Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-0292 2 Mozilla, Redhat 3 Firefox, Mozilla, Enterprise Linux 2026-04-16 N/A
The Javascript interpreter (jsinterp.c) in Mozilla and Firefox before 1.5.1 does not properly dereference objects, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via unknown attack vectors related to garbage collection.
CVE-2005-0005 7 Debian, Gentoo, Graphicsmagick and 4 more 7 Debian Linux, Linux, Graphicsmagick and 4 more 2026-04-16 N/A
Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers.
CVE-2005-0006 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2026-04-16 N/A
The COPS dissector in Ethereal 0.10.6 through 0.10.8 allows remote attackers to cause a denial of service (infinite loop).
CVE-2006-0293 1 Mozilla 1 Firefox 2026-04-16 N/A
The function allocation code (js_NewFunction in jsfun.c) in Firefox 1.5 allows attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via user-defined methods that trigger garbage collection in a way that operates on freed objects.
CVE-2006-0131 1 Boastmachine 1 Boastmachine 2026-04-16 N/A
boastMachine 3.1 allows remote attackers to obtain sensitive information via a direct request to (1) footer.php and (2) side_menu.php, which reveals the path in an error message.
CVE-2006-0132 1 Webftp 1 Webftp 2026-04-16 N/A
Directory traversal vulnerability in webftp.php in SysCP WebFTP 1.2.6 and possibly earlier allows remote attackers to include and execute arbitrary local PHP scripts, and possibly read other types of files, via a .. (dot dot) and a trailing null in the webftp_language parameter.
CVE-2005-0007 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2026-04-16 N/A
Unknown vulnerability in the DLSw dissector in Ethereal 0.10.6 through 0.10.8 allows remote attackers to cause a denial of service (application crash from assertion).
CVE-2006-0294 1 Mozilla 3 Firefox, Seamonkey, Thunderbird 2026-04-16 N/A
Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in mail, and SeaMonkey before 1.0 allow remote attackers to execute arbitrary code by changing an element's style from position:relative to position:static, which causes Gecko to operate on freed memory.
CVE-2006-3603 1 Seyeon 1 Flexwatch Network Camera 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in FlexWATCH Network Camera 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the URL.
CVE-2006-0136 1 Phanatic Softwares 1 Chimera Web Portal 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the guestbook module in modules.php in Phanatic Softwares Chimera Web Portal System 0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) comment_poster, (2) comment_poster_email, (3) comment_poster_homepage, and (4) comment_text parameters.
CVE-2005-0008 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2026-04-16 N/A
Unknown vulnerability in the DNP dissector in Ethereal 0.10.5 through 0.10.8 allows remote attackers to cause "memory corruption."
CVE-2006-0295 1 Mozilla 3 Firefox, Seamonkey, Thunderbird 2026-04-16 N/A
Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, and SeaMonkey before 1.0 might allow remote attackers to execute arbitrary code via the QueryInterface method of the built-in Location and Navigator objects, which leads to memory corruption.
CVE-2006-3604 1 Seyeon 1 Flexwatch Network Camera 2026-04-16 N/A
Directory traversal vulnerability in FlexWATCH Network Camera 3.0 and earlier allows remote attackers to bypass access restrictions for (1) admin/aindex.asp or (2) admin/aindex.html via a .. (dot dot) and encoded / (%2f) sequence in the URL.
CVE-2006-0138 1 Amsn 1 Amsn 2026-04-16 N/A
aMSN (aka Alvaro's Messenger) allows remote attackers to cause a denial of service (client hang and termination of client's instant-messaging session) by repeatedly sending crafted data to the default file-transfer port (TCP 6891).
CVE-2005-0009 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2026-04-16 N/A
Unknown vulnerability in the Gnutella dissector in Ethereal 0.10.6 through 0.10.8 allows remote attackers to cause a denial of service (application crash).
CVE-2005-0010 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2026-04-16 N/A
Unknown vulnerability in the MMSE dissector in Ethereal 0.10.4 through 0.10.8 allows remote attackers to cause a denial of service by triggering a free of statically allocated memory.
CVE-2006-0139 1 Pd9 Software 1 Megabbs 2026-04-16 N/A
The send-private-message functionality (send-private-message.asp) in PD9 Software MegaBBS 2.1 allows remote attackers to read private messages of other users via a modified replyid parameter.
CVE-2006-0296 2 Mozilla, Redhat 3 Firefox, Seamonkey, Enterprise Linux 2026-04-16 N/A
The XULDocument.persist function in Mozilla, Firefox before 1.5.0.1, and SeaMonkey before 1.0 does not validate the attribute name, which allows remote attackers to execute arbitrary Javascript by injecting RDF data into the user's localstore.rdf file.
CVE-2005-0011 1 Kde 1 Kde 2026-04-16 N/A
Multiple vulnerabilities in fliccd, when installed setuid root as part of the kdeedu Kstars support for Instrument Neutral Distributed Interface (INDI) in KDE 3.3 to 3.3.2, allow local users and remote attackers to execute arbitrary code via stack-based buffer overflows.
CVE-2006-0297 1 Mozilla 3 Firefox, Seamonkey, Thunderbird 2026-04-16 N/A
Multiple integer overflows in Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, and SeaMonkey before 1.0 might allow remote attackers to execute arbitrary code via the (1) EscapeAttributeValue in jsxml.c for E4X, (2) nsSVGCairoSurface::Init in SVG, and (3) nsCanvasRenderingContext2D.cpp in Canvas.