Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-3856 | 1 Ibm | 1 Informix Dynamic Server | 2026-04-16 | N/A |
| IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 allows local users to cause a denial of service (crash) via unspecified vectors. | ||||
| CVE-2006-3844 | 1 Pablo Software Solutions | 1 Quick N Easy Ftp Server | 2026-04-16 | N/A |
| Buffer overflow in Quick 'n Easy FTP Server 3.0 allows remote authenticated users to execute arbitrary commands via a long argument to the LIST command, a different issue than CVE-2006-2027. | ||||
| CVE-2006-2027 | 1 Pablo Software Solutions | 1 Quick N Easy Ftp Server | 2026-04-16 | N/A |
| Buffer overflow in Unicode processing in the logging functionality in Pablo Software Solutions Quick 'n Easy FTP Server Professional and Lite, probably 3.0, allows remote authenticated users to execute arbitrary code by sending a command with a long argument, which triggers a buffer overflow when an admin selects the Logging section in the FTP server main window. NOTE: the original researcher claims that the vendor disputes this issue. | ||||
| CVE-2006-2666 | 1 V-webmail | 1 V-webmail | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in includes/mailaccess/pop3.php in V-Webmail 1.5 through 1.6.4 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[pear_dir] parameter. | ||||
| CVE-2006-2665 | 1 V-webmail | 1 V-webmail | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in includes/mailaccess/pop3/core.php in V-Webmail 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[pear_dir] parameter. | ||||
| CVE-2006-2664 | 1 Ifdate.com | 1 Ifdate | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in iFdate 1.2 allows remote attackers to inject arbitrary web script or HTML via the (1) username, (2) password fields, or certain other input text boxes. | ||||
| CVE-2006-2659 | 1 Double Precision Incorporated | 1 Courier Mta | 2026-04-16 | N/A |
| libs/comverp.c in Courier MTA before 0.53.2 allows attackers to cause a denial of service (CPU consumption) via unknown vectors involving usernames that contain the "=" (equals) character, which is not properly handled during encoding. | ||||
| CVE-2006-2648 | 1 Aspbb | 1 Aspbb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in perform_search.asp for ASPBB 0.52 and earlier allows remote attackers to inject arbitrary HTML or web script via the search parameter. | ||||
| CVE-2006-2641 | 1 John Frank | 1 Asset Manager | 2026-04-16 | N/A |
| ** UNVERIFIABLE ** NOTE: this issue does not contain any verifiable or actionable details. Cross-site scripting (XSS) vulnerability in John Frank Asset Manager (AssetMan) 2.4a and earlier allows remote attackers to inject arbitrary web script or HTML via "any of its input." NOTE: the original disclosure is based on vague researcher claims without vendor acknowledgement; therefore this identifier cannot be linked with any future identifier that identifies more specific vectors. Perhaps this should not be included in CVE. | ||||
| CVE-2006-3886 | 1 Musicbox | 1 Musicbox | 2026-04-16 | N/A |
| SQL injection vulnerability in Shalwan MusicBox 2.3.4 and earlier allows remote attackers to execute arbitrary SQL commands via the page parameter in a viewgallery action in a request for the top-level URI. NOTE: the start parameter/search action is already covered by CVE-2006-1807, and the show parameter/top action is already covered by CVE-2006-1360. | ||||
| CVE-2006-3818 | 1 Novell | 1 Groupwise Webaccess | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the login page in Novell GroupWise WebAccess 6.5 before 20060721 and WebAccess 7 before 20060727 allows remote attackers to inject arbitrary web script or HTML via the GWAP.version parameter. | ||||
| CVE-2006-3884 | 1 Gonafish | 1 Linkscaffe | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in links.php in Gonafish LinksCaffe 3.0 allow remote attackers to execute arbitrary SQL commands via the (1) offset and (2) limit parameters, (3) newdays parameter in a new action, and the (4) link_id parameter in a deadlink action. NOTE: this issue can also be used for path disclosure by a forced SQL error, or to modify PHP files using OUTFILE. | ||||
| CVE-2006-0204 | 1 Wordcircle | 1 Wordcircle | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Wordcircle 2.17 allow remote attackers to inject arbitrary web script or HTML via (1) the "Course name" field in index.php when the frm parameter has the value "mine" and (2) possibly certain other fields in unspecified scripts. | ||||
| CVE-2006-0206 | 1 Light Weight Calendar | 1 Light Weight Calendar | 2026-04-16 | N/A |
| Eval injection vulnerability in Light Weight Calendar (LWC) 1.0 (20040909) and earlier allows remote attackers to execute arbitrary PHP code via the date parameter in cal.php, which is included by index.php. | ||||
| CVE-2006-3869 | 1 Microsoft | 1 Ie | 2026-04-16 | N/A |
| Heap-based buffer overflow in URLMON.DLL in Microsoft Internet Explorer 6 SP1 on Windows 2000 and XP SP1, with versions the MS06-042 patch before 20060824, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long URL on a website that uses HTTP 1.1 compression. | ||||
| CVE-2006-3860 | 1 Ibm | 1 Informix Dynamic Database Server | 2026-04-16 | N/A |
| IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 allows allows remote authenticated users to execute arbitrary commands via the (1) "SET DEBUG FILE" SQL command, and the (2) start_onpload and (3) dbexp functions. | ||||
| CVE-2006-3862 | 1 Ibm | 1 Informix Dynamic Server | 2026-04-16 | N/A |
| Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.TC5 through 9.40.xC7 and 10.00.TC1 through 10.00.xC3 allows attackers to execute arbitrary code via the SQLIDEBUG environment variable (envariable). | ||||
| CVE-2006-3976 | 1 Broadcom | 1 Etrust Antivirus Webscan | 2026-04-16 | N/A |
| Unspecified vulnerability in CA eTrust Antivirus WebScan before 1.1.0.1048 allows remote attackers to install arbitrary files. | ||||
| CVE-2006-3977 | 1 Broadcom | 1 Etrust Antivirus Webscan | 2026-04-16 | N/A |
| Unspecified vulnerability in CA eTrust Antivirus WebScan before 1.1.0.1048 has unknown impact and remote attackers related to "improper processing of outdated WebScan components." | ||||
| CVE-2000-0984 | 1 Cisco | 1 Ios | 2026-04-16 | N/A |
| The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to cause a denial of service (crash and reload) via a URL containing a "?/" string. | ||||