Export limit exceeded: 20006 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 361553 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361553 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2245 | 1 F5 | 1 Tmos | 2026-04-16 | N/A |
| Unknown vulnerability in F5 BIG-IP 9.0.2 through 9.1 allows attackers to "subvert the authentication of SSL transactions," via unknown attack vectors, possibly involving NATIVE ciphers. | ||||
| CVE-2006-1991 | 1 Php | 1 Php | 2026-04-16 | N/A |
| The substr_compare function in string.c in PHP 5.1.2 allows context-dependent attackers to cause a denial of service (memory access violation) via an out-of-bounds offset argument. | ||||
| CVE-2006-2001 | 1 Scry Gallery | 1 Scry Gallery | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Scry Gallery 1.1 allows remote attackers to inject arbitrary web script or HTML via the p parameter. NOTE: this is a different vulnerability than the directory traversal vector. | ||||
| CVE-2005-2246 | 1 Iphotoalbum | 1 Iphotoalbum | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in iPhotoAlbum 1.1 allow remote attackers to execute arbitrary code via the (1) doc_path parameter to getpage.php or (2) set_menu parameter to lib/static/header.php. | ||||
| CVE-2006-2013 | 1 Web-provence | 1 Sl Site | 2026-04-16 | N/A |
| SQL injection vulnerability in page.php in SL_site 1.0 allows remote attackers to execute arbitrary SQL commands via the id_page parameter. NOTE: this issue could be used to produce resultant XSS from an error message. | ||||
| CVE-2006-2017 | 1 Dnsmasq | 1 Dnsmasq | 2026-04-16 | N/A |
| Dnsmasq 2.29 allows remote attackers to cause a denial of service (application crash) via a DHCP client broadcast reply request. | ||||
| CVE-2005-2247 | 1 Moodle | 1 Moodle | 2026-04-16 | N/A |
| Multiple unknown vulnerabilities in Moodle before 1.5.1 have unknown impact and attack vectors. | ||||
| CVE-2005-2250 | 1 Nokia | 1 Affix | 2026-04-16 | N/A |
| Buffer overflow in Bluetooth FTP client (BTFTP) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary code via a long filename in an OBEX file share. | ||||
| CVE-2006-2030 | 1 Alliedtelesyn | 1 At-9724ts | 2026-04-16 | N/A |
| The Allied Telesyn AT-9724TS switch allows remote attackers to cause a denial of service via a large amount of UDP data to the switch, which leads to unstable operation and possibly failure of the management interface or routing. | ||||
| CVE-2006-2032 | 1 Corenews | 1 Corenews | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Core CoreNews 2.0.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) icon_id and (2) userid parameters in preview.php. | ||||
| CVE-2006-2033 | 1 Corenews | 1 Corenews | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in Core CoreNews 2.0.1 and earlier allows remote authenticated users to execute arbitrary commands via the show parameter. NOTE: this is a different vector than CVE-2006-1212, although it might be the same primary issue. | ||||
| CVE-2005-2251 | 1 Secure Reality | 1 Phpsecurepages | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in secure.php in PHPSecurePages (phpSP) 0.28beta and earlier allows remote attackers to execute arbitrary code via the cfgProgDir parameter, a variant of CVE-2001-1468. | ||||
| CVE-2005-0400 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| The ext2_make_empty function call in the Linux kernel before 2.6.11.6 does not properly initialize memory when creating a block for a new directory entry, which allows local users to obtain potentially sensitive information by reading the block. | ||||
| CVE-2005-2103 | 2 Gaim Project, Redhat | 2 Gaim, Enterprise Linux | 2026-04-16 | 9.8 Critical |
| Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an away message with a large number of AIM substitution strings, such as %t or %n. | ||||
| CVE-2006-1327 | 1 Softbb | 1 Softbb | 2026-04-16 | N/A |
| SQL injection vulnerability in reg.php in SoftBB 0.1 allows remote attackers to execute arbitrary SQL commands via the mail parameter. | ||||
| CVE-2005-2104 | 1 Redhat | 2 Enterprise Linux, Sysreport | 2026-04-16 | N/A |
| sysreport before 1.3.7 allows local users to obtain sensitive information via a symlink attack on a temporary directory. | ||||
| CVE-2005-2154 | 1 Osticket | 1 Osticket Sts | 2026-04-16 | N/A |
| PHP local file inclusion vulnerability in (1) view.php and (2) open.php in osTicket 1.3.1 beta and earlier allows remote attackers to include and possibly execute arbitrary local files via the inc parameter. | ||||
| CVE-2005-0159 | 1 Debian | 2 Debian Linux, Toolchain-source | 2026-04-16 | N/A |
| The tpkg-* scripts in the toolchain-source 3.0.4 package on Debian GNU/Linux 3.0 allow local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2006-3040 | 1 Amr Talkbox | 1 Amr Talkbox | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in talkbox.php in Amr Talkbox allows remote attackers to execute arbitrary PHP code via a URL in the direct parameter. NOTE: this issue has been disputed by CVE, since the $direct variable is set to a static value just before the include statement | ||||
| CVE-2005-2107 | 1 Wordpress | 1 Wordpress | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in post.php in WordPress 1.5.1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) p or (2) comment parameter. | ||||