earlier allow remote attackers to use ".." (dot dot) sequences to (1) read arbitrary files via the file parameter in a rqEditHtml command to document/rqmkhtml.php or (2) execute arbitrary code via the includePath parameter to learnPath/include/scormExport.inc.php. | ||||
| CVE-2006-1596 | 1 Claroline | 1 Claroline | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in learnPath/include/scormExport.inc.php in Claroline 1.7.4 and earlier allows remote attackers to execute arbitrary PHP code via the includePath parameter. | ||||
| CVE-2006-1598 | 1 An | 1 An-httpd | 2026-04-16 | N/A |
| AN HTTPD 1.42n, and possibly other versions before 1.42p, allows remote attackers to obtain source code of scripts via crafted requests with (1) dot and (2) space characters in the file extension. | ||||
| CVE-2006-2496 | 1 Novell | 2 Edirectory, Imonitor | 2026-04-16 | N/A |
| Buffer overflow in iMonitor 2.4 in Novell eDirectory 8.8 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unknown attack vectors. | ||||
| CVE-2006-1599 | 1 V-creator.com | 1 V-creator | 2026-04-16 | N/A |
| Unspecified vulnerability in VCEngine.php in v-creator before 1.3-pre3, when the VC_CRYPTO_METHOD option is OPENSSL, allows remote attackers to execute arbitrary commands, possibly due to problems in the (1) encrypt and (2) decrypt functions. | ||||
| CVE-2006-1600 | 1 Phpwebgallery | 1 Phpwebgallery | 2026-04-16 | N/A |
| SQL injection vulnerability in category.php in PhpWebGallery 1.4.1 allows remote attackers to execute arbitrary SQL commands via the search parameter. | ||||
| CVE-2006-1601 | 1 Sun | 1 Cluster | 2026-04-16 | N/A |
| Unspecified vulnerability in SunPlex Manager in Sun Cluster 3.1 4/04 allows local users with solaris.cluster.gui authorization to view arbitrary files via unspecified vectors. | ||||