Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-5469 2 Redhat, Wireshark 2 Enterprise Linux, Wireshark 2026-04-23 N/A
Unspecified vulnerability in the WBXML dissector in Wireshark (formerly Ethereal) 0.10.11 through 0.99.3 allows remote attackers to cause a denial of service (crash) via certain vectors that trigger a null dereference.
CVE-2006-5442 1 Viewvc 1 Viewvc 2026-04-23 N/A
ViewVC 1.0.2 and earlier does not specify a charset in its HTTP headers or HTML documents, which allows remote attackers to conduct cross-site scripting (XSS) attacks that inject arbitrary UTF-7 encoded JavaScript code via a view.
CVE-2006-6550 1 Phorum 1 Phorum 2026-04-23 N/A
PHP remote file inclusion vulnerability in common.php in Phorum 3.2.11 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the db_file parameter. NOTE: CVE disputes this vulnerability because db_file is defined before use
CVE-2006-5604 1 Phpcards 1 Phpcards 2026-04-23 N/A
Directory traversal vulnerability in phpcards.header.php in phpCards 1.3 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the CardLanguageFile parameter.
CVE-2006-5618 1 Netref 1 Netref 2026-04-23 N/A
Directory traversal vulnerability in script/cat_for_aff.php in Netref 4 allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the ad_direct parameter.
CVE-2006-5408 1 Mobilesecure Inc 2 Highwall Endpoint, Highwall Enterprise 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the wireless IDS management interface for Highwall Enterprise and Highwall Endpoint 4.0.2.11045 allow remote attackers to inject arbitrary HTML or web script via unspecified vectors.
CVE-2006-5589 1 Ledgersmb 1 Ledgersmb 2026-04-23 N/A
Multiple SQL injection vulnerabilities in LedgerSMB (LSMB) 1.1.0 and earlier allow remote attackers to execute arbitrary SQL commands via unspecified vectors in (1) OE.pm, (2) AM.pm, and (3) Form.pm.
CVE-2006-5377 1 Oracle 1 Peoplesoft Enterprise 2026-04-23 N/A
Unspecified vulnerability in PeopleSoft component in Oracle PeopleSoft Enterprise 8.80 GA, 8.90 GA, 8.8 Bundle 11, and 8.9 Bundle 4 has unknown impact and remote authenticated attack vectors, aka Vuln# PSE05.
CVE-2006-5378 1 Oracle 1 Enterpriseone 2026-04-23 N/A
Unspecified vulnerability in JD Edwards HTML Server in JD Edwards EnterpriseOne SP23_O2, 8.95.P1, and 8.96.D1 has unknown impact and remote authenticated attack vectors, aka Vuln# JDE01.
CVE-2006-5379 1 Nvidia 1 Binary Graphics Driver 2026-04-23 N/A
The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite arbitrary memory locations.
CVE-2006-5383 1 Def-blog 1 Def-blog 2026-04-23 N/A
SQL injection vulnerability in comadd.php in Def-Blog 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the article parameter.
CVE-2006-5384 1 Cds Software Consortium 1 Cds Agenda 2026-04-23 N/A
PHP remote file inclusion vulnerability in modification/SendAlertEmail.php in CDS Software Consortium CDS Agenda 4.2.9 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AGE parameter.
CVE-2006-5385 1 Spamoborona 1 Spamoborona 2026-04-23 N/A
PHP remote file inclusion vulnerability in admin/admin_spam.php in the SpamOborona 1.0b and earlier phpBB module allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2006-5386 1 Nuralstorm 1 Nuralstorm Webmail 2026-04-23 N/A
PHP remote file inclusion vulnerability in process.php in NuralStorm Webmail 0.98b and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the DEFAULT_SKIN parameter.
CVE-2006-5387 1 Phpbb Plusxl 1 Plusxl 2026-04-23 N/A
PHP remote file inclusion vulnerability in mods/iai/includes/constants.php in the PlusXL 20_272 and earlier phpBB module allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2008-2949 1 Microsoft 1 Internet Explorer 2026-04-23 N/A
Cross-domain vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to change the location property of a frame via the String data type, and use a frame from a different domain to observe domain-independent events, as demonstrated by observing onkeydown events with caballero-listener. NOTE: according to Microsoft, this is a duplicate of CVE-2008-2947, possibly a different attack vector.
CVE-2006-5415 1 News Defilante Horizontale 1 News Defilante Horizontale 2026-04-23 N/A
PHP remote file inclusion vulnerability in includes/functions_newshr.php in the News Defilante Horizontale 4.1.1 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2006-5416 1 F5 1 Firepass 1000 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in my.acctab.php3 in F5 Networks FirePass 1000 SSL VPN 5.5, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the sid parameter.
CVE-2006-5419 1 University Of Glasgow 1 Specimen Image Database 2026-04-23 N/A
PHP remote file inclusion vulnerability in client.php in University of Glasgow Specimen Image Database (SID), when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter.
CVE-2006-5423 1 Lou Portail 1 Lou Portail 2026-04-23 N/A
PHP remote file inclusion vulnerability in admin/admin_module.php in Lou Portail 1.4.1, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the g_admin_rep parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.