Export limit exceeded: 359631 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 359631 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359631 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-5707 | 1 Phpeasydata Pro | 1 Phpeasydata Pro | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in PHPEasyData Pro 1.4.1 and 2.2.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter. | ||||
| CVE-2006-5708 | 1 Alt-n | 1 Mdaemon | 2026-04-23 | 7.5 High |
| Multiple unspecified vulnerabilities in MDaemon and WorldClient in Alt-N Technologies MDaemon before 9.50 allow attackers to cause a denial of service (memory consumption) via unspecified vectors resulting in memory leaks. | ||||
| CVE-2006-5730 | 1 Modxcms | 1 Modxcms | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in manager/media/browser/mcpuk/connectors/php/Commands/Thumbnail.php in Modx CMS 0.9.2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the base_path parameter. NOTE: it is possible that this is a vulnerability in FCKeditor. | ||||
| CVE-2006-5732 | 1 Tgs Cms | 1 Tgs Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in logout.php in T.G.S. CMS 0.1.7 and earlier allows remote attackers to execute arbitrary SQL commands via the myauthorid cookie. | ||||
| CVE-2006-5737 | 1 Punbb | 1 Punbb | 2026-04-23 | N/A |
| PunBB uses a predictable cookie_seed value that can be derived from the time of registration of the superadmin account (installation time), which might allow local users to perform unauthorized actions. | ||||
| CVE-2006-5750 | 2 Jboss, Redhat | 2 Jboss Application Server, Rhel Application Stack | 2026-04-23 | N/A |
| Directory traversal vulnerability in the DeploymentFileRepository class in JBoss Application Server (jbossas) 3.2.4 through 4.0.5 allows remote authenticated users to read or modify arbitrary files, and possibly execute arbitrary code, via unspecified vectors related to the console manager. | ||||
| CVE-2006-5762 | 1 Free Php Scripts | 2 Free File Hosting, Free Image Hosting | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in forgot_pass.php in Free File Hosting 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AD_BODY_TEMP parameter. NOTE: this issue was later reported for the "File Upload System" which is a component of Free File Hosting. This also affects Free Image Hosting 2.0, which contains the same code. | ||||
| CVE-2006-5778 | 1 Linux-ftpd-ssl | 1 Linux-ftpd-ssl | 2026-04-23 | N/A |
| ftpd in linux-ftpd 0.17, and possibly other versions, performs a chdir before setting the UID, which allows local users to bypass intended access restrictions by redirecting their home directory to a restricted directory. | ||||
| CVE-2006-5779 | 2 Canonical, Openldap | 2 Ubuntu Linux, Openldap | 2026-04-23 | 7.5 High |
| OpenLDAP before 2.3.29 allows remote attackers to cause a denial of service (daemon crash) via LDAP BIND requests with long authcid names, which triggers an assertion failure. | ||||
| CVE-2006-5780 | 1 Xlink Technology | 1 Omni-nfs Server | 2026-04-23 | N/A |
| Stack-based buffer overflow in nfsd.exe in XLink Omni-NFS Server 5.2 allows remote attackers to execute arbitrary code via a crafted TCP packet to port 2049 (nfsd), as demonstrated by vd_xlink.pm. | ||||
| CVE-2006-5783 | 1 Mozilla | 1 Firefox | 2026-04-23 | N/A |
| Firefox 1.5.0.7 on Kubuntu Linux allows remote attackers to cause a denial of service (crash) via a long URL in an A tag. NOTE: this issue has been disputed by several vendors, who could not reproduce the report. In addition, the scope of the impact - system freeze - suggests an issue that is not related to Firefox. Due to this impact, CVE concurs with the dispute | ||||
| CVE-2006-5785 | 1 Sap | 1 Sap Web Application Server | 2026-04-23 | N/A |
| Unspecified vulnerability in SAP Web Application Server 6.40 before patch 136 and 7.00 before patch 66 allows remote attackers to cause a denial of service (enserver.exe crash) via a 0x72F2 sequence on UDP port 64999. | ||||
| CVE-2006-5786 | 1 E107 | 1 E107 | 2026-04-23 | N/A |
| Directory traversal vulnerability in class2.php in e107 0.7.5 and earlier allows remote attackers to read and execute PHP code in arbitrary files via ".." sequences in the e107language_e107cookie cookie to gsitemap.php. | ||||
| CVE-2006-5787 | 1 Iprimal | 1 Iprimal Forums | 2026-04-23 | N/A |
| admin/index.php in IPrimal Forums as of 20061105 allows remote attackers to bypass authentication and modify user passwords via a direct request, possibly related to an authentication issue in admin/chk_admin.php. | ||||
| CVE-2006-5790 | 1 Stefan Ritt | 1 Elog Web Logbook | 2026-04-23 | N/A |
| Multiple format string vulnerabilities in elogd.c in ELOG 2.6.2 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) an entry with an attachment whose name contains format string specifiers (el_submit function), and possibly other vectors in the (2) receive_config, (3) show_rss_feed, (4) show_elog_list, (5) show_logbook_node, and (6) server_loop functions. | ||||
| CVE-2006-5809 | 1 Jonathon J. Freeman | 1 Ovbb | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in Jonathon J. Freeman OvBB before 0.13a have unknown impact and attack vectors. | ||||
| CVE-2007-3719 | 1 Linux | 1 Linux Kernel | 2026-04-23 | N/A |
| The process scheduler in the Linux kernel 2.6.16 gives preference to "interactive" processes that perform voluntary sleeps, which allows local users to cause a denial of service (CPU consumption), as described in "Secretly Monopolizing the CPU Without Superuser Privileges." | ||||
| CVE-2007-3850 | 3 Apple, Linux, Redhat | 3 Powerpc, Linux Kernel, Enterprise Linux | 2026-04-23 | N/A |
| The eHCA driver in Linux kernel 2.6 before 2.6.22, when running on PowerPC, does not properly map userspace resources, which allows local users to read portions of physical address space. | ||||
| CVE-2006-5822 | 1 Symantec | 3 Veritas Netbackup Client, Veritas Netbackup Enterprise Server, Veritas Netbackup Server | 2026-04-23 | N/A |
| Stack-based buffer overflow in the NetBackup bpcd daemon (bpcd.exe) in Symantec Veritas NetBackup 5.0 before 5.0_MP7, 5.1 before 5.1_MP6, and 6.0 before 6.0_MP4 allows remote attackers to execute arbitrary code via a long CONNECT_OPTIONS request, a different issue than CVE-2006-6222. | ||||
| CVE-2007-2224 | 1 Microsoft | 5 Office, Visual Basic, Windows 2000 and 2 more | 2026-04-23 | N/A |
| Object linking and embedding (OLE) Automation, as used in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Office 2004 for Mac, and Visual Basic 6.0 allows remote attackers to execute arbitrary code via the substringData method on a TextNode object, which causes an integer overflow that leads to a buffer overflow. | ||||