Export limit exceeded: 363284 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363284 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363284 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-1143 1 Recourse Technologies 1 Mantrap 2026-04-16 N/A
Recourse ManTrap 1.6 hides the first 4 processes that run on a Solaris system, which allows attackers to determine that they are in a honeypot system.
CVE-2006-3842 1 Adventnet 1 Zoho Virtual Office 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Zoho Virtual Office 3.2 Build 3210 allows remote attackers to execute arbitrary web script or HTML via an HTML message.
CVE-2006-3828 1 Kailash Nadh 1 Boastmachine 2026-04-16 N/A
Incomplete blacklist vulnerability in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier allows remote authenticated administrators to bypass SQL injection protection mechanisms by using commas, quote characters, pound sign (#) characters, "UNION," and "SELECT," which are not filtered by the product, which only checks for "insert," "delete," "update," and "replace."
CVE-2006-3827 1 Kailash Nadh 1 Boastmachine 2026-04-16 N/A
SQL injection vulnerability in bmc/Inc/core/admin/search.inc.php in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier allows remote authenticated administrators to execute arbitrary SQL commands via the blog parameter.
CVE-2006-3822 1 Geodesicsolutions 1 Geoauctions Enterprise 2026-04-16 N/A
SQL injection vulnerability in index.php in GeodesicSolutions GeoAuctions Enterprise 1.0.6 allows remote attackers to execute arbitrary SQL commands via the d parameter.
CVE-2006-3856 1 Ibm 1 Informix Dynamic Server 2026-04-16 N/A
IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 allows local users to cause a denial of service (crash) via unspecified vectors.
CVE-2006-3819 1 Twiki 1 Twiki 2026-04-16 N/A
Eval injection vulnerability in the configure script in TWiki 4.0.0 through 4.0.4 allows remote attackers to execute arbitrary Perl code via an HTTP POST request containing a parameter name starting with "TYPEOF".
CVE-2006-3818 1 Novell 1 Groupwise Webaccess 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the login page in Novell GroupWise WebAccess 6.5 before 20060721 and WebAccess 7 before 20060727 allows remote attackers to inject arbitrary web script or HTML via the GWAP.version parameter.
CVE-2006-3800 1 Amazing Flash Commerce 1 Afcommerce Shopping Cart 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Amazing Flash AFCommerce Shopping Cart allows remote attackers to inject arbitrary web script or HTML via the "new review" text box.
CVE-2006-3798 1 Deluxebb 1 Deluxebb 2026-04-16 N/A
DeluxeBB 1.07 and earlier allows remote attackers to overwrite the (1) _GET, (2) _POST, (3) _ENV, and (4) _SERVER variables via the _COOKIE (aka COOKIE) variable, which can overwrite the other variables during an extract function call, probably leading to multiple security vulnerabilities, aka "pollution of the global namespace."
CVE-2006-3797 1 Deluxebb 1 Deluxebb 2026-04-16 N/A
SQL injection vulnerability in DeluxeBB 1.07 and earlier allows remote attackers to bypass authentication, spoof users, and modify settings via the (1) memberpw and (2) membercookie cookies.
CVE-2000-1124 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in piobe command in IBM AIX 4.3.x allows local users to gain privileges via long environmental variables.
CVE-2006-3629 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2026-04-16 N/A
Unspecified vulnerability in the MOUNT dissector in Wireshark (aka Ethereal) 0.9.4 to 0.99.0 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
CVE-2006-3631 2 Redhat, Wireshark 2 Enterprise Linux, Wireshark 2026-04-16 N/A
Unspecified vulnerability in the SSH dissector in Wireshark (aka Ethereal) 0.9.10 to 0.99.0 allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors.
CVE-2006-3634 1 Linux 1 Linux Kernel 2026-04-16 N/A
The (1) __futex_atomic_op and (2) futex_atomic_cmpxchg_inatomic functions in Linux kernel 2.6.17-rc4 to 2.6.18-rc2 perform the atomic futex operation in the kernel address space instead of the user address space, which allows local users to cause a denial of service (crash).
CVE-2005-2141 1 Jollybox.de 1 Tcp Chat 2026-04-16 N/A
TCP Chat 1.0 allows remote attackers to cause a denial of service (crash) via a long string to the chat service, possibly triggering a buffer overflow.
CVE-2006-3657 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (stack overflow exception) via a DXImageTransform.Microsoft.Gradient ActiveX object with a long (1) StartColorStr or (2) EndColorStr property.
CVE-2006-3658 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by accessing the object references of a FolderItem ActiveX object, which triggers a null dereference in the security check.
CVE-2006-3659 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by setting the location or URL property of a MHTMLFile ActiveX object.
CVE-2000-1105 1 Microsoft 1 Indexing Service 2026-04-16 N/A
The ixsso.query ActiveX Object is marked as safe for scripting, which allows malicious web site operators to embed a script that remotely determines the existence of files on visiting Windows 2000 systems that have Indexing Services enabled.