Export limit exceeded: 363307 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363307 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-5070 | 1 Facestones | 1 Facestones | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in fsl2/objects/fs_form_links.php in faceStones Personal 2.0.42 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[fsinit][objpath] parameter. | ||||
| CVE-2006-6731 | 2 Redhat, Sun | 5 Enterprise Linux, Rhel Extras, Jdk and 2 more | 2026-04-23 | N/A |
| Multiple buffer overflows in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 7 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allow attackers to develop Java applets that read, write, or execute local files, possibly related to (1) integer overflows in the Java_sun_awt_image_ImagingLib_convolveBI, awt_parseRaster, and awt_parseColorModel functions; (2) a stack overflow in the Java_sun_awt_image_ImagingLib_lookupByteRaster function; and (3) improper handling of certain negative values in the Java_sun_font_SunLayoutEngine_nativeLayout function. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2006-5071 | 1 Eyeos Project | 1 Eyeos | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in eyeOS before 0.9.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving (1) eyeNav and (2) system/baixar.php. | ||||
| CVE-2006-6732 | 1 Cwm-design | 1 Cwmvote | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in archive.php in cwmVote 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the abs parameter. | ||||
| CVE-2007-0450 | 2 Apache, Redhat | 8 Http Server, Tomcat, Certificate System and 5 more | 2026-04-23 | N/A |
| Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules (mod_proxy, mod_rewrite, mod_jk), allows remote attackers to read arbitrary files via a .. (dot dot) sequence with combinations of (1) "/" (slash), (2) "\" (backslash), and (3) URL-encoded backslash (%5C) characters in the URL, which are valid separators in Tomcat but not in Apache. | ||||
| CVE-2006-6733 | 1 Osticket | 1 Osticket Sts | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in support/view.php in Support Cards 1 (osTicket) allows remote attackers to inject arbitrary web script or HTML via the e parameter. | ||||
| CVE-2006-5073 | 1 Sun | 2 Solaris, Sunos | 2026-04-23 | N/A |
| Unspecified vulnerability in Sun Solaris 8, 9 and 10 allows remote attackers to cause a denial of service (panic) via crafted IPv6 packets, a different vulnerability than CVE-2006-5013. | ||||
| CVE-2006-5074 | 1 Php Invoice | 1 Php Invoice | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in home.php in PHP Invoice 2.2 allows remote attackers to inject arbitrary web script or HTML via the alert parameter. | ||||
| CVE-2006-6734 | 1 Obie Website | 1 Mini Web Shop | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in modules/viewcategory.php in Minh Nguyen Duong Obie Website Mini Web Shop 2.1.c allows remote attackers to inject arbitrary web script or HTML via the catname parameter. | ||||
| CVE-2006-5076 | 1 Back-end | 1 Back-end Cms | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in OpenConcept Back-End 0.4.5 allow remote attackers to execute arbitrary PHP code via a URL in the includes_path parameter in (1) admin/index.php, (2) Facts.php, or (3) search.php. | ||||
| CVE-2006-6735 | 1 Obie Website | 1 Mini Web Shop | 2026-04-23 | N/A |
| modules/viewcategory.php in Minh Nguyen Duong Obie Website Mini Web Shop 2.1.c allows remote attackers to obtain sensitive information via a request with an arbitrary catname parameter but no itemsdb parameter, which reveals the path in an error message. NOTE: CVE analysis suggests that this error might be resultant from a more serious issue such as directory traversal. | ||||
| CVE-2007-0452 | 2 Redhat, Samba | 2 Enterprise Linux, Samba | 2026-04-23 | N/A |
| smbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users to cause a denial of service (memory and CPU exhaustion) by renaming a file in a way that prevents a request from being removed from the deferred open queue, which triggers an infinite loop. | ||||
| CVE-2006-5089 | 1 My-bic | 1 My-bic | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in mybic_server.php in Jim Plush My-BIC 0.6.5 allows remote attackers to execute arbitrary PHP code via a URL in the file parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. CVE disputes this vulnerability because the file variable is defined before use in a way that prevents arbitrary inclusion | ||||
| CVE-2006-6737 | 2 Redhat, Sun | 5 Enterprise Linux, Rhel Extras, Jdk and 2 more | 2026-04-23 | N/A |
| Unspecified vulnerability in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 5 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_10 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allows attackers to use untrusted applets to "access data in other applets," aka "The first issue." | ||||
| CVE-2006-6741 | 1 Mkportal | 1 Mkportal | 2026-04-23 | N/A |
| Cross-site request forgery (CSRF) vulnerability in urlobox in MKPortal allows remote attackers to delete arbitrary messages as an administrator via a delete operation in an img BBcode tag. | ||||
| CVE-2006-5105 | 1 Forum One | 1 Syntaxcms | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in SyntaxCMS 1.1.1 through 1.3 allow remote attackers to execute arbitrary PHP code via a URL in (1) the init_path parameter to admin/testing/tests/0030_init_syntax.php, or (2) an unspecified parameter to admin/testing/index.php. NOTE: the 0004_init_urls.php vector is already covered by CVE-2006-5055. | ||||
| CVE-2006-6742 | 1 Hp | 3 Ftp Print Server, Laserjet 5000, Laserjet 5100 | 2026-04-23 | N/A |
| Multiple buffer overflows in FTP Print Server 2.4 and 2.4.5 in HP LaserJet 5000 Series printers with firmware R.25.15 or R.25.47, and HP LaserJet 5100 Series printers with firmware V.29.12, allow remote attackers to cause a denial of service (device crash) via a long string in the (1) LIST or (2) NLST command. | ||||
| CVE-2007-0454 | 3 Debian, Mandrakesoft, Samba | 5 Debian Linux, Mandrake Linux, Mandrake Linux Corporate Server and 2 more | 2026-04-23 | N/A |
| Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping. | ||||
| CVE-2007-0456 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2026-04-23 | N/A |
| Unspecified vulnerability in the LLT dissector in Wireshark (formerly Ethereal) 0.99.3 and 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors. | ||||
| CVE-2006-5130 | 1 Salims Softhouse | 1 Jaf Cms | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ph03y3nk just another flat file (JAF) CMS 4.0 RC1 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) url, (3) title, and (4) about parameters in a forum post. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||