Export limit exceeded: 363005 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-3725 | 1 Symantec | 1 Norton Personal Firewall | 2026-04-16 | N/A |
| Norton Personal Firewall 2006 9.1.0.33 allows local users to cause a denial of service (crash) via certain RegSaveKey, RegRestoreKey and RegDeleteKey operations on the (1) HKLM\SYSTEM\CurrentControlSet\Services\SNDSrvc and (2) HKLM\SYSTEM\CurrentControlSet\Services\SymEvent registry keys. | ||||
| CVE-2005-0568 | 1 Raven Software | 1 Soldier Of Fortune 2 | 2026-04-16 | N/A |
| Soldier of Fortune II 1.03 gold allows remote attackers to cause a denial of service (application crash) via a large cl_guid value, which results in an invalid pointer dereference. | ||||
| CVE-2006-0485 | 1 Cisco | 1 Ios | 2026-04-16 | N/A |
| The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S before 12.2(18)S11, and certain other releases before 25 January 2006 does not perform Authentication, Authorization, and Accounting (AAA) command authorization checks, which may allow local users to execute IOS EXEC commands that were prohibited via the AAA configuration, aka Bug ID CSCeh73049. | ||||
| CVE-2006-3726 | 1 Intervations | 1 Filecopa | 2026-04-16 | N/A |
| Buffer overflow in FileCOPA FTP Server before 1.01 released on 18th July 2006, allows remote authenticated attackers to execute arbitrary code via a long argument to the LIST command. | ||||
| CVE-2005-0569 | 1 Punbb | 1 Punbb | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in PunBB 1.2.1 allow remote attackers to execute arbitrary SQL commands via the (1) language parameter to register.php, (2) change email feature in profile.php, (3) posts or (4) topics parameter to moderate.php. | ||||
| CVE-2006-0486 | 1 Cisco | 1 Ios | 2026-04-16 | N/A |
| Certain Cisco IOS releases in 12.2S based trains with maintenance release number 25 and later, 12.3T based trains, and 12.4 based trains reuse a Tcl Shell process across login sessions of different local users on the same terminal if the first user does not use tclquit before exiting, which may cause subsequent local users to execute unintended commands or bypass AAA command authorization checks, aka Bug ID CSCef77770. | ||||
| CVE-2005-0574 | 1 Cupidsystems | 1 Cis Webserver | 2026-04-16 | N/A |
| Directory traversal vulnerability in CIS WebServer 3.5.13 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the URL. | ||||
| CVE-2005-0575 | 1 Stormy Studios | 1 Knet | 2026-04-16 | N/A |
| Buffer overflow in Stormy Studios Knet 1.04c and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long HTTP GET request. | ||||
| CVE-2005-0576 | 1 Sun | 1 Solaris | 2026-04-16 | N/A |
| Unknown vulnerability in Standard Type Services Framework (STSF) Font Server Daemon (stfontserverd) in Solaris 9 allows local users to modify or delete arbitrary files. | ||||
| CVE-2006-0488 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2026-04-16 | N/A |
| The VDM (Virtual DOS Machine) emulation environment for MS-DOS applications in Windows 2000, Windows XP SP2, and Windows Server 2003 allows local users to read the first megabyte of memory and possibly obtain sensitive information, as demonstrated by dumper.asm. | ||||
| CVE-2006-3727 | 1 Eskolar Cms | 1 Eskolar Cms | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Eskolar CMS 0.9.0.0 allow remote attackers to execute arbitrary SQL commands via the (1) gr_1_id, (2) gr_2_id, (3) gr_3_id, and (4) doc_id parameters in (a) index.php; the (5) uid and (6) pwd parameters in (b) php/esa.php; and possibly other vectors related to files in php/lib/ including (c) del.php, (d) download_backup.php, (e) navig.php, (f) restore.php, (g) set_12.php, (h) set_14.php, and (i) upd_doc.php. | ||||
| CVE-2005-0577 | 1 Dna | 1 Mkbold-mkitalic | 2026-04-16 | N/A |
| Format string vulnerability in DNA MKBold-MKItalic 0.06_1 and earlier allows remote attackers to execute arbitrary code via crafted BDF font files. | ||||
| CVE-2006-0489 | 1 Khaled Mardam-bey | 1 Mirc | 2026-04-16 | N/A |
| Buffer overflow in the font command of mIRC, probably 6.16, allows local users to execute arbitrary code via a long string. NOTE: the original researcher claims that issue has been disputed by the vendor, and that the vendor stated "as far as I can tell, this is neither an exploit nor a vulnerability. The above report describes a local bug in mIRC." It could be that this is only exploitable by the user of the application, and thus would not cross privilege boundaries unless under an otherwise restrictive environment such as a kiosk | ||||
| CVE-2005-0578 | 2 Mozilla, Redhat | 3 Firefox, Mozilla, Enterprise Linux | 2026-04-16 | N/A |
| Firefox before 1.0.1 and Mozilla Suite before 1.7.6 use a predictable filename for the plugin temporary directory, which allows local users to delete arbitrary files of other users via a symlink attack on the plugtmp directory. | ||||
| CVE-2005-0579 | 1 Freenx | 1 Freenx | 2026-04-16 | N/A |
| nxagent in FreeNX before 0.2.8 does not properly handle when the XAUTHORITY environment variable is not set, which allows local users to access the X server without X authentication. | ||||
| CVE-2006-0490 | 1 Aspthai.net | 1 Aspthai Forums | 2026-04-16 | N/A |
| SQL injection vulnerability in login.asp in ASPThai.Net ASPThai Forums 8.0 and earlier allows remote attackers to execute arbitrary SQL commands and bypass login authentication via the password field. | ||||
| CVE-2005-0580 | 1 Krzysztof Dabrowski | 1 Cmd5checkpw | 2026-04-16 | N/A |
| cmd5checkpw, when running setuid, does not properly drop privileges before calling the execvp function, which allows local users to read the poppasswd file. | ||||
| CVE-2006-0491 | 1 Subzane | 1 Szusermgnt | 2026-04-16 | N/A |
| SQL injection vulnerability in SZUserMgnt.class.php in SZUserMgnt 1.4 allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2005-0581 | 1 Broadcom | 1 License Software | 2026-04-16 | N/A |
| Multiple buffer overflows in Computer Associates (CA) License Client and Server 0.1.0.15 allow remote attackers to execute arbitrary code via (1) certain long fields in the Checksum item in a GCR request, (2) a long IP address, hostname, or netmask values in a GCR request, (3) a long last parameter in a GETCONFIG packet, or (4) long values in a request with an invalid format. | ||||
| CVE-2006-0492 | 1 Vincent Hor | 1 Calendarix | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Calendarix allow remote attackers to execute arbitrary SQL commands via (1) the catview parameter in cal_functions.inc.php and (2) the login parameter in cal_login.php. NOTE: the catview vector might overlap CVE-2005-1865. | ||||