Export limit exceeded: 344900 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344900 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-4134 | 1 Sap | 1 Internet Graphics Server | 2026-04-16 | N/A |
| Unspecified vulnerability related to a "design flaw" in SAP Internet Graphics Service (IGS) 6.40 and earlier and 7.00 and earlier allows remote attackers to cause a denial of service (service shutdown) via certain HTTP requests. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. | ||||
| CVE-2006-4135 | 1 Vincent Hor | 1 Calendarix | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in cal_config.inc.php in Calendarix 0.7.20060401 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the calpath parameter. NOTE: this issue has been disputed by a third party, who says that the affected $calpath variable is set to a constant value in the beginning of the script. CVE concurs that the initial report is invalid | ||||
| CVE-2006-4136 | 1 Ibm | 1 Websphere Application Server | 2026-04-16 | N/A |
| Multiple unspecified vulnerabilities in IBM WebSphere Application Server before 6.1.0.1 have unspecified impact and attack vectors involving (1) "SOAP requests and responses", (2) mbean, (3) ThreadIdentitySupport, and possibly others. | ||||
| CVE-2006-4137 | 1 Ibm | 1 Websphere Application Server | 2026-04-16 | N/A |
| IBM WebSphere Application Server before 6.1.0.1 allows attackers to obtain sensitive information via unspecified vectors related to (1) the log file, (2) "script generated syntax on wsadmin command line," and (3) traces. | ||||
| CVE-2006-4138 | 1 Microsoft | 1 Help File Viewer | 2026-04-16 | N/A |
| Multiple unspecified vulnerabilities in Microsoft Windows Help File viewer (winhlp32.exe) allow user-assisted attackers to execute arbitrary code via crafted HLP files. | ||||
| CVE-2006-4139 | 1 Sun | 1 Solaris | 2026-04-16 | N/A |
| Race condition in Sun Solaris 10 allows attackers to cause a denial of service (system panic) via unspecified vectors related to ifconfig and either netstat or SNMP queries. | ||||
| CVE-2006-4140 | 1 Ipcheck | 1 Server Monitor | 2026-04-16 | N/A |
| Directory traversal vulnerability in IPCheck Server Monitor before 5.3.3.639/640 allows remote attackers to read arbitrary files via modified .. (dot dot) sequences in the URL, including (1) "..%2f" (encoded "/" slash), "..../" (multiple dot), and "..%255c../" (double-encoded "\" backslash). | ||||
| CVE-2006-4141 | 1 Vwar | 1 Virtual War | 2026-04-16 | N/A |
| SQL injection vulnerability in news.php in Virtual War (VWar) 1.5.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) sortby and (2) sortorder parameters. | ||||
| CVE-2006-4142 | 1 Vwar | 1 Virtual War | 2026-04-16 | N/A |
| SQL injection vulnerability in extra/online.php in Virtual War (VWar) 1.5.0 R14 and earlier allows remote attackers to execute arbitrary SQL commands via the n parameter. | ||||
| CVE-2006-4143 | 1 Netgear | 1 Fvg318 | 2026-04-16 | N/A |
| Netgear FVG318 running firmware 1.0.40 allows remote attackers to cause a denial of service (router reset) via TCP packets with bad checksums. | ||||
| CVE-2006-4145 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| The Universal Disk Format (UDF) filesystem driver in Linux kernel 2.6.17 and earlier allows local users to cause a denial of service (hang and crash) via certain operations involving truncated files, as demonstrated via the dd command. | ||||
| CVE-2006-4146 | 2 Gnu, Redhat | 2 Gdb, Enterprise Linux | 2026-04-16 | N/A |
| Buffer overflow in the (1) DWARF (dwarfread.c) and (2) DWARF2 (dwarf2read.c) debugging code in GNU Debugger (GDB) 6.5 allows user-assisted attackers, or restricted users, to execute arbitrary code via a crafted file with a location block (DW_FORM_block) that contains a large number of operations. | ||||
| CVE-2006-4156 | 1 Pearlabs | 1 Mafia Moblog | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in big.php in pearlabs mafia moblog 6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the pathtotemplate parameter. NOTE: a third party claims that the researcher is incorrect, because template.php defines pathtotemplate before big.php uses pathtotemplate. CVE has not verified either claim, but during August 2006, the original researcher made several significant errors regarding this bug type | ||||
| CVE-2006-4157 | 1 Yabb | 1 Yabb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Yet another Bulletin Board (YaBB) allows remote attackers to inject arbitrary web script or HTML via the categories parameter. | ||||
| CVE-2006-4158 | 1 Spaminator | 1 Spaminator | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in Login.php in Spaminator 1.7 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. | ||||
| CVE-2006-4159 | 1 Chaussette | 1 Chaussette | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Chaussette 080706 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the _BASE parameter to scripts in Classes/ including (1) Evenement.php, (2) Event.php, (3) Event_for_month.php, (4) Event_for_week.php, (5) My_Log.php, (6) My_Smarty.php, and possibly (7) Event_for_month_per_day.php. | ||||
| CVE-2006-4161 | 1 Xennobb | 1 Xennobb | 2026-04-16 | N/A |
| Directory traversal vulnerability in the avatar_gallery action in profile.php in XennoBB 2.1.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the category parameter. | ||||
| CVE-2006-4162 | 1 Cpg-nuke | 1 Dragonfly Cms | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Dragonfly CMS 9.0.6.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the search field. | ||||
| CVE-2006-4163 | 1 Mywebland | 1 Minibloggie | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in cls_fast_template.php in myWebland miniBloggie 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the fname parameter. NOTE: another researcher was unable to find a way to execute code after including it via a URL. CVE analysis as of 20060816 was inconclusive | ||||
| CVE-2006-4164 | 1 Phpprintanalyzer | 1 Phpprintanalyzer | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in inc/header.inc.php in phpPrintAnalyzer 1.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the ficStyle parameter. | ||||