Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-5401 | 1 Aroundme | 1 Aroundme | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in template/barnraiser_01/p_new_password.tpl.php in AROUNDMe 0.5.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the templatePath parameter. | ||||
| CVE-2006-5396 | 1 Sun | 1 Solaris | 2026-04-23 | N/A |
| The tcp_fuse_rcv_drain function in the Sun Solaris 10 kernel before 20061017, when TCP Fusion is enabled, allows local users to cause a denial of service (system crash) via a TCP loopback connection with both endpoints on the same system. | ||||
| CVE-2006-5395 | 1 Microsoft | 1 Class Package Export Tool | 2026-04-23 | N/A |
| Buffer overflow in Microsoft Class Package Export Tool (aka clspack.exe) allows context-dependent attackers to execute arbitrary code via a long string. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2006-5397 | 1 X.org | 1 Libx11 | 2026-04-23 | N/A |
| The Xinput module (modules/im/ximcp/imLcIm.c) in X.Org libX11 1.0.2 and 1.0.3 opens a file for reading twice using the same file descriptor, which causes a file descriptor leak that allows local users to read files specified by the XCOMPOSEFILE environment variable via the duplicate file descriptor. | ||||
| CVE-2006-5403 | 1 Symantec | 4 Automated Support Assistant, Norton Antivirus, Norton Internet Security and 1 more | 2026-04-23 | N/A |
| Stack-based buffer overflow in an ActiveX control used in Symantec Automated Support Assistant, as used in Norton AntiVirus, Internet Security, and System Works 2005 and 2006, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. | ||||
| CVE-2006-5392 | 1 Opendoc | 1 Fullcore | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in OpenDock FullCore 4.4 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the doc_directory parameter in (1) sw/index_sw.php; (2) cart.php, (3) lib_cart.php, (4) lib_read_cart.php, (5) lib_sys_cart.php, and (6) txt_info_cart.php in sw/lib_cart/; (7) comment.php, (8) find_comment.php, and (9) lib_comment.php in sw/lib_comment/; (10) sw/lib_find/find.php; and other unspecified PHP scripts. | ||||
| CVE-2006-5400 | 1 Cyberbrau | 1 Cyberbrau | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in forum/track.php in CyberBrau 0.9.4, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. | ||||
| CVE-2006-5407 | 1 Osticket | 1 Osticket | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in open_form.php in osTicket allows remote attackers to execute arbitrary PHP code via a URL in the include_dir parameter. | ||||
| CVE-2006-5408 | 1 Mobilesecure Inc | 2 Highwall Endpoint, Highwall Enterprise | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the wireless IDS management interface for Highwall Enterprise and Highwall Endpoint 4.0.2.11045 allow remote attackers to inject arbitrary HTML or web script via unspecified vectors. | ||||
| CVE-2006-5410 | 1 Boonex | 1 Dolphin | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in templates/tmpl_dfl/scripts/index.php in BoonEx Dolphin 5.2 allows remote attackers to execute arbitrary PHP code via a URL in the dir[inc] parameter. NOTE: it is possible that this issue overlaps CVE-2006-4189. | ||||
| CVE-2006-5411 | 1 Justin White | 1 Freewps | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in upload.php for Free Web Publishing System (FreeWPS), possibly 2.11 and earlier, allows remote attackers to upload and execute arbitrary PHP programs. | ||||
| CVE-2006-5414 | 1 Barry Nauta | 1 Brim | 2026-04-23 | N/A |
| Barry Nauta BRIM before 1.2.1 allows remote authenticated users to read information from other users via a modified URL. | ||||
| CVE-2006-5415 | 1 News Defilante Horizontale | 1 News Defilante Horizontale | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in includes/functions_newshr.php in the News Defilante Horizontale 4.1.1 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | ||||
| CVE-2006-5417 | 1 Mcafee | 4 Internet Security Suite, Network Agent, Personal Firewall Plus and 1 more | 2026-04-23 | N/A |
| McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAfee products possibly including Internet Security Suite, Personal Firewall Plus, and VirusScan, allows remote attackers to cause a denial of service (agent crash) via a long packet, possibly because of an invalid string position field value. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2006-5419 | 1 University Of Glasgow | 1 Specimen Image Database | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in client.php in University of Glasgow Specimen Image Database (SID), when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter. | ||||
| CVE-2006-5423 | 1 Lou Portail | 1 Lou Portail | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in admin/admin_module.php in Lou Portail 1.4.1, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the g_admin_rep parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2006-5425 | 1 Xorp | 1 Extensible Open Router Platform | 2026-04-23 | N/A |
| XORP (eXtensible Open Router Platform) 1.2 and 1.3 allows remote attackers to cause a denial of service (application crash) via an Open Shortest Path First (OSPF) Link State Advertisement (LSA) with an invalid LSA length field. | ||||
| CVE-2006-5427 | 1 Php Amx | 1 Php Amx | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in plugins/main.php in Php AMX 0.9.0, when register_globals is enabled or magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the plug_path parameter. | ||||
| CVE-2006-5436 | 1 Freefaq | 1 Freefaq | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in index.php in FreeFAQ 1.0.e allows remote attackers to execute arbitrary PHP code via a URL in the faqpath parameter. | ||||
| CVE-2006-5430 | 1 Db-central | 2 Cms, Enterprise Cms | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the search functionality in db-central (dbc) Enterprise CMS and db-central CMS allows remote attackers to inject arbitrary web script or HTML via the needle parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||