Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-5479 1 Novell 1 Edirectory 2026-04-23 N/A
The NCP Engine in Novell eDirectory before 8.7.3.8 FTF1 allows remote attackers to cause an unspecified denial of service via a certain "NCP Fragment."
CVE-2006-5488 1 Xchangeboard 1 Xchangeboard 2026-04-23 N/A
SQL injection vulnerability in XchangeBoard 1.70, and possibly earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the loginNick parameter during login. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
CVE-2006-5489 1 Rim 1 Blackberry Enterprise Server 2026-04-23 N/A
Research in Motion (RIM) BlackBerry Enterprise Server 4.1 SP2 before Hotfix 1 for IBM Lotus Domino might allow attackers with meeting organizer privileges to cause a denial of service (application hang) via a deleted recurrent meeting instance when changing the attendee's calendar meeting time.
CVE-2006-6753 1 Microsoft 1 Windows Event Viewer 2026-04-23 N/A
Event Viewer (eventvwr.exe) in Microsoft Windows does not properly display log data that contains '%' (percent) characters, which might make it impossible to use Event Viewer to determine the actual data that triggered an event, and might produce long strings that are not properly handled by certain processes that rely on Event Viewer.
CVE-2006-5491 1 Ceary 1 Ultracms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in include/index.php in UltraCMS 0.9 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameters.
CVE-2006-6707 1 Mcafee 2 Neotrace, Visual Trace 2026-04-23 N/A
Stack-based buffer overflow in the NeoTraceExplorer.NeoTraceLoader ActiveX control (NeoTraceExplorer.dll) in NeoTrace Express 3.25 and NeoTrace Pro (aka McAfee Visual Trace) 3.25 allows remote attackers to execute arbitrary code via a long argument string to the TraceTarget method. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-5786 1 E107 1 E107 2026-04-23 N/A
Directory traversal vulnerability in class2.php in e107 0.7.5 and earlier allows remote attackers to read and execute PHP code in arbitrary files via ".." sequences in the e107language_e107cookie cookie to gsitemap.php.
CVE-2006-5790 1 Stefan Ritt 1 Elog Web Logbook 2026-04-23 N/A
Multiple format string vulnerabilities in elogd.c in ELOG 2.6.2 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) an entry with an attachment whose name contains format string specifiers (el_submit function), and possibly other vectors in the (2) receive_config, (3) show_rss_feed, (4) show_elog_list, (5) show_logbook_node, and (6) server_loop functions.
CVE-2006-5809 1 Jonathon J. Freeman 1 Ovbb 2026-04-23 N/A
Multiple unspecified vulnerabilities in Jonathon J. Freeman OvBB before 0.13a have unknown impact and attack vectors.
CVE-2007-1737 1 Opera 1 Opera Browser 2026-04-23 N/A
Opera 9.10 does not check URLs embedded in (1) object or (2) iframe HTML tags against the phishing site blacklist, which allows remote attackers to bypass phishing protection.
CVE-2006-5869 1 Pstotext 1 Pstotext 2026-04-23 N/A
pstotext before 1.9 allows user-assisted attackers to execute arbitrary commands via shell metacharacters in a file name.
CVE-2006-5839 1 Phpadventure 1 Phpadventure 2026-04-23 N/A
PHP remote file inclusion vulnerability in ad_main.php in PHPAdventure 1.1-Alpha and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _mygamefile parameter.
CVE-2006-5841 1 Dodos Scripts 1 Dodosmail 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in dodosmail.php in DodosMail 2.0.1 and earlier, and possibly 2.1, allow remote attackers to execute arbitrary PHP code via a URL in the (1) dodosmail_header_file or (2) dodosmail_footer_file parameters.
CVE-2007-1719 2 Freebsd, Jason W. Bacon 2 Freebsd, Mcweject 2026-04-23 N/A
Buffer overflow in eject.c in Jason W. Bacon mcweject 0.9 on FreeBSD, and possibly other versions, allows local users to execute arbitrary code via a long command line argument, possibly involving the device name.
CVE-2006-5876 1 Libsoup 1 Libsoup 2026-04-23 N/A
The soup_headers_parse function in soup-headers.c for libsoup HTTP library before 2.2.99 allows remote attackers to cause a denial of service (crash) via malformed HTTP headers, probably involving missing fields or values.
CVE-2006-5885 1 Dynamic Dataworx 1 Nustore 2026-04-23 N/A
SQL injection vulnerability in Products.asp in NuStore 1.0 allows remote attackers to execute arbitrary SQL commands via the SubCatagoryID parameter.
CVE-2006-5889 1 Brewblogger 1 Brewblogger 2026-04-23 N/A
SQL injection vulnerability in printLog.php in BrewBlogger (BB) 1.3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2006-5892 1 The Net Guys 1 Aspired2poll 2026-04-23 N/A
SQL injection vulnerability in MoreInfo.asp in The Net Guys ASPired2Poll 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2006-5895 1 Encapscms 1 Encapscms 2026-04-23 N/A
PHP remote file inclusion vulnerability in core/core.php in EncapsCMS 0.3.6 allows remote attackers to execute arbitrary PHP code via a URL in the root parameter.
CVE-2006-5915 1 Samedia 1 Landshop 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in ls.php in SAMEDIA LandShop allow remote attackers to inject arbitrary web script or HTML via the (1) start, (2) CAT_ID, (3) keyword, (4) search_area, (5) search_type, (6) infield, or (7) search_order parameter.