Export limit exceeded: 29922 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29922 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-1450 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via an enriched text e-mail message with "invalid color information" that causes Mail to allocate and initialize arbitrary classes. | ||||
| CVE-2005-2200 | 1 Xerox | 3 Workcentre 2128, Workcentre 2636, Workcentre 3545 | 2026-04-16 | N/A |
| Multiple unknown vulnerabilities in the MicroServer Web Server for Xerox WorkCentre Pro Color 2128, 2636, and 3545, version 0.001.04.044 through 0.001.04.504, allow attackers to bypass authentication. | ||||
| CVE-2005-2201 | 1 Xerox | 3 Workcentre 2128, Workcentre 2636, Workcentre 3545 | 2026-04-16 | N/A |
| Unknown vulnerability in the MicroServer Web Server for Xerox WorkCentre Pro Color 2128, 2636, and 3545, version 0.001.04.044 through 0.001.04.504, allow attackers to cause a denial of service or access files via crafted HTTP requests. | ||||
| CVE-2005-2202 | 1 Xerox | 3 Workcentre 2128, Workcentre 2636, Workcentre 3545 | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the MicroServer Web Server for Xerox WorkCentre Pro Color 2128, 2636, and 3545, version 0.001.04.044 through 0.001.04.504, allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2005-2203 | 1 Phpwishlist | 1 Phpwishlist | 2026-04-16 | N/A |
| login.php in phpWishlist before 0.1.15 allows remote attackers to bypass authentication via a direct request to admin.php. | ||||
| CVE-2005-2204 | 1 Broadcom | 1 Etrust Siteminder | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Computer Associates (CA) eTrust SiteMinder 5.5, when the "CSSChecking" parameter is set to "NO," allows remote attackers to inject arbitrary web script or HTML via the (1) PASSWORD or (2) BUFFER parameters to smpwservicescgi.exe, (3) the TARGET parameter to login.fcc, and possibly other vectors. | ||||
| CVE-2005-2230 | 1 Elmo | 1 Elmo | 2026-04-16 | N/A |
| Electronic Mail Operator (elmo) 1.3.2-r1 and earlier creates the elmostats temporary file insecurely, which allows local users to overwrite arbitrary files. | ||||
| CVE-2006-2044 | 1 Ip3 Networks | 1 Ip3 Netaccess 75 | 2026-04-16 | N/A |
| na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 has a default username of admin and a default password of admin. | ||||
| CVE-2005-2231 | 1 High Availability Linux Project | 1 Heartbeat | 2026-04-16 | N/A |
| High Availability Linux Project Heartbeat 1.2.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2005-2232 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Buffer overflow in invscout in IBM AIX 5.1.0 through 5.3.0 might allow local users to execute arbitrary code via a long command line argument. | ||||
| CVE-2006-1477 | 1 Turnkey Web Tools | 1 Php Live Helper | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Turnkey Web Tools PHP Live Helper 1.8 allow remote attackers to include and execute arbitrary PHP code via the abs_path parameter in (1) initiate.php, (2) waiting.php, (3) welcome.php, (4) admin/index.php, (5) javascript.php, (6) checkchat.php, and (7) blank.php. | ||||
| CVE-2005-2233 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Buffer overflow in multiple "p" commands in IBM AIX 5.1, 5.2 and 5.3 might allow local users to execute arbitrary code via long command line arguments to (1) penable or other hard-linked files including (2) pdisable, (3) pstart, (4) phold, (5) pdelay, or (6) pshare. | ||||
| CVE-2006-1478 | 1 Turnkey Web Tools | 1 Php Live Helper | 2026-04-16 | N/A |
| Directory traversal vulnerability in (1) initiate.php and (2) possibly other PHP scripts in Turnkey Web Tools PHP Live Helper 1.8, and possibly later versions, allows remote authenticated users to include and execute arbitrary local files via directory traversal sequences in the language cookie, as demonstrated by uploading PHP code in a gl_session cookie to users.php, which causes the code to be stored in error.log, which is then included by initiate.php. | ||||
| CVE-2005-2234 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Buffer overflow in the getlvname command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long command line arguments. | ||||
| CVE-2006-1479 | 1 Serge Rey | 1 Gtd-php | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Serge Rey gtd-php (aka Getting Things Done) 0.5 allow remote attackers to inject arbitrary web script or HTML via the Description field in (1) newProject.php, (2) newList.php, and (3) newWaitingOn.php; the Title field in (4) newProject.php, (5) newList.php, (6) newWaitingOn.php, (7) newChecklist.php, (8) newContext.php, and (9) newGoal.php; the (10) Category Name field in newCategory.php; the (11) listTitle field in listReport.php; the (12) projectName field in projectReport.php; and the (13) checklistTitle field in checklistReport.php. | ||||
| CVE-2006-1764 | 1 Hosting Controller | 1 Hosting Controller | 2026-04-16 | N/A |
| Hosting Controller 6.1 stores forum/db/forum.mdb under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as user name and password credentials. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2005-2235 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Buffer overflow in the diagTasksWebSM command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long command line arguments. | ||||
| CVE-2005-2236 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Format string vulnerability in the paginit command in IBM AIX 5.3, and possibly other versions, might allow local users to execute arbitrary code via format strings in command line arguments. | ||||
| CVE-2005-2241 | 1 Cisco | 1 Call Manager | 2026-04-16 | N/A |
| Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1 does not quickly time out Realtime Information Server Data Collection (RISDC) sockets, which results in a "resource leak" that allows remote attackers to cause a denial of service (memory and connection consumption) in RisDC.exe. | ||||
| CVE-2006-1480 | 1 Duda | 1 Webalbum | 2026-04-16 | N/A |
| Directory traversal vulnerability in start.php in WebAlbum 2.02 allows remote attackers to include arbitrary files and execute commands by (1) injecting code into local log files via GET commands, then (2) accessing that log via a .. (dot dot) sequence and a trailing null (%00) byte in the skin2 COOKIE parameter. | ||||