Export limit exceeded: 362845 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-2784 | 1 Globus | 1 Globus Toolkit | 2026-04-23 | N/A |
| Unspecified vulnerability in globus-job-manager in Globus Toolkit 4.1.1 and earlier (globus_nexus-6.6 and earlier) allows remote attackers to cause a denial of service (resource exhaustion and system crash) via certain requests to temporary TCP ports for a GRAM2 job or its MPICH-G2 applications. | ||||
| CVE-2006-5466 | 2 Rpm, Ubuntu | 2 Package Manager, Ubuntu Linux | 2026-04-23 | N/A |
| Heap-based buffer overflow in the showQueryPackage function in librpm in RPM Package Manager 4.4.8, when the LANG environment variable is set to ru_RU.UTF-8, might allow user-assisted attackers to execute arbitrary code via crafted RPM packages. | ||||
| CVE-2007-0955 | 1 Mailenable | 1 Mailenable | 2026-04-23 | N/A |
| The NTLM_UnPack_Type3 function in MENTLM.dll in MailEnable Professional 2.35 and earlier allows remote attackers to cause a denial of service (application crash) via certain base64-encoded data following an AUTHENTICATE NTLM command to the imap port (143/tcp), which results in an out-of-bounds read. | ||||
| CVE-2006-6802 | 1 Enthrallweb | 1 Epages | 2026-04-23 | N/A |
| SQL injection vulnerability in actualpic.asp in Enthrallweb ePages allows remote attackers to execute arbitrary SQL commands via the Biz_ID parameter. | ||||
| CVE-2006-6804 | 1 Enthrallweb | 1 Dragon Business Directory Pro | 2026-04-23 | N/A |
| SQL injection vulnerability in bus_details.asp in Dragon Business Directory - Pro (aka Dragon Internet Business Search Directory - Pro) 3.01.12 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter. | ||||
| CVE-2006-7062 | 1 Kmail | 1 Kmail | 2026-04-23 | N/A |
| calendar.php in Kamgaing Email System (kmail) 2.3 and earlier allows remote attackers to obtain the full path of the server via an invalid d parameter, which leaks the path in an error message. | ||||
| CVE-2007-0953 | 1 Atmail | 1 Atmail Webmail | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in search.pl in @Mail 4.61 and earlier allows remote attackers to inject arbitrary web script or HTML via the keywords parameter. | ||||
| CVE-2006-6809 | 1 Vladimir Menshakov | 1 Buratinable Templator | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in process.php in Vladimir Menshakov buratinable templator (aka bubla) 1.0.0rc2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) bu_dir or (2) bu_config[dir] parameter. | ||||
| CVE-2006-6814 | 1 Hosting Controller | 1 Hosting Controller | 2026-04-23 | N/A |
| Directory traversal vulnerability in FolderManager/FolderManager.aspx in Hosting Controller 7c allows remote authenticated users to read and modify arbitrary files, and list arbitrary directories via ..\ (dot dot backslash) sequences in the BrowsePath parameter. | ||||
| CVE-2006-6830 | 1 Cafelog | 1 B2 Blog | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in b2verifauth.php in b2 Blog 0.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the index parameter. | ||||
| CVE-2006-6853 | 1 Mozilla | 1 Durian Web Application Server | 2026-04-23 | N/A |
| Buffer overflow in Durian Web Application Server 3.02 freeware on Windows allows remote attackers to execute arbitrary code via a long string in a crafted packet to TCP port 4002. | ||||
| CVE-2006-6858 | 1 Miredo | 1 Miredo | 2026-04-23 | N/A |
| Miredo 0.9.8 through 1.0.5 does not properly authenticate a Teredo bubble during UDP hole punching with HMAC-MD5-64 hashing, which allows remote attackers to impersonate an arbitrary Teredo client. | ||||
| CVE-2006-7060 | 1 Scriptsez.net | 1 E-dating System | 2026-04-23 | N/A |
| cindex.php in Scriptsez.net E-Dating System allows remote attackers to obtain the full path via an invalid id parameter in a dologin action, which leaks the path in an error message. | ||||
| CVE-2006-6863 | 1 Enigma | 1 Wordpress Bridge | 2026-04-23 | 9.8 Critical |
| PHP remote file inclusion vulnerability in the Enigma2 plugin (Enigma2.php) in Enigma WordPress Bridge allows remote attackers to execute arbitrary PHP code via a URL in the boarddir parameter. NOTE: CVE disputes this issue, since $boarddir is set to a fixed value | ||||
| CVE-2006-6864 | 1 Enigma2 | 1 Coppermine Bridge | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in E2_header.inc.php in Enigma2 Coppermine Bridge 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the boarddir parameter. | ||||
| CVE-2007-2790 | 1 Vp-asp | 1 Vp-asp Shopping Cart | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in shopcontent.asp in VP-ASP Shopping Cart 6.50, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the type parameter. | ||||
| CVE-2007-2793 | 1 Geeklog | 1 Geeklog | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in ImageImageMagick.php in Geeklog 2.x allows remote attackers to execute arbitrary PHP code via a URL in the glConf[path_system] parameter. | ||||
| CVE-2006-6901 | 1 Microsoft | 1 Windows 2003 Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the Bluetooth stack in Microsoft Windows allows remote attackers to gain administrative access (aka Remote Root) via unspecified vectors. | ||||
| CVE-2006-6914 | 1 Ibm | 1 Aix | 2026-04-23 | N/A |
| Unspecified vulnerability in ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote attackers to obtain sensitive information, including passwords, via unspecified vectors. | ||||
| CVE-2006-6919 | 1 Sage-mozdev | 1 Sage | 2026-04-23 | N/A |
| Firefox Sage extension 1.3.8 and earlier allows remote attackers to execute arbitrary Javascript in the local context via an RSS feed with an img tag containing the script followed by an extra trailing ">", which Sage modifies to close the img element before the malicious script. | ||||