Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-1506 1 Sun 1 Sunos 2026-04-16 N/A
Vulnerability in SMI Sendmail 4.0 and earlier, on SunOS up to 4.0.3, allows remote attackers to access user bin.
CVE-2005-0932 1 Coinsoft Technologies 1 Phpcoin 2026-04-16 N/A
Multiple SQL injection vulnerabilities in phpCOIN 1.2.1b and earlier allow remote attackers to execute arbitrary SQL commands (1) via the search engine, (2) the username or email fields in the "forgotten password" feature, or (3) the domain name in a package order.
CVE-2005-0933 1 Coinsoft Technologies 1 Phpcoin 2026-04-16 N/A
Directory traversal vulnerability in auxpage.php for phpCOIN 1.2.1b and earlier allows remote attackers to read arbitrary files via the page parameter.
CVE-2005-0934 1 Wackowiki 1 Wackowiki 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in WackoWiki R4 allow remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2006-0708 1 Nullsoft 1 Winamp 2026-04-16 N/A
Multiple buffer overflows in NullSoft Winamp 5.13 and earlier allow remote attackers to execute arbitrary code via (1) an m3u file containing a long URL ending in .wma, (2) a pls file containing a File1 field with a long URL ending in .wma, or (3) an m3u file with a long filename, variants of CVE-2005-3188 and CVE-2006-0476.
CVE-2000-0251 1 Hp 2 Hp-ux, Vvos 2026-04-16 N/A
HP-UX 11.04 VirtualVault (VVOS) sends data to unprivileged processes via an interface that has multiple aliased IP addresses.
CVE-2005-0935 1 Esmi 1 Paypal Storefront 2026-04-16 N/A
Multiple SQL injection vulnerabilities in ESMI PayPal Storefront allow remote attackers to execute arbitrary SQL commands via the (1) idpages parameter to pages.php or the (2) id2 parameter to products1.php.
CVE-2006-0709 2 Metamail Corporation, Redhat 2 Metamail, Enterprise Linux 2026-04-16 N/A
Buffer overflow in Metamail 2.7-50 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via e-mail messages with a long boundary attribute, a different vulnerability than CVE-2004-0105.
CVE-2005-0936 1 Esmi 1 Paypal Storefront 2026-04-16 N/A
Cross-site scripting vulnerability in products1h.php in ESMI PayPal Storefront allows remote attackers to inject arbitrary web script or HTML via the id parameter.
CVE-2005-0937 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
Some futex functions in futex.c for Linux kernel 2.6.x perform get_user calls while holding the mmap_sem semaphore, which could allow local users to cause a deadlock condition in do_page_fault by triggering get_user faults while another thread is executing mmap or other functions.
CVE-2005-0938 1 Uapplication 1 Ublog Reload 2026-04-16 N/A
Ublog Reload 1.0 through 1.0.4 stores ublogreload.mdb under the web root, which allows remote attackers to read usernames and hashed passwords via a direct request to ublogreload.mdb.
CVE-2006-0711 1 Neomail 1 Neomail 2026-04-16 N/A
The (1) addfolder and (2) deletefolder functions in neomail-prefs.pl in NeoMail 1.28 do not validate the Session ID, which allows remote attackers to add and delete arbitrary files, when configured with homedirfolders and homedirspools disabled.
CVE-2005-0941 2 Openoffice, Redhat 2 Openoffice, Enterprise Linux 2026-04-16 N/A
The StgCompObjStream::Load function in OpenOffice.org OpenOffice 1.1.4 and earlier allocates memory based on 16 bit length values, but process memory using 32 bit values, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a DOC document with certain length values, which leads to a heap-based buffer overflow.
CVE-2005-1046 2 Kde, Redhat 2 Kde, Enterprise Linux 2026-04-16 N/A
Buffer overflow in the kimgio library for KDE 3.4.0 allows remote attackers to execute arbitrary code via a crafted PCX image file.
CVE-2006-3919 1 Sd Studio 1 Sd Studio Cms 2026-04-16 N/A
SQL injection vulnerability in index.php in SD Studio CMS allows remote attackers to execute arbitrary SQL commands via the (1) news_id, (2) tid, and (3) page_id parameters.
CVE-1999-1507 1 Sun 1 Sunos 2026-04-16 N/A
Sun SunOS 4.1 through 4.1.3 allows local attackers to gain root access via insecure permissions on files and directories such as crash.
CVE-2005-1047 1 Phpbb Group 1 Phpbb 2026-04-16 N/A
Meilad File upload script (up.php) mod for phpBB 2.0.x does not properly limit the types of files that can be uploaded, which allows remote authenticated users to execute arbitrary commands by uploading PHP files, then directly requesting them from the uploads directory.
CVE-2006-0773 1 Hitachi 1 Business Logic 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Hitachi Business Logic - Container 02-03 through 03-00-/B on Windows, and 03-00 through 03-00-/B on Linux, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in the extended receiving box function.
CVE-1999-1524 1 Flowpoint 1 Flowpoint Dsl Router 2026-04-16 N/A
FlowPoint DSL router firmware versions prior to 3.0.8 allows a remote attacker to exploit a password recovery feature from the network and conduct brute force password guessing, instead of limiting the feature to the serial console port.
CVE-2005-1114 2 Phpbb Group, Smartor 2 Phpbb, Photo Album 2026-04-16 N/A
Multiple SQL injection vulnerabilities in album_search.php in Photo Album 2.0.53 for phpBB allow remote attackers to execute arbitrary SQL commands via the (1) mode or (2) search parameters.