Export limit exceeded: 29922 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29922 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-5216 | 1 Sergey Lyubka | 1 Simple Httpd | 2026-04-23 | N/A |
| Stack-based buffer overflow in Sergey Lyubka Simple HTTPD (shttpd) 1.34 allows remote attackers to execute arbitrary code via a long URI. | ||||
| CVE-2006-5208 | 1 Deltascripts | 1 Php Classifieds | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in PHP Classifieds 7.1 allow remote attackers to execute arbitrary SQL commands via (1) the catid_search parameter in search.php and (2) the catid parameter in index.php. | ||||
| CVE-2006-5210 | 1 Ciphertrust | 1 Ironmail | 2026-04-23 | N/A |
| Directory traversal vulnerability in IronWebMail before 6.1.1 HotFix-17 allows remote attackers to read arbitrary files via a GET request to the IM_FILE identifier with double-url-encoded "../" sequences ("%252e%252e/"). | ||||
| CVE-2006-5211 | 1 Trend Micro | 1 Officescan Corporate Edition | 2026-04-23 | N/A |
| Trend Micro OfficeScan 6.0 in Client/Server/Messaging (CSM) Suite for SMB 2.0 before 6.0.0.1385, and OfficeScan Corporate Edition (OSCE) 6.5 before 6.5.0.1418, 7.0 before 7.0.0.1257, and 7.3 before 7.3.0.1053 allow remote attackers to remove OfficeScan clients via a certain HTTP request that invokes the OfficeScan CGI program. | ||||
| CVE-2006-4516 | 1 Freebsd | 1 Freebsd | 2026-04-23 | N/A |
| Integer signedness error in FreeBSD 6.0-RELEASE allows local users to cause a denial of service (memory corruption and kernel panic) via a PT_LWPINFO ptrace command with a large negative data value that satisfies a signed maximum value check but is used in an unsigned copyout function call. | ||||
| CVE-2006-4521 | 1 Novell | 1 Edirectory | 2026-04-23 | N/A |
| The BerDecodeLoginDataRequest function in the libnmasldap.so NMAS module in Novell eDirectory 8.8 and 8.8.1 before the Security Services 2.0.3 patch does not properly increment a pointer when handling certain input, which allows remote attackers to cause a denial of service (invalid memory access) via a crafted login request. | ||||
| CVE-2006-4510 | 1 Novell | 1 Edirectory | 2026-04-23 | N/A |
| The evtFilteredMonitorEventsRequest function in the LDAP service in Novell eDirectory before 8.8.1 FTF1 allows remote attackers to execute arbitrary code via a crafted request containing a value that is larger than the number of objects transmitted, which triggers an invalid free of unallocated memory. | ||||
| CVE-2006-4412 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| WebKit in Apple Mac OS X 10.3.x through 10.3.9 and 10.4 through 10.4.8 allows remote attackers to execute arbitrary code via a crafted HTML file, which accesses previously deallocated objects. | ||||
| CVE-2006-5072 | 1 Mono | 1 Mono | 2026-04-23 | N/A |
| The System.CodeDom.Compiler classes in Novell Mono create temporary files with insecure permissions, which allows local users to overwrite arbitrary files or execute arbitrary code via a symlink attack. | ||||
| CVE-2006-5089 | 1 My-bic | 1 My-bic | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in mybic_server.php in Jim Plush My-BIC 0.6.5 allows remote attackers to execute arbitrary PHP code via a URL in the file parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. CVE disputes this vulnerability because the file variable is defined before use in a way that prevents arbitrary inclusion | ||||
| CVE-2006-5226 | 1 Freenews | 1 Freenews | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in moteur/moteur.php in Prologin.fr Freenews 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the chemin parameter. | ||||
| CVE-2006-4406 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| Buffer overflow in PPP on Apple Mac OS X 10.4.x up to 10.4.8 and 10.3.x up to 10.3.9, when PPPoE is enabled, allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2006-4400 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| Stack-based buffer overflow in the Apple Type Services (ATS) server in Mac OS 10.4.8 and earlier allow user-assisted attackers to execute arbitrary code via crafted font files. | ||||
| CVE-2006-4399 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| User interface inconsistency in Workgroup Manager in Apple Mac OS X 10.4 through 10.4.7 appears to allow administrators to change the authentication type from crypt to ShadowHash passwords for accounts in a NetInfo parent, when such an operation is not actually supported, which could result in less secure password management than intended. | ||||
| CVE-2006-4401 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| Unspecified vulnerability in CFNetwork in Mac OS 10.4.8 and earlier allows user-assisted remote attackers to execute arbitrary FTP commands via a crafted FTP URI. | ||||
| CVE-2006-4407 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| The Security Framework in Apple Mac OS X 10.3.x up to 10.3.9 does not properly prioritize encryption ciphers when negotiating the strongest shared cipher, which causes Secure Transport to user a weaker cipher that makes it easier for remote attackers to decrypt traffic. | ||||
| CVE-2006-4396 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| The Apple Type Services (ATS) server in Mac OS X 10.4.8 and earlier does not securely create log files, which allows local users to create and modify arbitrary files via unspecified vectors, possibly relating to a symlink attack. | ||||
| CVE-2006-4397 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| Unchecked error condition in LoginWindow in Apple Mac OS X 10.4 through 10.4.7 prevents Kerberos tickets from being destroyed if a user does not successfully log on to a network account from the login window, which might allow later users to gain access to the original user's Kerberos tickets. | ||||
| CVE-2006-4402 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| Heap-based buffer overflow in the Finder in Apple Mac OS X 10.4.8 and earlier allows user-assisted remote attackers to execute arbitrary code by browsing directories containing crafted .DS_Store files. | ||||
| CVE-2006-4403 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| The FTP server in Apple Mac OS X 10.4.8 and earlier, when FTP Access is enabled, will crash when a login failure occurs with a valid user name, which allows remote attackers to cause a denial of service (crash) and enumerate valid usernames. | ||||