Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-1446 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| Keychain in Apple Mac OS X 10.3.9 and 10.4.6 might allow an application to bypass a locked Keychain by first obtaining a reference to the Keychain when it is unlocked, then reusing that reference after the Keychain has been locked. | ||||
| CVE-2006-1447 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| LaunchServices in Apple Mac OS X 10.4.6 allows remote attackers to cause Safari to launch unsafe content via long file name extensions, which prevents Download Validation from determining which application will be used to open the file. | ||||
| CVE-2006-1448 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| Finder in Apple Mac OS X 10.3.9 and 10.4.6 allows user-assisted attackers to execute arbitrary code by tricking a user into launching an Internet Location item that appears to use a safe URL scheme, but which actually has a different and more risky scheme. | ||||
| CVE-2006-1449 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| Integer overflow in Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted MacMIME encapsulated attachment. | ||||
| CVE-2006-1451 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| MySQL Manager in Apple Mac OS X 10.3.9 and 10.4.6, when setting up a new MySQL database server, does not use the "New MySQL root password" that is provided, which causes the MySQL root password to be blank and allows local users to gain full privileges to that database. | ||||
| CVE-2006-1452 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| Stack-based buffer overflow in Preview in Apple Mac OS 10.4 up to 10.4.6 allows local users to execute arbitrary code via a deep directory hierarchy. | ||||
| CVE-2006-1455 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to cause a denial of service (crash and connection interruption) via a QuickTime movie with a missing track, which triggers a null dereference. | ||||
| CVE-2006-1456 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Buffer overflow in QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted RTSP request, which is not properly handled during message logging. | ||||
| CVE-2006-1457 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Safari on Apple Mac OS X 10.4.6, when "Open `safe' files after downloading" is enabled, will automatically expand archives, which could allow remote attackers to overwrite arbitrary files via an archive that contains a symlink. | ||||
| CVE-2006-1481 | 1 Php Ticket | 1 Php Ticket | 2026-04-16 | N/A |
| SQL injection vulnerability in search.php in PHP Ticket 0.71 allows remote authenticated users to execute arbitrary SQL commands and obtain usernames and passwords via the frm_search_in parameter. | ||||
| CVE-2006-1482 | 1 Conftool | 1 Conftool | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in ConfTool 1.1 allows remote attackers to inject arbitrary web script or HTML via the page parameter. | ||||
| CVE-2006-1483 | 1 Desiderata Software | 1 Blazix Web Server | 2026-04-16 | N/A |
| Blazix Web Server before 1.2.6, when running on Windows, allows remote attackers to obtain the source code of JSP files via (1) . (dot), (2) space, and (3) slash characters in the extension of a URL. | ||||
| CVE-2006-1484 | 1 Kye | 1 Genius Videocam Nb | 2026-04-16 | N/A |
| Genius VideoCAM NB Driver does not drop privileges when saving files, which allows local users to gain privileges by opening arbitrary files via the "save as" dialog. | ||||
| CVE-2006-1486 | 1 Fusionzone | 1 Realestatezone | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.cfm in realestateZONE 4.2 allow remote attackers to inject arbitrary web script or HTML via the (1) bamin, (2) bemin, (3) pmin, and (4) state parameters. | ||||
| CVE-2006-1487 | 1 Activecampaign | 1 Supporttrio | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in ActiveCampaign SupportTrio 2.50.2 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to the KnowledgeBase search module. | ||||
| CVE-2006-1488 | 1 Activecampaign | 1 Supporttrio | 2026-04-16 | N/A |
| ActiveCampaign SupportTrio 2.5 allows remote attackers to obtain the full path of the server via invalid (1) article or (2) print parameters in a kb action to index.php, or (3) an invalid category parameter to modules/KB/pdf.php, which leaks the path in an error message. | ||||
| CVE-2006-1489 | 1 Fusionzone | 1 Couponzone | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in FusionZONE CouponZONE local.cfm in 4.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) companyid, (2) scat, and (3) coid parameters. | ||||
| CVE-2006-1492 | 1 Nikolay Avrionov | 1 Explorer Xp | 2026-04-16 | N/A |
| Directory traversal vulnerability in dir.php in Explorer XP allows remote attackers to read arbitrary files via the chemin parameter. | ||||
| CVE-2006-1494 | 2 Php, Redhat | 3 Php, Enterprise Linux, Rhel Stronghold | 2026-04-16 | N/A |
| Directory traversal vulnerability in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass open_basedir restrictions allows remote attackers to create files in arbitrary directories via the tempnam function. | ||||
| CVE-2006-1495 | 2 Netoffice, Phpcollab | 2 Netoffice, Phpcollab | 2026-04-16 | N/A |
| SQL injection vulnerability in general/sendpassword.php in (1) PHPCollab 2.4 and 2.5.rc3, and (2) NetOffice 2.5.3-pl1 and 2.6.0b2 allows remote attackers to execute arbitrary SQL commands via the loginForm parameter in the "forgotten password" option. | ||||