Export limit exceeded: 363531 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-5657 1 Vilistextum 1 Vilistextum 2026-04-23 N/A
Multiple off-by-one errors in src/text.c in Vilistextum before 2.6.9 have unknown impact and attack vectors.
CVE-2007-5889 1 Idmos 1 Idmos 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in IDMOS 1.0 Alpha (aka Phoenix) allow remote attackers to execute arbitrary PHP code via a URL in the site_absolute_path parameter to (1) admin.php, (2) menu_add.php, and (3) menu_operation.php in administrator/, different vectors than CVE-2007-5294.
CVE-2006-5681 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
QuickTime for Java on Mac OS X 10.4 through 10.4.8, when used with Quartz Composer, allows remote attackers to obtain sensitive information (screen images) via a Java applet that accesses images that are being rendered by other embedded QuickTime objects.
CVE-2006-5704 1 Hp 1 Nonstop Server 2026-04-23 N/A
HP NonStop Server G06.29, when running Standard Security T6533G06 before T6533G06^ABK, does not properly evaluate access permissions to OSS directories when no optional ACL entry exists, which allows local users to read arbitrary files.
CVE-2006-5712 1 Mirapoint 1 Mirapoint Webmail 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Mirapoint WebMail allows remote attackers to inject arbitrary web script via the expression Cascading Style Sheets (CSS) function, as demonstrated using the width style for an IMG element.
CVE-2006-5713 1 Efs Software 1 Efs Web Server 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Easy File Sharing (EFS) Web Server 4.0 allows remote attackers to inject arbitrary web script or HTML via the (1) author, (2) content, or (3) title parameters when posting a forum thread. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-5714 1 Efs Software 1 Efs Web Server 2026-04-23 N/A
Easy File Sharing (EFS) Web Server 4.0, when running on an NTFS file system, allows remote attackers to read arbitrary files under the web root by appending "::$DATA" to the end of a HTTP GET request, which accesses the alternate data stream.
CVE-2006-5715 1 Efs Software 1 Easy Address Book 2026-04-23 N/A
Easy File Sharing (EFS) Easy Address Book 1.2, when run on an NTFS file system, allows remote attackers to read arbitrary files under the web root by appending "::$DATA" to the end of an HTTP GET request, which accesses the alternate data stream.
CVE-2006-5716 1 Freenews 1 Freenews 2026-04-23 N/A
Directory traversal vulnerability in aff_news.php in FreeNews 2.1 allows remote attackers to include local files via a .. (dot dot) sequence in the chemin parameter, when the aff_news parameter is not set to "1."
CVE-2006-5717 1 Zend 1 Zend Google Data Client Library Preview 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Zend Google Data Client Library (ZendGData) Preview 0.2.0 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in (1) basedemo.php and (2) calenderdemo.php in samples/, and other unspecified files.
CVE-2006-5719 1 Bytesfall Explorer 1 Bytesfall Explorer 2026-04-23 N/A
SQL injection vulnerability in libs/sessions.lib.php in BytesFall Explorer (bfExplorer) 0.0.6 allows remote attackers to execute arbitrary SQL commands via unspecified parameters, a different issue than CVE-2006-5606.
CVE-2006-5720 1 Francisco Burzi 1 Php-nuke 2026-04-23 N/A
SQL injection vulnerability in modules/journal/search.php in the Journal module in Francisco Burzi PHP-Nuke 7.9 and earlier allows remote attackers to execute arbitrary SQL commands via the forwhat parameter.
CVE-2006-5723 1 Dataparksearch 1 Dataparksearch 2026-04-23 N/A
SQL injection vulnerability in DataparkSearch Engine 4.42 and earlier allows remote attackers to execute arbitrary SQL commands via a malformed hostname in a URL.
CVE-2007-5804 1 Ibm 1 Aix 2026-04-23 N/A
cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the "-p" option to swcons, which allows local users in the system group to create or overwrite an arbitrary file, and enable world writability of this file, by using the file's name as the argument.
CVE-2006-5740 2 Redhat, Wireshark 2 Enterprise Linux, Wireshark 2026-04-23 N/A
Unspecified vulnerability in the LDAP dissector in Wireshark (formerly Ethereal) 0.99.3 allows remote attackers to cause a denial of service (crash) via a crafted LDAP packet.
CVE-2006-5739 1 Leicestershire 1 Communityportals 2026-04-23 N/A
PHP remote file inclusion vulnerability in cpadmin/cpa_index.php in Leicestershire communityPortals 1.0_2005-10-18_12-31-18 allows remote attackers to execute arbitrary PHP code via a URL in the cp_root_path parameter, a different vector than CVE-2006-5280.
CVE-2006-5746 1 Airmagnet 1 Enterprise 2026-04-23 N/A
The console in AirMagnet Enterprise before 7.5 build 6307 does not properly validate the Enterprise Server certificate, which allows remote attackers to read network traffic via a man-in-the-middle (MITM) attack, possibly related to the use of self-signed certificates.
CVE-2006-5747 2 Mozilla, Redhat 4 Firefox, Seamonkey, Thunderbird and 1 more 2026-04-23 N/A
Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allows remote attackers to execute arbitrary code via the XML.prototype.hasOwnProperty JavaScript function.
CVE-2006-5754 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-23 N/A
The aio_setup_ring function in Linux kernel does not properly initialize a variable, which allows local users to cause a denial of service (crash) via an unspecified error path that causes an incorrect free operation.
CVE-2006-5760 1 Phpdynasite 1 Phpdynasite 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in phpDynaSite 3.2.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the racine parameter to (1) function_log.php, (2) function_balise_url.php, or (3) connection.php.