Export limit exceeded: 345014 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 345014 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345014 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-4811 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| The hugepage code (hugetlb.c) in Linux kernel 2.6, possibly 2.6.12 and 2.6.13, in certain configurations, allows local users to cause a denial of service (crash) by triggering an mmap error before a prefault, which causes an error in the unmap_hugepage_area function. | ||||
| CVE-2006-1024 | 1 Addsoft | 1 Storebot | 2026-04-16 | N/A |
| SQL injection vulnerability in MgrLogin.asp in Addsoft StoreBot 2005 Professional allows remote attackers to execute arbitrary SQL commands via the Pwd parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-1025 | 1 Addsoft | 1 Storebot | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in manage.asp in Addsoft StoreBot 2002 Standard allows remote attackers to inject arbitrary web script or HTML via the ShipMethod parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-1026 | 1 Jfacets | 1 Jfacets | 2026-04-16 | N/A |
| JFacets before 0.2 allows remote attackers to gain privileges as any account via a GET request with a modified account profileID. | ||||
| CVE-2006-1027 | 1 Joomla | 1 Joomla | 2026-04-16 | N/A |
| feedcreator.class.php (aka the syndication component) in Joomla! 1.0.7 allows remote attackers to obtain sensitive information via a "/" (slash) in the feed parameter to index.php, which reveals the path in an error message. | ||||
| CVE-2006-1028 | 1 Joomla | 1 Joomla | 2026-04-16 | N/A |
| feedcreator.class.php (aka the syndication component) in Joomla! 1.0.7 allows remote attackers to cause a denial of service (stressed file cache) by creating many files via filenames in the feed parameter to index.php. | ||||
| CVE-2006-1030 | 1 Joomla | 1 Joomla | 2026-04-16 | N/A |
| Unspecified vulnerability in mod_templatechooser in Joomla! 1.0.7 allows remote attackers to obtain sensitive information via an unspecified attack vector that reveals the path. | ||||
| CVE-2005-4812 | 1 Sisco | 4 Ax-s4 Iccp, Ax-s4 Mms, Iccp Toolkit For Mms-ease and 1 more | 2026-04-16 | N/A |
| The SISCO OSI stack for Windows, as used by MMS-EASE 7.10 and earlier, AX-S4 MMS 5.01 and earlier, AX-S4 ICCP 3.0103 and earlier, and the ICCP Toolkit for MMS-EASE 4.10 and earlier, allows remote attackers to cause a denial of service (process crash) via certain network traffic, as demonstrated using a Nessus scan. | ||||
| CVE-2006-1035 | 1 Oracle | 2 Diagnostics, E-business Suite | 2026-04-16 | N/A |
| Unspecified vulnerability in the Oracle Diagnostics module 2.2 and earlier allows remote attackers to access diagnostics tests via unknown attack vectors. | ||||
| CVE-2006-1036 | 1 Oracle | 1 Diagnostics | 2026-04-16 | N/A |
| Multiple unspecified vulnerabilities in the Oracle Diagnostics module 2.2 and earlier have unknown impact and attack vectors, related to "permissions." | ||||
| CVE-2006-1037 | 1 Oracle | 2 Diagnostics, E-business Suite | 2026-04-16 | N/A |
| SQL injection vulnerability in the Oracle Diagnostics module 2.2 and earlier allows remote attackers to execute arbitrary SQL commands via unknown attack vectors. | ||||
| CVE-2006-1038 | 1 Van Dyke Technologies | 2 Securecrt, Securefx | 2026-04-16 | N/A |
| Buffer overflow in SecureCRT 5.0.4 and earlier and SecureFX 3.0.4 and earlier allows remote attackers to have an unknown impact when a Unicode string is converted to a "narrow" string. | ||||
| CVE-2005-4813 | 1 Businessobjects | 4 Crystal Enterprise Xi, Crystal Reports Server Xi, Crystal Reports Xi and 1 more | 2026-04-16 | N/A |
| Unspecified vulnerability in Report Application Server (Crystalras.exe) before 11.0.0.1370, as used in Business Objects Crystal Reports XI, Crystal Reports Server XI, and BusinessObjects Enterprise XI, allows remote attackers to cause a denial of service (application hang) via certain network traffic, possibly involving multiple simultaneous TCP connections. | ||||
| CVE-2006-1042 | 1 Gregarius | 1 Gregarius | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Gregarius 0.5.2 allow remote attackers to execute arbitrary SQL commands via the (1) folder parameter to feed.php or (2) rss_query parameter to search.php. | ||||
| CVE-2006-1043 | 1 Microsoft | 2 Visual Interdev, Visual Studio | 2026-04-16 | N/A |
| Stack-based buffer overflow in Microsoft Visual Studio 6.0 and Microsoft Visual InterDev 6.0 allows user-assisted attackers to execute arbitrary code via a long DataProject field in a (1) Visual Studio Database Project File (.dbp) or (2) Visual Studio Solution (.sln). | ||||
| CVE-2006-1045 | 2 Mozilla, Redhat | 2 Thunderbird, Enterprise Linux | 2026-04-16 | N/A |
| The HTML rendering engine in Mozilla Thunderbird 1.5, when "Block loading of remote images in mail messages" is enabled, does not properly block external images from inline HTML attachments, which could allow remote attackers to obtain sensitive information, such as application version or IP address, when the user reads the email and the external image is accessed. | ||||
| CVE-2006-1047 | 1 Joomla | 1 Joomla | 2026-04-16 | N/A |
| Unspecified vulnerability in the "Remember Me login functionality" in Joomla! 1.0.7 and earlier has unknown impact and attack vectors. | ||||
| CVE-2005-4814 | 1 Middlebury College | 1 Segue Cms | 2026-04-16 | N/A |
| Unrestricted file upload vulnerability in Segue CMS before 1.3.6, when the Apache HTTP Server handles .phtml files with the PHP interpreter, allows remote attackers to upload and execute arbitrary PHP code by placing .phtml files in the userfiles/ directory. | ||||
| CVE-2006-1051 | 1 Akarru | 1 Social Bookmarking Engine | 2026-04-16 | N/A |
| SQL injection vulnerability in Akarru Social BookMarking Engine before 0.4.3.4 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors, possibly involving the username parameter to akarru.lib/users.php. | ||||
| CVE-2006-1052 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| The selinux_ptrace logic in hooks.c in SELinux for Linux 2.6.6 allows local users with ptrace permissions to change the tracer SID to an SID of another process. | ||||