Export limit exceeded: 350771 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 350771 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (350771 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-3556 | 1 Extcalendar | 1 Extcalendar | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in extcalendar.php in Mohamed Moujami ExtCalendar 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| CVE-2006-3558 | 1 Arif Supriyanto | 1 Auracms | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Arif Supriyanto auraCMS 1.62 allow remote attackers to inject arbitrary web script or HTML via (1) the judul_artikel parameter in teman.php and (2) the title of an article sent to admin, which is displayed when unauthenticated users visit index.php. | ||||
| CVE-2006-3559 | 1 Arif Supriyanto | 1 Auracms | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Arif Supriyanto auraCMS 1.62 allow remote attackers to execute arbitrary SQL commands and delete all shoutbox messages via the (1) name and (2) pesan parameters. | ||||
| CVE-2006-3579 | 1 Fujitsu | 1 Serverview | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Fujitsu ServerView 2.50 up to 3.60L98 and 4.10L11 up to 4.11L81 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2006-3580 | 1 Asp Stats Generator | 1 Asp Stats Generator | 2026-04-16 | N/A |
| SQL injection vulnerability in pages.asp in ASP Stats Generator before 2.1.2 allows remote attackers to execute arbitrary SQL commands via the order parameter. | ||||
| CVE-2006-3581 | 1 Audacious Media Player Team | 1 Adplug | 2026-04-16 | N/A |
| Multiple stack-based buffer overflows in Audacious AdPlug 2.0 and earlier allow remote user-assisted attackers to execute arbitrary code via large (1) DTM and (2) S3M files. | ||||
| CVE-2006-3582 | 1 Audacious Media Player Team | 1 Adplug | 2026-04-16 | N/A |
| Multiple heap-based buffer overflows in Audacious AdPlug 2.0 and earlier allow remote user-assisted attackers to execute arbitrary code via the size specified in the package header of (1) CFF, (2) MTK, (3) DMO, and (4) U6M files. | ||||
| CVE-2006-3583 | 1 Jetbox | 1 Jetbox Cms | 2026-04-16 | N/A |
| Session fixation vulnerability in Jetbox CMS 2.1 SR1 allows remote attackers to hijack web sessions via a crafted link and the administrator section. | ||||
| CVE-2006-3584 | 1 Jetbox | 1 Jetbox Cms | 2026-04-16 | N/A |
| Dynamic variable evaluation vulnerability in index.php in Jetbox CMS 2.1 SR1 allows remote attackers to overwrite configuration variables via URL parameters, which are evaluated as PHP variable variables. | ||||
| CVE-2006-3586 | 1 Jetbox | 1 Jetbox Cms | 2026-04-16 | N/A |
| SQL injection vulnerability in Jetbox CMS 2.1 SR1 allows remote attackers to execute arbitrary SQL commands via the (1) frontsession COOKIE parameter and (2) view parameter in index.php, and the (3) login parameter in admin/cms/index.php. | ||||
| CVE-2006-3587 | 2 Adobe, Redhat | 2 Flash Player, Rhel Extras | 2026-04-16 | N/A |
| Unspecified vulnerability in Adobe (Macromedia) Flash Player 8.0.24.0 allows remote attackers to execute arbitrary commands via a malformed .swf file that results in "multiple improper memory access" errors. | ||||
| CVE-2006-3588 | 2 Adobe, Redhat | 2 Flash Player, Rhel Extras | 2026-04-16 | N/A |
| Unspecified vulnerability in Adobe (Macromedia) Flash Player 8.0.24.0 allows remote attackers to cause a denial of service (browser crash) via a malformed, compressed .swf file, a different issue than CVE-2006-3587. | ||||
| CVE-2006-3589 | 1 Vmware | 5 Esx, Infrastructure, Player and 2 more | 2026-04-16 | N/A |
| vmware-config.pl in VMware for Linux, ESX Server 2.x, and Infrastructure 3 does not check the return code from a Perl chmod function call, which might cause an SSL key file to be created with an unsafe umask that allows local users to read or modify the SSL key. | ||||
| CVE-2006-3591 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (application crash) by accessing the URL property of a TriEditDocument.TriEditDocument object before it has been initialized, which triggers a NULL pointer dereference. | ||||
| CVE-2006-3592 | 1 Cisco | 1 Unified Callmanager | 2026-04-16 | N/A |
| Unspecified vulnerability in the command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to execute arbitrary commands with elevated privileges via unspecified vectors, involving "certain CLI commands," aka bug CSCse11005. | ||||
| CVE-2006-3593 | 1 Cisco | 1 Unified Callmanager | 2026-04-16 | N/A |
| The command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to overwrite arbitrary files by redirecting a command's output to a file or folder, aka bug CSCse31704. | ||||
| CVE-2006-3594 | 1 Cisco | 1 Unified Callmanager | 2026-04-16 | N/A |
| Buffer overflow in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows remote attackers to execute arbitrary code via a long hostname in a SIP request, aka bug CSCsd96542. | ||||
| CVE-2006-3596 | 1 Cisco | 1 Ips Sensor Software | 2026-04-16 | N/A |
| The device driver for Intel-based gigabit network adapters in Cisco Intrusion Prevention System (IPS) 5.1(1) through 5.1(p1), as installed on various Cisco Intrusion Prevention System 42xx appliances, allows remote attackers to cause a denial of service (kernel panic and possibly network outage) via a crafted IP packet. | ||||
| CVE-2006-3597 | 1 Ubuntu | 1 Ubuntu Linux | 2026-04-16 | N/A |
| passwd before 1:4.0.13 on Ubuntu 6.06 LTS leaves the root password blank instead of locking it when the administrator selects the "Go Back" option after the final "Installation complete" message and uses the main menu, which causes the password to be zeroed out in the installer's memory. | ||||
| CVE-2006-3598 | 1 Php-nuke | 1 Sections Module | 2026-04-16 | N/A |
| SQL injection vulnerability in the Sections module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the artid parameter in a viewarticle op. | ||||