Export limit exceeded: 360230 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (360230 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1671 | 1 Yahoo | 1 Messenger | 2026-04-16 | N/A |
| The Logfile feature in Yahoo! Messenger 5.x through 6.0 can be activated by a YMSGR: URL and writes all output to a single ypager.log file, even when there are multiple users, and does not properly warn later users that the feature has been enabled, which allows local users to obtain sensitive information from other users. | ||||
| CVE-2006-1450 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via an enriched text e-mail message with "invalid color information" that causes Mail to allocate and initialize arbitrary classes. | ||||
| CVE-2006-2025 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2026-04-16 | N/A |
| Integer overflow in the TIFFFetchData function in tif_dirread.c for libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted TIFF image. | ||||
| CVE-2006-2706 | 1 Secure Elements | 1 Class 5 Enterprise Vulnerability Management | 2026-04-16 | N/A |
| Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 allows remote attackers to cause a denial of service via forged "session start" messages that cause AVR to connect to arbitrary hosts. | ||||
| CVE-2003-1194 | 1 Booby | 1 Booby | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Booby .1 through 0.2.3 allows remote attackers to inject arbitrary web script or HTML via the error message. | ||||
| CVE-2003-1195 | 1 Vienuke | 1 Vieboard | 2026-04-16 | N/A |
| SQL injection vulnerability in getmember.asp in VieBoard 2.6 Beta 1 allows remote attackers to execute arbitrary SQL commands via the msn variable. | ||||
| CVE-2003-1196 | 1 Vienuke | 1 Vieboard | 2026-04-16 | N/A |
| SQL injection vulnerability in viewtopic.asp in VieBoard 2.6 allows remote attackers to execute arbitrary SQL commands via the forumid parameter. | ||||
| CVE-2003-1197 | 1 Ledscripts.com | 1 Ledforums | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for Ledscripts.com LedForums Beta 1 allows remote attackers to inject arbitrary web script or HTML via the (1) top_message parameter or (2) topic field of a new thread. | ||||
| CVE-2003-1198 | 1 Cherokee | 1 Cherokee Httpd | 2026-04-16 | N/A |
| connection.c in Cherokee web server before 0.4.6 allows remote attackers to cause a denial of service via an HTTP POST request without a Content-Length header field. | ||||
| CVE-2005-1672 | 1 Ubertec | 1 Help Center Live | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Help Center Live allow remote attackers to inject arbitrary web script or HTML via the (1) find parameter to index.php, (2) name or (3) message field of a chat request, or (4) the message body when opening a trouble ticket. | ||||
| CVE-2003-1206 | 1 Crob | 1 Crob Ftp Server | 2026-04-16 | N/A |
| Format string vulnerability in Crob FTP Server 2.60.1 allows remote attackers to cause a denial of service (crash) via "%s" or "%n" sequences in (1) the username during login, or other FTP commands such as (2) dir. | ||||
| CVE-2003-1207 | 1 Crob | 1 Crob Ftp Server | 2026-04-16 | N/A |
| Crob FTP Server 3.5.1 allows remote authenticated users to cause a denial of service (crash) via a dir command with a large number of "." characters followed by a "/*" string. | ||||
| CVE-2006-1460 | 1 Apple | 1 Quicktime | 2026-04-16 | N/A |
| Multiple buffer overflows in Apple QuickTime before 7.1 allow remote attackers to execute arbitrary code via a crafted QuickTime movie (.MOV), as demonstrated via a large size for a udta Atom. | ||||
| CVE-2006-2031 | 1 Phpmyadmin | 1 Phpmyadmin | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin 2.8.0.3, 2.8.0.2, 2.8.1-dev, and 2.9.0-dev allows remote attackers to inject arbitrary web script or HTML via the lang parameter. | ||||
| CVE-2006-2364 | 1 Macromedia | 1 Coldfusion | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the validation feature in Macromedia ColdFusion 5 and earlier allows remote attackers to inject arbitrary web script or HTML via a "_required" field when the associated normal field is missing or empty, which is not sanitized before being presented in an error message. | ||||
| CVE-2006-2545 | 1 Xtreme Scripts | 1 Xtreme Topsites | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Xtreme Topsites 1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter in stats.php and (2) unspecified inputs in lostid.php, probably the searchthis parameter. NOTE: one or more of these vectors might be resultant from SQL injection. | ||||
| CVE-2006-1469 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Stack-based buffer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.6 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image. | ||||
| CVE-2006-2039 | 1 Ubertec | 1 Help Center Live | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in the osTicket module in Help Center Live before 2.1.0 allow remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2006-2708 | 1 Secure Elements | 1 Class 5 Enterprise Vulnerability Management | 2026-04-16 | N/A |
| Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 allows remote attackers to read portions of process memory via a modified size for (1) EM_GET_CE_PARAMETER and (2) EM_SET_CE_PARAMETER messages, which leads to a buffer overflow (probably an over-read). | ||||
| CVE-2006-2787 | 2 Mozilla, Redhat | 3 Firefox, Thunderbird, Enterprise Linux | 2026-04-16 | N/A |
| EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to gain privileges via javascript that calls the valueOf method on objects that were created outside of the sandbox. | ||||