Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-1325 1 Valve Software 1 Half-life Cstrike Dedicated Server 2026-04-16 N/A
The SV_CheckForDuplicateNames function in Valve Software Half-Life CSTRIKE Dedicated Server 1.1.1.0 and earlier allows remote authenticated users to cause a denial of service (infinite loop and daemon hang) via a certain connection string to UDP port 27015 that represents "absence of player informations," a related issue to CVE-2006-0734.
CVE-2005-1499 1 Mywebland 1 Mybloggie 2026-04-16 N/A
delcomment.php in myBloggie 2.1.1 allows remote attackers to delete arbitrary comments by modifying the comment_id parameter.
CVE-2005-3340 1 New Breed Software 1 Tux Paint 2026-04-16 N/A
The tuxpaint-import.sh script in Tux Paint (tuxpaint) 0.9.14 and earlier creates temporary files insecurely, with unknown impact and attack vectors.
CVE-2005-3757 1 Google 2 Mini Search Appliance, Search Appliance 2026-04-16 N/A
The Saxon XSLT parser in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to obtain sensitive information and execute arbitrary code via dangerous Java class methods in select attribute of xsl:value-of tags in XSLT style sheets, such as (1) system-property, (2) sys:getProperty, and (3) run:exec.
CVE-2006-0302 1 Zyxel 1 P2000w Version 2 Voip Wifi Phone 2026-04-16 N/A
ZyXel P2000W VoIP 802.11b Wireless Phone running firmware WV.00.02 allows remote attackers to obtain sensitive information, such as MAC address and software version, by directly accessing UDP port 9090.
CVE-2006-0303 1 Joomla 1 Joomla 2026-04-16 N/A
Multiple unspecified vulnerabilities in the (1) publishing component, (2) Contact Component, (3) TinyMCE Compressor, and (4) other components in Joomla! 1.0.5 and earlier have unknown impact and attack vectors.
CVE-2006-0304 1 Achal Dhir 1 Dual Dhcp Dns Server 2026-04-16 N/A
Buffer overflow in Dual DHCP DNS Server 1.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via the DHCP options field.
CVE-2006-0305 1 Clipcomm 2 Cp-100e Voip Wifi Phone, Cpw-100e Voip Wifi Phone 2026-04-16 N/A
Clipcomm CPW-100E VoIP 802.11b Wireless Handset Phone running firmware 1.1.12 (051129) and CP-100E VoIP 802.11b Wireless Phone running firmware 1.1.60 allows remote attackers to gain unauthorized access via the debug service on TCP port 60023.
CVE-2006-4055 1 Tsep 1 Tsep 2026-04-16 N/A
Multiple PHP remote file inclusion vulnerabilities in Olaf Noehring The Search Engine Project (TSEP) 0.942 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the tsep_config[absPath] parameter to (1) include/colorswitch.php, (2) contentimages.class.php, (3) ipfunctions.php, (4) configfunctions.php, (5) printpagedetails.php, or (6) log.class.php. NOTE: the copyright.php vector is already covered by CVE-2006-3993.
CVE-2006-4057 1 Mitch Murray 1 Eremove 2026-04-16 N/A
Buffer overflow in the preview_create function in gui.cpp in Mitch Murray Eremove 1.4 allows remote attackers to cause a denial of service (application crash), and possibly execute arbitrary code, via a large email attachment.
CVE-2006-4059 1 Usolved 1 Newsolved Lite 2026-04-16 N/A
Multiple PHP remote file inclusion vulnerabilities in USOLVED NEWSolved Lite 1.9.2, and possibly earlier, allow remote attackers to execute arbitrary PHP code via a URL in the abs_path parameter to (1) newsscript_lyt.php, (2) newsticker/newsscript_get.php, (3) inc/output/news_theme1.php, (4) inc/output/news_theme2.php, or (5) inc/output/news_theme3.php.
CVE-2000-0913 1 Apache 1 Http Server 2026-04-16 N/A
mod_rewrite in Apache 1.3.12 and earlier allows remote attackers to read arbitrary files if a RewriteRule directive is expanded to include a filename whose name contains a regular expression.
CVE-2002-1705 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 5.5 through 6.0 allows remote attackers to cause a denial of service (crash) via a Cascading Style Sheet (CSS) with the p{cssText} element declared and a bold font weight.
CVE-2006-2465 1 Mp3info 1 Mp3info 2026-04-16 N/A
Buffer overflow in MP3Info 0.8.4 allows attackers to execute arbitrary code via a long command line argument. NOTE: if mp3info is not installed setuid or setgid in any reasonable context, then this issue might not be a vulnerability.
CVE-2006-2486 1 Yapbb 1 Yapbb 2026-04-16 N/A
SQL injection vulnerability in find.php in YapBB 1.2 Beta2 and earlier allows remote attackers to execute arbitrary SQL commands via the userID parameter.
CVE-2006-2487 1 Scoznet 1 Scoznews 2026-04-16 N/A
Multiple PHP remote file inclusion vulnerabilities in ScozNews 1.2.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the CONFIG[main_path] parameter in (1) functions.php, (2) template.php, (3) news.php, (4) help.php, (5) mail.php, (6) Admin/admin_cats.php, (8) Admin/admin_edit.php, (9) Admin/admin_import.php, and (10) Admin/admin_templates.php. NOTE: this might be resultant from a variable overwrite issue.
CVE-2006-2488 1 Spymac 1 Spymac Web Os 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Spymac WebOS (WOS) 5.0 allow remote attackers to inject arbitrary web script or HTML via the (1) del_folder, (2) nick, or (3) action parameters to (a) notes/index.php, (4) curr parameter to (b) ipod/get_ipod.php, and in (c) login.php.
CVE-2006-3693 1 Rocks Clusters 1 Rocks Clusters 2026-04-16 N/A
Rocks Clusters 4.1 and earlier allows local users to gain privileges via commands enclosed with escaped backticks (\`) in an argument to the (1) mount-loop (mount-loop.c) or (2) umount-loop (umount-loop.c) command, which is not filtered in a system function call.
CVE-2006-3694 2 Redhat, Yukihiro Matsumoto 2 Enterprise Linux, Ruby 2026-04-16 N/A
Multiple unspecified vulnerabilities in Ruby before 1.8.5 allow remote attackers to bypass "safe level" checks via unspecified vectors involving (1) the alias function and (2) "directory operations".
CVE-2006-3695 1 Edgewall Software 1 Trac 2026-04-16 N/A
Trac before 0.9.6 does not disable the "raw" or "include" commands when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows remote attackers to read arbitrary files, perform cross-site scripting (XSS) attacks, or cause a denial of service via unspecified vectors. NOTE: this might be related to CVE-2006-3458.