Export limit exceeded: 351327 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 351327 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (351327 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-3107 | 1 Docebo | 1 Docebo | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Docebo 3.0.3 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in (1) GLOBALS[where_framework] to (a) admin/modules/news/news_class.php and (b) admin/modules/content/content_class.php, and (2) GLOBALS[where_cms] to (c) admin/modules/block_media/util.media.php. NOTE: this issue might be resultant from a global overwrite vulnerability. This issue is similar to CVE-2006-2576, but the vectors are different. | ||||
| CVE-2006-3115 | 1 Spiffyjr | 1 Phpraid | 2026-04-16 | N/A |
| SQL injection vulnerability in view.php in phpRaid 3.0.4, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the raid_id parameter. | ||||
| CVE-2006-3117 | 3 Openoffice, Redhat, Sun | 3 Openoffice, Enterprise Linux, Staroffice | 2026-04-16 | N/A |
| Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka "File Format / Buffer Overflow Vulnerability." | ||||
| CVE-1999-0818 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Buffer overflow in Solaris kcms_configure via a long NETPATH environmental variable. | ||||
| CVE-2006-3118 | 1 Canonical | 1 Spread | 2026-04-16 | N/A |
| spread uses a temporary file with a static filename based on the port number, which allows local users to cause a denial of service by creating the file during a race condition between unlink and bind function calls. NOTE: spread deletes this temporary file before use, which could cause conflicts with other programs that use the same filename, but this is not a distinct issue. | ||||
| CVE-1999-0827 | 2 Microsoft, Netscape | 3 Ie, Internet Explorer, Navigator | 2026-04-16 | N/A |
| By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing. | ||||
| CVE-2006-3119 | 1 Fbi | 1 Fbi | 2026-04-16 | N/A |
| The fbgs framebuffer Postscript/PDF viewer in fbi before 2.01 has a typo that prevents a filter from working correctly, which allows user-assisted attackers to bypass the filter and execute malicious Postscript commands. | ||||
| CVE-1999-0828 | 1 Sco | 1 Unixware | 2026-04-16 | N/A |
| UnixWare pkg commands such as pkginfo, pkgcat, and pkgparam allow local users to read arbitrary files via the dacread permission. | ||||
| CVE-2006-3120 | 1 Brian Wotring | 1 Osiris | 2026-04-16 | N/A |
| Format string vulnerability in Brian Wotring Osiris before 4.2.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unspecified attack vectors related to the logging functions. | ||||
| CVE-1999-0829 | 1 Hp | 1 Secure Web Console | 2026-04-16 | N/A |
| HP Secure Web Console uses weak encryption. | ||||
| CVE-1999-1457 | 1 Thttpd | 1 Thttpd Http Server | 2026-04-16 | N/A |
| Buffer overflow in thttpd HTTP server before 2.04-31 allows remote attackers to execute arbitrary commands via a long date string, which is not properly handled by the tdate_parse function. | ||||
| CVE-2006-3127 | 1 Sun | 2 Java Enterprise System, Java System Directory Server | 2026-04-16 | N/A |
| Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 through 2005Q1 and Java System Directory Server 5.2, allows remote attackers to cause a denial of service (memory consumption) by performing a large number of RSA cryptographic operations. | ||||
| CVE-1999-0830 | 1 Sco | 1 Unixware | 2026-04-16 | N/A |
| Buffer overflow in SCO UnixWare Xsco command via a long argument. | ||||
| CVE-1999-1458 | 1 Digital | 1 Unix | 2026-04-16 | N/A |
| Buffer overflow in at program in Digital UNIX 4.0 allows local users to gain root privileges via a long command line argument. | ||||
| CVE-2006-3128 | 1 Easy-cms | 1 Easy-cms | 2026-04-16 | N/A |
| choose_file.php in easy-CMS 0.1.2, when mod_mime is installed, does not restrict uploads of filenames with multiple extensions, which allows remote attackers to execute arbitrary PHP code by uploading a PHP file with a GIF file extension, then directly accessing that file in the Repositories directory. | ||||
| CVE-2006-3129 | 1 Nc Linklist | 1 Nc Linklist | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in NC LinkList 1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) cat and (2) view parameters. | ||||
| CVE-1999-1459 | 1 Bmc | 1 Patrol Agent | 2026-04-16 | N/A |
| BMC PATROL Agent before 3.2.07 allows local users to gain root privileges via a symlink attack on a temporary file. | ||||
| CVE-2006-3130 | 1 Clubpage | 1 Clubpage | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in Clubpage allows remote attackers to execute arbitrary SQL commands via the category parameter. | ||||
| CVE-2006-3131 | 1 Clubpage | 1 Clubpage | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Clubpage allow remote attackers to inject arbitrary web script or HTML via the (1) news_archive, (2) language, and (3) intranetLogin parameters in (a) index.php; the (4) sites_id parameter in (b) sites.php; and the (5) news_id parameter in (c) news_more.php. | ||||
| CVE-2006-3132 | 1 Qto | 1 Qtofilemanager | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in qtofm.php4 in QTOFileManager 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter, as originally reported for index.php. | ||||