Export limit exceeded: 29906 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29906 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-3120 | 1 Brian Wotring | 1 Osiris | 2026-04-16 | N/A |
| Format string vulnerability in Brian Wotring Osiris before 4.2.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unspecified attack vectors related to the logging functions. | ||||
| CVE-1999-0829 | 1 Hp | 1 Secure Web Console | 2026-04-16 | N/A |
| HP Secure Web Console uses weak encryption. | ||||
| CVE-1999-1457 | 1 Thttpd | 1 Thttpd Http Server | 2026-04-16 | N/A |
| Buffer overflow in thttpd HTTP server before 2.04-31 allows remote attackers to execute arbitrary commands via a long date string, which is not properly handled by the tdate_parse function. | ||||
| CVE-1999-0830 | 1 Sco | 1 Unixware | 2026-04-16 | N/A |
| Buffer overflow in SCO UnixWare Xsco command via a long argument. | ||||
| CVE-1999-1458 | 1 Digital | 1 Unix | 2026-04-16 | N/A |
| Buffer overflow in at program in Digital UNIX 4.0 allows local users to gain root privileges via a long command line argument. | ||||
| CVE-2006-3152 | 1 Bluehouse Project | 1 Phptrader | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in phpTRADER 4.9 SP5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) sectio parameter in (a) login.php, (b) write_newad.php, (c) newad.php, (d) printad.php, (e) askseller.php, (f) browse.php, (g) showmemberads.php, (h) note_ad.php, (i) abuse.php, (j) buynow.php, (k) confirm_newad.php, (2) an parameter in (l) printad.php, (m) note_ad.php, (3) who parameter in (n) showmemberads.php, and (4) adnr parameter in (o) buynow.php. | ||||
| CVE-2006-3157 | 1 Thinkfactory | 1 Ultimategoogle | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Thinkfactory UltimateGoogle 1.00 and earlier allows remote attackers to inject arbitrary web script or HTML via the REQ parameter. | ||||
| CVE-2006-3166 | 1 Free Realty | 1 Free Realty | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in propview.php in Free Realty 2.9-0.6 and earlier allows remote attackers to execute arbitrary web script or HTML via the sort parameter. | ||||
| CVE-2006-3168 | 1 Comscripts | 1 Cs-forum | 2026-04-16 | N/A |
| SQL injection vulnerability in CS-Forum before 0.82 allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) debut parameters in (a) read.php, and the (3) search and (4) debut parameters in (b) index.php. | ||||
| CVE-2006-3169 | 1 Comscripts | 1 Cs-forum | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in CS-Forum 0.81 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) msg_result and (2) rep_titre parameters in (a) read.php; and the (3) id and (4) parent parameters and (5) CSForum_nom, (6) CSForum_mail, and (7) CSForum_url cookie parameters in (b) ajouter.php. | ||||
| CVE-2006-3170 | 1 Comscripts | 1 Cs-forum | 2026-04-16 | N/A |
| CS-Forum before 0.82 allows remote attackers to obtain sensitive information via unspecified manipulations, possibly involving an empty collapse[] or readall parameter to index.php, which reveals the installation path in an error message. | ||||
| CVE-2006-3180 | 1 Swsoft | 1 Confixx | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in ftp_index.php in Confixx Pro 3.0 allows remote attackers to inject arbitrary web script or HTML via the path parameter. | ||||
| CVE-2005-4736 | 1 Ibm | 1 Db2 Universal Database | 2026-04-16 | N/A |
| IBM DB2 Universal Database (UDB) 820 before 8.2 FP10 allows remote authenticated users to cause a denial of service (disk consumption) via a hash join (hsjn) that triggers an infinite loop in sqlri_hsjnFlushBlocks. | ||||
| CVE-2006-2184 | 1 Chadha Software Technologies | 1 Phpkb Knowledge Base | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in PHPKB Knowledge Base allows remote attackers to inject arbitrary web script or HTML via the searchkeyword parameter. NOTE: the issue was originally disputed by the vendor, but on 20060519, the vendor notified CVE that "We have fixed all the mentioned issues and now the search section of PHPKB script is free from any XSS issues." | ||||
| CVE-2006-2185 | 1 Novell | 1 Netware | 2026-04-16 | N/A |
| PORTAL.NLM in Novell Netware 6.5 SP5 writes the username and password in cleartext to the abend.log log file when the groupOperationsMethod function fails, which allows context-dependent attackers to gain privileges. | ||||
| CVE-2000-0078 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| The June 1999 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the awk command. | ||||
| CVE-2006-2186 | 1 Zenphoto | 1 Zenphoto | 2026-04-16 | N/A |
| zenphoto 1.0.1 beta and earlier allow remote attackers to obtain sensitive information via a direct request for the (1) /photos/themes/default/ and (2) /photos/themes/testing/ URIs, which reveals the path in an error message. | ||||
| CVE-2006-2187 | 1 Zenphoto | 1 Zenphoto | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in zenphoto 1.0.1 beta and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) a parameter in i.php, and the (2) album and (3) image parameters in index.php. | ||||
| CVE-2006-2859 | 1 Mywebland | 1 Mybloggie | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in MyBloggie 2.1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mybloggie_root_path parameter to (1) admin.php or (2) scode.php. NOTE: this issue has been disputed in multiple third party followups, which say that the MyBloggie source code does not demonstrate the issue, so it might be the result of another module. CVE analysis as of 20060605 agrees with the dispute. In addition, scode.php is not part of the MyBloggie distribution | ||||
| CVE-2000-0112 | 1 Debian | 1 Debian Linux | 2026-04-16 | N/A |
| The default installation of Debian GNU/Linux uses an insecure Master Boot Record (MBR) which allows a local user to boot from a floppy disk during the installation. | ||||