Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-0566 1 Kmint21 Software 1 Golden Ftp Server 2026-04-16 N/A
Buffer overflow in Golden FTP Server Pro (goldenftpd) 2.x allows remote attackers to execute arbitrary code via a long RNTO command.
CVE-2006-0484 1 Elido 1 Face Control 2026-04-16 N/A
Directory traversal vulnerability in Vis.pl, as part of the FACE CONTROL product, allows remote attackers to read arbitrary files via a .. (dot dot) in any parameter that opens a file, such as (1) s or (2) p.
CVE-2006-3724 1 Oracle 1 Enterpriseone 2026-04-16 N/A
Unspecified vulnerability in JD Edwards HTML Server for Oracle OneWorld Tools EnterpriseOne Tools 8.95 and 8.96 has unknown impact and attack vectors, aka Oracle Vuln# JDE01.
CVE-2005-0567 1 Phpmyadmin 1 Phpmyadmin 2026-04-16 N/A
Multiple PHP remote file inclusion vulnerabilities in phpMyAdmin 2.6.1 allow remote attackers to execute arbitrary PHP code by modifying the (1) theme parameter to phpmyadmin.css.php or (2) cfg[Server][extension] parameter to database_interface.lib.php to reference a URL on a remote web server that contains the code.
CVE-2006-3725 1 Symantec 1 Norton Personal Firewall 2026-04-16 N/A
Norton Personal Firewall 2006 9.1.0.33 allows local users to cause a denial of service (crash) via certain RegSaveKey, RegRestoreKey and RegDeleteKey operations on the (1) HKLM\SYSTEM\CurrentControlSet\Services\SNDSrvc and (2) HKLM\SYSTEM\CurrentControlSet\Services\SymEvent registry keys.
CVE-2005-0568 1 Raven Software 1 Soldier Of Fortune 2 2026-04-16 N/A
Soldier of Fortune II 1.03 gold allows remote attackers to cause a denial of service (application crash) via a large cl_guid value, which results in an invalid pointer dereference.
CVE-2006-0485 1 Cisco 1 Ios 2026-04-16 N/A
The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S before 12.2(18)S11, and certain other releases before 25 January 2006 does not perform Authentication, Authorization, and Accounting (AAA) command authorization checks, which may allow local users to execute IOS EXEC commands that were prohibited via the AAA configuration, aka Bug ID CSCeh73049.
CVE-2006-3726 1 Intervations 1 Filecopa 2026-04-16 N/A
Buffer overflow in FileCOPA FTP Server before 1.01 released on 18th July 2006, allows remote authenticated attackers to execute arbitrary code via a long argument to the LIST command.
CVE-2005-0569 1 Punbb 1 Punbb 2026-04-16 N/A
Multiple SQL injection vulnerabilities in PunBB 1.2.1 allow remote attackers to execute arbitrary SQL commands via the (1) language parameter to register.php, (2) change email feature in profile.php, (3) posts or (4) topics parameter to moderate.php.
CVE-2006-0486 1 Cisco 1 Ios 2026-04-16 N/A
Certain Cisco IOS releases in 12.2S based trains with maintenance release number 25 and later, 12.3T based trains, and 12.4 based trains reuse a Tcl Shell process across login sessions of different local users on the same terminal if the first user does not use tclquit before exiting, which may cause subsequent local users to execute unintended commands or bypass AAA command authorization checks, aka Bug ID CSCef77770.
CVE-2005-0574 1 Cupidsystems 1 Cis Webserver 2026-04-16 N/A
Directory traversal vulnerability in CIS WebServer 3.5.13 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the URL.
CVE-2005-0575 1 Stormy Studios 1 Knet 2026-04-16 N/A
Buffer overflow in Stormy Studios Knet 1.04c and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long HTTP GET request.
CVE-2005-0576 1 Sun 1 Solaris 2026-04-16 N/A
Unknown vulnerability in Standard Type Services Framework (STSF) Font Server Daemon (stfontserverd) in Solaris 9 allows local users to modify or delete arbitrary files.
CVE-2006-0488 1 Microsoft 3 Windows 2000, Windows 2003 Server, Windows Xp 2026-04-16 N/A
The VDM (Virtual DOS Machine) emulation environment for MS-DOS applications in Windows 2000, Windows XP SP2, and Windows Server 2003 allows local users to read the first megabyte of memory and possibly obtain sensitive information, as demonstrated by dumper.asm.
CVE-2006-3727 1 Eskolar Cms 1 Eskolar Cms 2026-04-16 N/A
Multiple SQL injection vulnerabilities in Eskolar CMS 0.9.0.0 allow remote attackers to execute arbitrary SQL commands via the (1) gr_1_id, (2) gr_2_id, (3) gr_3_id, and (4) doc_id parameters in (a) index.php; the (5) uid and (6) pwd parameters in (b) php/esa.php; and possibly other vectors related to files in php/lib/ including (c) del.php, (d) download_backup.php, (e) navig.php, (f) restore.php, (g) set_12.php, (h) set_14.php, and (i) upd_doc.php.
CVE-2005-0577 1 Dna 1 Mkbold-mkitalic 2026-04-16 N/A
Format string vulnerability in DNA MKBold-MKItalic 0.06_1 and earlier allows remote attackers to execute arbitrary code via crafted BDF font files.
CVE-2006-0489 1 Khaled Mardam-bey 1 Mirc 2026-04-16 N/A
Buffer overflow in the font command of mIRC, probably 6.16, allows local users to execute arbitrary code via a long string. NOTE: the original researcher claims that issue has been disputed by the vendor, and that the vendor stated "as far as I can tell, this is neither an exploit nor a vulnerability. The above report describes a local bug in mIRC." It could be that this is only exploitable by the user of the application, and thus would not cross privilege boundaries unless under an otherwise restrictive environment such as a kiosk
CVE-2005-0629 1 427bb 1 Fourtwosevenbb 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in profile.php in 427BB 2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) user or (2) Avatar parameters.
CVE-2006-0534 1 Cybershop 1 Asp Ultimate E-commerce Script 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in default.asp in CyberShop Ultimate E-commerce allow remote attackers to inject arbitrary web script or HTML via the (1) ortak or (2) kat parameter.
CVE-2005-0630 1 Pblang 1 Pblang 2026-04-16 N/A
sendpm.php in PBLang 4.63 allows remote authenticated users to read arbitrary files via a full pathname in the orig parameter.