Export limit exceeded: 362848 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-4702 1 Microsoft 3 Windows 2003 Server, Windows Media Player, Windows Xp 2026-04-23 N/A
Buffer overflow in the Windows Media Format Runtime in Microsoft Windows Media Player (WMP) 6.4 and Windows XP SP2, Server 2003, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted Advanced Systems Format (ASF) file.
CVE-2006-4808 1 Enlightenment 1 Imlib2 2026-04-23 N/A
Heap-based buffer overflow in loader_tga.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TGA image.
CVE-2006-6240 1 Telnet Ftp Server 1 Telnet Ftp Server 2026-04-23 N/A
Directory traversal vulnerability in Sorin Chitu Telnet-FTP Server 1.0 allows remote authenticated users to list contents of arbitrary directories and download arbitrary files via a .. (dot dot) sequence in an FTP command argument, as demonstrated by RETR (GET) or STOR (PUT). NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-5122 1 Hp 1 Mercury Sitescope 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Mercury SiteScope 8.2 (8.1.2.0) allow remote authenticated users to inject arbitrary web script or HTML via (1) "any field create name field" except "create new group name" or (2) any description field.
CVE-2006-4806 1 Enlightenment 1 Imlib2 2026-04-23 N/A
Multiple integer overflows in imlib2 allow user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) ARGB (loader_argb.c), (2) PNG (loader_png.c), (3) LBM (loader_lbm.c), (4) JPEG (loader_jpeg.c), or (5) TIFF (loader_tiff.c) images.
CVE-2006-4839 1 Sophos 1 Sophos Anti-virus 2026-04-23 N/A
Sophos Anti-Virus 5.1 allows remote attackers to cause a denial of service (memory consumption) via a file that is compressed with Petite and contains a large number of sections.
CVE-2006-4843 1 Ibm 1 Lotus Domino 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the Active Content Filter feature in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to inject arbitrary web script or HTML via unspecified "code sequences" that bypass the protection scheme.
CVE-2006-4925 1 Openbsd 1 Openssh 2026-04-23 N/A
packet.c in ssh in OpenSSH allows remote attackers to cause a denial of service (crash) by sending an invalid protocol sequence with USERAUTH_SUCCESS before NEWKEYS, which causes newkeys[mode] to be NULL.
CVE-2006-4926 1 Kaspersky Lab 4 Kaspersky Anti-virus, Kaspersky Anti-virus Personal, Kaspersky Anti-virus Personal Pro and 1 more 2026-04-23 N/A
The NDIS-TDI Hooking Engine, as used in the (1) KLICK (KLICK.SYS) and (2) KLIN (KLIN.SYS) device drivers 2.0.0.281 for in Kaspersky Labs Anti-Virus 6.0.0.303 and other Anti-Virus and Internet Security products, allows local users to execute arbitrary code via crafted Irp structure with invalid addresses in the 0x80052110 IOCTL.
CVE-2006-5464 2 Mozilla, Redhat 4 Firefox, Seamonkey, Thunderbird and 1 more 2026-04-23 N/A
Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allow remote attackers to cause a denial of service (crash) via unspecified vectors.
CVE-2006-5465 2 Php, Redhat 4 Php, Enterprise Linux, Rhel Application Stack and 1 more 2026-04-23 N/A
Buffer overflow in PHP before 5.2.0 allows remote attackers to execute arbitrary code via crafted UTF-8 inputs to the (1) htmlentities or (2) htmlspecialchars functions.
CVE-2006-4688 1 Microsoft 3 Windows 2000, Windows 2003 Server, Windows Xp 2026-04-23 N/A
Buffer overflow in Client Service for NetWare (CSNW) in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 up to SP1 allows remote attackers to execute arbitrary code via crafted messages, aka "Client Service for NetWare Memory Corruption Vulnerability."
CVE-2006-4689 1 Microsoft 3 Windows 2000, Windows 2003 Server, Windows Xp 2026-04-23 N/A
Unspecified vulnerability in the driver for the Client Service for NetWare (CSNW) in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 up to SP1 allows remote attackers to cause a denial of service (hang and reboot) via has unknown attack vectors, aka "NetWare Driver Denial of Service Vulnerability."
CVE-2006-5471 1 Softerra 1 Php Developer Library 2026-04-23 N/A
PHP remote file inclusion vulnerability in example/lib/grid3.lib.php in Softerra PHP Developer Library 1.5.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the (1) cfg_dir and (2) lib_dir parameters.
CVE-2006-5472 1 Softerra 1 Php Developer Library 2026-04-23 N/A
PHP remote file inclusion vulnerability in Softerra PHP Developer Library 1.5.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the lib_dir parameter in (1) lib/registry.lib.php, (2) lib/sqlcompose.lib.php, and (3) lib/sqlsearch.lib.php.
CVE-2006-5138 1 Ubbcentral 1 Ubb.threads 2026-04-23 N/A
Groupee UBB.threads 6.5.1.1 allows remote attackers to obtain sensitive information via a direct request for cron/php/subscriptions.php, which reveals the path in an error message.
CVE-2006-4685 1 Microsoft 2 Xml Core Services, Xml Parser 2026-04-23 N/A
The XMLHTTP ActiveX control in Microsoft XML Parser 2.6 and XML Core Services 3.0 through 6.0 does not properly handle HTTP server-side redirects, which allows remote user-assisted attackers to access content from other domains.
CVE-2006-5479 1 Novell 1 Edirectory 2026-04-23 N/A
The NCP Engine in Novell eDirectory before 8.7.3.8 FTF1 allows remote attackers to cause an unspecified denial of service via a certain "NCP Fragment."
CVE-2006-5482 1 Freebsd 1 Freebsd 2026-04-23 N/A
ufs_vnops.c in FreeBSD 6.1 allows local users to cause an unspecified denial of service by calling the ftruncate function on a file type that is not VREG, VLNK or VDIR, which is not defined in POSIX.
CVE-2006-5555 1 Epnadmin 1 Epnadmin 2026-04-23 N/A
PHP remote file inclusion vulnerability in constantes.inc.php in EPNadmin 0.7 and 0.7.1 allows remote attackers to execute arbitrary PHP code via the langage parameter.