Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-5489 | 1 Rim | 1 Blackberry Enterprise Server | 2026-04-23 | N/A |
| Research in Motion (RIM) BlackBerry Enterprise Server 4.1 SP2 before Hotfix 1 for IBM Lotus Domino might allow attackers with meeting organizer privileges to cause a denial of service (application hang) via a deleted recurrent meeting instance when changing the attendee's calendar meeting time. | ||||
| CVE-2006-5491 | 1 Ceary | 1 Ultracms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in include/index.php in UltraCMS 0.9 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameters. | ||||
| CVE-2006-5493 | 1 Digitalhive | 1 Digitalhive | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in template/purpletech/base_include.php in DigitalHive 2.0 RC2 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. | ||||
| CVE-2006-5497 | 1 Middlebury College | 1 Segue Cms | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in themes/program/themesettings.inc.php in Segue CMS 1.5.8 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the themesdir parameter. | ||||
| CVE-2006-5498 | 1 Middlebury College | 1 Segue Cms | 2026-04-23 | N/A |
| Directory traversal vulnerability in themes/program/themesettings.inc.php in Segue CMS 1.5.8 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the theme parameter. | ||||
| CVE-2006-5782 | 1 Hp | 1 Openview Client Configuraton Manager | 2026-04-23 | N/A |
| radexecd.exe in HP OpenView Client Configuraton Manager (CCM) does not require authentication before executing commands in the installation directory, which allows remote attackers to cause a denial of service (reboot) by calling radbootw.exe or create arbitrary files by calling radcrecv. | ||||
| CVE-2006-5794 | 2 Openbsd, Redhat | 2 Openssh, Enterprise Linux | 2026-04-23 | N/A |
| Unspecified vulnerability in the sshd Privilege Separation Monitor in OpenSSH before 4.5 causes weaker verification that authentication has been successful, which might allow attackers to bypass authentication. NOTE: as of 20061108, it is believed that this issue is only exploitable by leveraging vulnerabilities in the unprivileged process, which are not known to exist. | ||||
| CVE-2006-5810 | 1 Xoops | 1 Xoops | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in modules/wfdownloads/newlist.php in XOOPS 1.0 allows remote attackers to inject arbitrary web script or HTML via the newdownloadshowdays parameter. | ||||
| CVE-2006-5812 | 1 Kerio | 1 Kerio Mailserver | 2026-04-23 | N/A |
| Unspecified vulnerability in Kerio MailServer allows attackers to cause a denial of service, as demonstrated by vd_kms4.pm, a "Kerio MailServer DoS." NOTE: As of 20061108, this disclosure has no actionable information. However, since it is from a reliable researcher, it is being assigned a CVE identifier for tracking purposes. | ||||
| CVE-2006-5818 | 1 Ibm | 1 Lotus Domino | 2026-04-23 | N/A |
| Multiple buffer overflows in tunekrnl in IBM Lotus Domino 6.x before 6.5.5 FP2 and 7.x before 7.0.2 allow local users to gain privileges and execute arbitrary code via unspecified vectors. | ||||
| CVE-2006-5816 | 1 Dmitry Sheiko | 1 Business Card Web Builder | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Dmitry Sheiko Business Card Web Builder (BCWB) 2.5 allow remote attackers to execute arbitrary PHP code via a URL in the root_path_admin parameter to (1) /include/startup.inc.php, (2) dcontent/default.css.php, or (3) system/default.css.php, different vectors than CVE-2006-4946. | ||||
| CVE-2006-5825 | 1 Kayako | 1 Supportsuite | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Kayako SupportSuite 3.00.32 allows remote attackers to inject arbitrary web script or HTML via the query string. | ||||
| CVE-2006-5826 | 1 Texas Imperial Software | 1 Wftpd | 2026-04-23 | N/A |
| Buffer overflow in Texas Imperial Software WFTPD Pro Server 3.23.1.1 allows remote authenticated users to execute arbitrary code or cause a denial of service (application crash) via crafted APPE commands that contain "/" (slash) or "\" (backslash) characters. | ||||
| CVE-2006-5828 | 1 Deltascripts | 1 Php Classifieds | 2026-04-23 | N/A |
| SQL injection vulnerability in detail.php in DeltaScripts PHP Classifieds 7.1 and earlier allows remote attackers to execute arbitrary SQL commands via the user_id parameter. | ||||
| CVE-2006-5822 | 1 Symantec | 3 Veritas Netbackup Client, Veritas Netbackup Enterprise Server, Veritas Netbackup Server | 2026-04-23 | N/A |
| Stack-based buffer overflow in the NetBackup bpcd daemon (bpcd.exe) in Symantec Veritas NetBackup 5.0 before 5.0_MP7, 5.1 before 5.1_MP6, and 6.0 before 6.0_MP4 allows remote attackers to execute arbitrary code via a long CONNECT_OPTIONS request, a different issue than CVE-2006-6222. | ||||
| CVE-2006-5835 | 1 Ibm | 1 Lotus Notes | 2026-04-23 | N/A |
| The Notes Remote Procedure Call (NRPC) protocol in IBM Lotus Notes Domino before 6.5.5 FP2 and 7.x before 7.0.2 does not require authentication to perform user lookups, which allows remote attackers to obtain the user ID file. | ||||
| CVE-2006-5837 | 1 Simplechat | 1 Simplechat | 2026-04-23 | N/A |
| Static code injection vulnerability in chat_panel.php in the SimpleChat 1.0.0 module for iWare Professional CMS allows remote attackers to inject arbitrary PHP code into chat_log.php via the msg parameter. | ||||
| CVE-2006-5839 | 1 Phpadventure | 1 Phpadventure | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in ad_main.php in PHPAdventure 1.1-Alpha and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _mygamefile parameter. | ||||
| CVE-2006-5841 | 1 Dodos Scripts | 1 Dodosmail | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in dodosmail.php in DodosMail 2.0.1 and earlier, and possibly 2.1, allow remote attackers to execute arbitrary PHP code via a URL in the (1) dodosmail_header_file or (2) dodosmail_footer_file parameters. | ||||
| CVE-2006-5852 | 1 Openbase International Ltd | 1 Openbase | 2026-04-23 | N/A |
| Untrusted search path vulnerability in openexec in OpenBase SQL before 10.0.1 allows local users to gain privileges via a modified PATH that references a malicious helper binary, as demonstrated by (1) cp, (2) rm, and (3) killall, different vectors than CVE-2006-5327. | ||||