Export limit exceeded: 29899 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29899 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-4021 | 1 Scatterchat | 1 Scatterchat | 2026-04-16 | N/A |
| The cryptographic module in ScatterChat 1.0.x allows attackers to identify patterns in large numbers of messages by identifying collisions using a birthday attack on the custom padding mechanism for ECB mode encryption. | ||||
| CVE-2006-4022 | 1 Intel | 1 2100 Proset Wireless | 2026-04-16 | N/A |
| Intel 2100 PRO/Wireless Network Connection driver PROSet before 7.1.4.6 allows local users to corrupt memory and execute code via "requests for capabilities from higher-level protocol drivers or user-level applications" involving crafted frames, a different issue than CVE-2006-3992. | ||||
| CVE-2006-4186 | 1 Novell | 1 Edirectory | 2026-04-16 | N/A |
| The iManager in eMBoxClient.jar in Novell eDirectory 8.7.3.8 writes passwords in plaintext to a log file, which allows local users to obtain passwords by reading the file. | ||||
| CVE-2006-4187 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Unspecified vulnerability in HP-UX B.11.00, B.11.11 and B.11.23, when running in trusted mode, allows local users to cause a denial of service via unspecified vectors. | ||||
| CVE-2006-4188 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Unspecified vulnerability in the LP subsystem in HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows remote attackers to cause a denial of service via unknown vectors. | ||||
| CVE-2006-4190 | 1 Php-nuke | 1 Autohtml Module | 2026-04-16 | N/A |
| Directory traversal vulnerability in autohtml.php in the AutoHTML module for PHP-Nuke allows local users to include arbitrary files via a .. (dot dot) in the name parameter for a modload operation. | ||||
| CVE-2006-4192 | 2 Modplug, Redhat | 2 Tracker, Enterprise Linux | 2026-04-16 | N/A |
| Multiple buffer overflows in MODPlug Tracker (OpenMPT) 1.17.02.43 and earlier and libmodplug 0.8 and earlier, as used in GStreamer and possibly other products, allow user-assisted remote attackers to execute arbitrary code via (1) long strings in ITP files used by the CSoundFile::ReadITProject function in soundlib/Load_it.cpp and (2) crafted modules used by the CSoundFile::ReadSample function in soundlib/Sndfile.cpp, as demonstrated by crafted AMF files. | ||||
| CVE-2006-4193 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Microsoft Internet Explorer 6.0 SP1 and possibly other versions allows remote attackers to cause a denial of service and possibly execute arbitrary code by instantiating COM objects as ActiveX controls, including (1) imskdic.dll (Microsoft IME), (2) chtskdic.dll (Microsoft IME), and (3) msoe.dll (Outlook), which leads to memory corruption. NOTE: it is not certain whether the issue is in Internet Explorer or the individual DLL files. | ||||
| CVE-2006-4194 | 1 Cisco | 8 Pix Firewall 501, Pix Firewall 506, Pix Firewall 515 and 5 more | 2026-04-16 | N/A |
| Unspecified vulnerability in Cisco PIX 500 Series Security Appliances allows remote attackers to send arbitrary UDP packets to intranet devices via unspecified vectors involving Session Initiation Protocol (SIP) fixup commands, a different issue than CVE-2006-4032. NOTE: the vendor, after working with the researcher, has been unable to reproduce the issue | ||||
| CVE-2006-4209 | 1 Webinsta | 1 Mailing List Manager | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in install3.php in WEBInsta Mailing List Manager 1.3e allows remote attackers to execute arbitrary PHP code via a URL in the cabsolute_path parameter. | ||||
| CVE-2006-4210 | 1 Andreas Kansok | 1 Phpay | 2026-04-16 | N/A |
| nu_mail.inc.php in Andreas Kansok phPay 2.02 and 2.02.1, when register_globals is enabled, allows remote attackers to use the server as an open mail relay via modified mail_text2, user_row[5], nu_mail_1, and shop_mail parameters. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2006-4211 | 1 B0zz And Chris Vincent | 1 Owl Intranet Engine | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in b0zz and Chris Vincent Owl Intranet Engine 0.90 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2006-4212 | 1 B0zz And Chris Vincent | 1 Owl Intranet Engine | 2026-04-16 | N/A |
| SQL injection vulnerability in b0zz and Chris Vincent Owl Intranet Engine 0.90 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2006-4033 | 1 Lhaplus | 1 Lhaplus | 2026-04-16 | N/A |
| Heap-based buffer overflow in Lhaplus.exe in Lhaplus 1.52, and possibly earlier versions, allows remote attackers to execute arbitrary code via an LZH archive with a long header, as specified by the extendedHeaderSize. | ||||
| CVE-2006-4233 | 1 Globus | 1 Globus Toolkit | 2026-04-16 | N/A |
| Globus Toolkit 3.2.x, 4.0.x, and 4.1.0 before 20060815 allow local users to obtain sensitive information (proxy certificates) and overwrite arbitrary files via a symlink attack on temporary files in the /tmp directory, as demonstrated by files created by (1) myproxy-admin-adduser, (2) grid-ca-sign, and (3) grid-security-config. | ||||
| CVE-2006-4234 | 1 Dotproject | 1 Dotproject | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in classes/query.class.php in dotProject 2.0.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the baseDir parameter. | ||||
| CVE-2006-4235 | 1 Sony | 1 Sonicstage Mastering Studio | 2026-04-16 | N/A |
| Buffer overflow in the import project functionality in Sony SonicStage Mastering Studio 1.1.00 through 2.2.01 allows remote attackers to execute arbitrary code via a crafted SMP file. | ||||
| CVE-2006-4237 | 1 Invisionix Systems | 1 Invisionix Roaming System Remote | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in pageheaderdefault.inc.php in Invisionix Roaming System Remote (IRSR) 0.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _sysSessionPath parameter. | ||||
| CVE-2006-4238 | 1 Wtcom | 1 Web Torrent | 2026-04-16 | N/A |
| SQL injection vulnerability in torrents.php in WebTorrent (WTcom) 0.2.4 and earlier allows remote attackers to execute arbitrary SQL commands via the cat parameter in category mode. | ||||
| CVE-2006-4196 | 1 Webinsta | 1 Cms | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in index.php in WEBInsta CMS 0.3.1 and possibly earlier allows remote attackers to execute arbitrary PHP code via a URL in the templates_dir parameter. | ||||