Export limit exceeded: 29937 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29937 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-6904 | 1 Broadcom | 1 Bluetooth Stack | 2026-04-23 | N/A |
| Unspecified vulnerability in the Broadcom Bluetooth stack allows remote attackers to gain administrative access (aka Remote Root) via unspecified vectors. | ||||
| CVE-2006-6908 | 2 Broadcom, Microsoft | 3 Widcomm Bluetooth, Windows Embedded Compact, Windows Mobile | 2026-04-23 | N/A |
| Buffer overflow in the Bluetooth Stack COM Server in the Widcomm Bluetooth stack, as packaged as Widcomm Stack 3.x and earlier on Windows, Widcomm BTStackServer 1.4.2.10 and 1.3.2.7 on Windows, Widcomm Bluetooth Communication Software 1.4.1.03 on Windows, and the Bluetooth implementation in Windows Mobile or Windows CE on the HP IPAQ 2215 and 5450, allows remote attackers to cause a denial of service (service crash) and possibly execute arbitrary code via unspecified vectors. | ||||
| CVE-2006-6909 | 1 Karl Dahlke | 1 Edbrowse | 2026-04-23 | N/A |
| Stack-based buffer overflow in http.c in Karl Dahlke Edbrowse (aka Command line editor browser) 3.1.3 allows remote attackers to execute arbitrary code by operating an FTP server that sends directory listings with (1) long user names or (2) long group names. | ||||
| CVE-2006-6911 | 1 Digitizing Quote And Ordering System | 1 Digitizing Quote And Ordering System | 2026-04-23 | N/A |
| SQL injection vulnerability in search.asp in Digitizing Quote And Ordering System 1.0 allows remote authenticated users to execute arbitrary SQL commands via the ordernum parameter. | ||||
| CVE-2006-6913 | 1 Phpmyfaq | 1 Phpmyfaq | 2026-04-23 | N/A |
| Unspecified vulnerability in phpMyFAQ 1.6.7 and earlier allows remote attackers to upload arbitrary PHP scripts via unspecified vectors. | ||||
| CVE-2006-6916 | 1 Getahead | 1 Direct Web Remoting | 2026-04-23 | N/A |
| Getahead Direct Web Remoting (DWR) before 1.1.3 allows attackers to cause a denial of service (infinite loop) via unknown vectors related to "crafted input." | ||||
| CVE-2006-6917 | 1 Broadcom | 1 Brightstor Arcserve Backup Server | 2026-04-23 | N/A |
| Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup R11.5 Server before SP2 allows remote attackers to execute arbitrary code in the Tape Engine (tapeeng.exe) via a crafted RPC request with (1) opnum 38, which is not properly handled in TAPEUTIL.dll 11.5.3884.0, or (2) opnum 37, which is not properly handled in TAPEENG.dll 11.5.3884.0. | ||||
| CVE-2006-6919 | 1 Sage-mozdev | 1 Sage | 2026-04-23 | N/A |
| Firefox Sage extension 1.3.8 and earlier allows remote attackers to execute arbitrary Javascript in the local context via an RSS feed with an img tag containing the script followed by an extra trailing ">", which Sage modifies to close the img element before the malicious script. | ||||
| CVE-2006-6920 | 1 Nucleus Cms | 1 Nucleus Cms | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Nucleus before 3.24 allows remote attackers to inject arbitrary web script or HTML via unknown vectors, possibly involving (1) lib/ADMIN.php and (2) lib/SKIN.php. | ||||
| CVE-2006-6927 | 1 Grandora | 1 Rialto | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Rialto 1.6 allow remote attackers to execute arbitrary SQL commands via (1) the uname (username) and (2) pword (passwd) fields in (a) admin/default.asp; the (3) ID parameter to (b) listfull.asp or (c) printmain.asp; the (4) cat parameter to (d) listmain.asp, (e) searchoption.asp, or (f) searchmain.asp; the (5) Keyword parameter to (g) searchkey.asp; the (6) area parameter to searchmain.asp or searchoption.asp; the (7) searchin parameter to searchkey.asp; or the (8) cost1, (9) cost2, (10) acreage1, or (11) squarefeet1 parameters to searchoption.asp. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2006-6928 | 1 Grandora | 1 Rialto | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Rialto 1.6 allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to (a) listmain.asp or (b) searchmain.asp, the (2) the Keyword parameter to (c) searchkey.asp, or the (3) refno parameter to (d) forminfo.asp. | ||||
| CVE-2006-6930 | 1 Ga Soft | 1 Rapid Classified | 2026-04-23 | N/A |
| SQL injection vulnerability in viewad.asp in Rapid Classified 3.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2006-6931 | 1 Snort | 1 Snort | 2026-04-23 | N/A |
| Algorithmic complexity vulnerability in Snort before 2.6.1, during predicate evaluation in rule matching for certain rules, allows remote attackers to cause a denial of service (CPU consumption and detection outage) via crafted network traffic, aka a "backtracking attack." | ||||
| CVE-2006-6935 | 1 Portix-php | 1 Portix-php | 2026-04-23 | N/A |
| SQL injection vulnerability in the login component in Portix-PHP 0.4.2 allows remote attackers to execute arbitrary SQL commands via the username and passwd (password) fields. | ||||
| CVE-2006-6937 | 1 Pensacola Web Designs | 1 Xtremeasp Photogallery | 2026-04-23 | N/A |
| SQL injection vulnerability in displaypic.asp in Xtreme ASP Photo Gallery allows remote attackers to inject arbitrary SQL commands via the sortorder parameter. | ||||
| CVE-2006-6939 | 1 Gnu | 1 Ed | 2026-04-23 | N/A |
| GNU ed before 0.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files, possibly in the open_sbuf function. | ||||
| CVE-2006-6940 | 1 Owa | 1 Owa | 2026-04-23 | N/A |
| Buffer overflow in the ParseHeader function in clsOWA.cls in POP3/SMTP to OWA (pop2owa) 1.1.3 allows remote attackers to execute arbitrary code via a long header in an e-mail message. | ||||
| CVE-2006-6947 | 1 Nec | 1 Multiwriter 1700c | 2026-04-23 | N/A |
| The FTP server in the NEC MultiWriter 1700C allows remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command, a variant of CVE-1999-0017. | ||||
| CVE-2006-6948 | 1 Myodbc | 1 Myodbc | 2026-04-23 | N/A |
| MyODBC Japanese conversion edition 3.51.06, 2.50.29, and 2.50.25 allows remote attackers to cause a denial of service via a certain string in a response, which has unspecified impact on the MySQL database. | ||||
| CVE-2006-6950 | 1 Conti | 1 Ftpserver | 2026-04-23 | N/A |
| Directory traversal vulnerability in Conti FTPServer 1.0 Build 2.8 allows remote attackers to read arbitrary files and list arbitrary directories via a .. (dot dot) in a filename argument. | ||||