Export limit exceeded: 29880 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29880 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2420 | 1 Ftplocate | 1 Ftplocate | 2025-04-03 | N/A |
| flsearch.pl in FtpLocate 2.02 allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTP GET request. | ||||
| CVE-2006-3746 | 2 Gnupg, Redhat | 2 Gnupg, Enterprise Linux | 2025-04-03 | N/A |
| Integer overflow in parse_comment in GnuPG (gpg) 1.4.4 allows remote attackers to cause a denial of service (segmentation fault) via a crafted message. | ||||
| CVE-2005-2421 | 1 Beehive Forum | 1 Beehive Forum | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in index.php and other pages in Beehive Forum allow remote attackers to execute arbitrary SQL commands via the webtag parameter. | ||||
| CVE-2005-2422 | 1 Beehive Forum | 1 Beehive Forum | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Beehive Forum allows remote attackers to inject arbitrary web script or HTML via the webtag parameter. | ||||
| CVE-2006-3778 | 1 Ibm | 1 Lotus Notes | 2025-04-03 | N/A |
| IBM Lotus Notes 6.0, 6.5, and 7.0 does not properly handle replies to e-mail messages with alternate name users when the (1) "Save As Draft" option is used or (2) a "," (comma) is inside the "phrase" portion of an address, which can cause the e-mail to be sent to users that were deleted from the To, CC, and BCC fields, which allows remote attackers to obtain the list of original recipients. | ||||
| CVE-2006-3779 | 1 Citrix | 3 Metaframe, Metaframe Presentation Server, Presentation Server | 2025-04-03 | N/A |
| Citrix MetaFrame up to XP 1.0 Feature 1, except when running on Windows Server 2003, installs a registry key with an insecure ACL, which allows remote authenticated users to gain privileges. | ||||
| CVE-2006-4887 | 1 Apple | 2 Apple Remote Desktop, Mac Os X | 2025-04-03 | N/A |
| Apple Remote Desktop (ARD) for Mac OS X 10.2.8 and later does not drop privileges on the remote machine while installing certain applications, which allows local users to bypass authentication and gain privileges by selecting the icon during installation. NOTE: it could be argued that the issue is not in Remote Desktop itself, but in applications that are installed while using it. | ||||
| CVE-2005-2427 | 1 Elemental Software | 1 Cartwiz | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in viewCart.asp in CartWIZ allows remote attackers to inject arbitrary web script or HTML via the message parameter. | ||||
| CVE-2006-1740 | 2 Mozilla, Redhat | 5 Firefox, Mozilla Suite, Seamonkey and 2 more | 2025-04-03 | N/A |
| Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to spoof secure site indicators such as the locked icon by opening the trusted site in a popup window, then changing the location to a malicious site. | ||||
| CVE-2006-3788 | 1 Ufo2000 | 1 Ufo2000 | 2025-04-03 | N/A |
| Multiple buffer overflows in multiplay.cpp in UFO2000 svn 1057 allow remote attackers to execute arbitrary code via (1) a long unit name in Net::recv_add_unit,; (2) large values to Net::recv_rules, Net::recv_select_unit, Net::recv_options, and Net::recv_unit_data; and (3) a large mapdata GEODATA structure in Net::recv_map_data. | ||||
| CVE-2006-1757 | 1 Bill Shupp | 1 Vegadns | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Vegadns 0.99 allows remote attackers to inject arbitrary web script or HTML via the message parameter. | ||||
| CVE-2006-3795 | 1 Deluxebb | 1 Deluxebb | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in DeluxeBB before 1.08 allow remote attackers to inject arbitrary web script or HTML via the (1) membercookie cookie in header.php and the (2) redirect parameter in misc.php. | ||||
| CVE-2006-1766 | 1 Papoo | 1 Papoo | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in Papoo 2.1.5, and 3 beta1 and earlier, allow remote attackers to execute arbitrary SQL commands via the (1) getlang and (2) reporeid parameter in (a) index.php, (3) menuid parameter in (b) plugin.php and (c) forumthread.php, and (4) msgid parameter in forumthread.php. | ||||
| CVE-2006-3802 | 2 Mozilla, Redhat | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2025-04-03 | N/A |
| Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to hijack native DOM methods from objects in another domain and conduct cross-site scripting (XSS) attacks using DOM methods of the top-level object. | ||||
| CVE-2006-1770 | 1 Azerbaijan Development Group | 1 Azdgvote | 2025-04-03 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Azerbaijan Design & Development Group (AZDG) AzDGVote allow remote attackers to execute arbitrary PHP code via a URL in the int_path parameter in (1) vote.php, (2) view.php, (3) admin.php, and (4) admin/index.php. | ||||
| CVE-2005-2439 | 1 Usebb | 1 Usebb | 2025-04-03 | N/A |
| SQL injection vulnerability in UseBB 0.5.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the search function. | ||||
| CVE-2006-1773 | 1 Phpkit | 1 Phpkit | 2025-04-03 | N/A |
| SQL injection vulnerability in include.php in PHPKIT 1.6.1 Release 2 and earlier allows remote attackers to execute arbitrary SQL commands via the contentid parameter, possibly involving content/news.php. | ||||
| CVE-2006-1899 | 1 Dev | 1 Neuron Blog | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in dev Neuron Blog 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) name and (2) website parameters. | ||||
| CVE-2006-1901 | 1 Mozilla | 1 Camino | 2025-04-03 | N/A |
| Mozilla Camino 1.0 and earlier allow remote attackers to cause a denial of service (null dereference and application crash or hang) via HTML with certain improperly nested elements. NOTE: this might be the same issue as CVE-2006-1724. | ||||
| CVE-2006-3926 | 1 Php Pro Bid | 1 Php Pro Bid | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in PhpProBid 5.24 allow remote attackers to execute arbitrary SQL commands via the (1) view or (2) start parameters to (a) viewfeedback.php or the (3) orderType parameter to (b) categories.php. | ||||