Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-6201 | 2 Borland Software, Revilloc | 6 C\+\+ Builder, C Builder, Delphi and 3 more | 2026-04-23 | N/A |
| Heap-based buffer overflow in Borland idsql32.dll 5.1.0.4, as used by RevilloC MailServer; 5.2.0.2 as used by Borland Developer Studio 2006; and possibly other versions allows remote attackers to execute arbitrary code via a long SQL statement, related to use of the DbiQExec function. | ||||
| CVE-2006-5128 | 1 Conpresso | 1 Conpresso Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Bartels Schoene ConPresso before 4.0.5a allows remote attackers to execute arbitrary SQL commands via the nr parameter. | ||||
| CVE-2006-6247 | 1 Uapplication | 1 Uphotogallery | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Uapplication UPhotoGallery 1.1 allow remote attackers to execute arbitrary SQL commands via the ci parameter to (1) slideshow.asp or (2) thumbnails.asp. | ||||
| CVE-2007-0461 | 1 Dazuko | 1 Dazuko | 2026-04-23 | N/A |
| Multiple memory leaks in the Dazuko anti-virus helper module before 2.3.2 allow attackers to cause a denial of service (memory consumption) via unknown vectors. | ||||
| CVE-2007-1306 | 1 Digium | 1 Asterisk | 2026-04-23 | N/A |
| Asterisk 1.4 before 1.4.1 and 1.2 before 1.2.16 allows remote attackers to cause a denial of service (crash) by sending a Session Initiation Protocol (SIP) packet without a URI and SIP-version header, which results in a NULL pointer dereference. | ||||
| CVE-2007-0623 | 1 Maxdev | 1 Mdpro | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in MAXdev MDPro 1.0.76 allows remote attackers to execute arbitrary SQL commands via the startrow parameter. | ||||
| CVE-2007-2241 | 1 Isc | 1 Bind | 2026-04-23 | N/A |
| Unspecified vulnerability in query.c in ISC BIND 9.4.0, and 9.5.0a1 through 9.5.0a3, when recursion is enabled, allows remote attackers to cause a denial of service (daemon exit) via a sequence of queries processed by the query_addsoa function. | ||||
| CVE-2007-0202 | 1 Alexphpteam | 1 Alex Guestbook | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in @lex Guestbook 4.0.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the lang parameter. | ||||
| CVE-2006-5874 | 1 Clam Anti-virus | 1 Clamav | 2026-04-23 | N/A |
| Clam AntiVirus (ClamAV) 0.88 and earlier allows remote attackers to cause a denial of service (crash) via a malformed base64-encoded MIME attachment that triggers a null pointer dereference. | ||||
| CVE-2007-1655 | 1 Tinymux | 1 Tinymux | 2026-04-23 | N/A |
| Buffer overflow in the fun_ladd function in funmath.cpp in TinyMUX before 20070126 might allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors related to lists of numbers. | ||||
| CVE-2006-5920 | 1 Yuuki Yoshizawa | 1 Exporia | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in common.php in Yuuki Yoshizawa Exporia 0.3.0 allows remote attackers to execute arbitrary PHP code via a URL in the lan parameter. NOTE: SecurityFocus disputes this issue, saying "further analysis reveals that the application is not vulnerable." NOTE: this issue may overlap CVE-2006-5113 | ||||
| CVE-2007-0552 | 1 Oh No Not Another Cms | 1 Oh No Not Another Cms | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in install/default/error404.html in Oh no! Not another CMS (Onnac) 0.0.8.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the error_url parameter. | ||||
| CVE-2006-6571 | 1 Genesistrader | 1 Genesistrader | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in form.php in GenesisTrader 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) cuve, (2) chem, (3) do, and possibly other parameters. | ||||
| CVE-2006-5875 | 1 Enemies Of Carlotta | 1 Enemies Of Carlotta | 2026-04-23 | N/A |
| eoc.py in Enemies of Carlotta (EoC) before 1.2.4 allows remote attackers to execute arbitrary commands via shell metacharacters in an "SMTP level e-mail address". | ||||
| CVE-2007-1024 | 1 Marcello Vitagliano | 1 Meganoides News | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in include.php in Meganoide's news 1.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the _SERVER[DOCUMENT_ROOT] parameter. | ||||
| CVE-2006-5453 | 1 Mozilla | 1 Bugzilla | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Bugzilla 2.18.x before 2.18.6, 2.20.x before 2.20.3, 2.22.x before 2.22.1, and 2.23.x before 2.23.3 allow remote authenticated users to inject arbitrary web script or HTML via (1) page headers using the H1, H2, and H3 HTML tags in global/header.html.tmpl, (2) description fields of certain items in various edit cgi scripts, and (3) the id parameter in showdependencygraph.cgi. | ||||
| CVE-2006-6214 | 1 Wallpaper | 1 Wallpaper Complete Website | 2026-04-23 | N/A |
| SQL injection vulnerability in wallpaper.php in Wallpaper Website (Wallpaper Complete Website) 1.0.09 allows remote attackers to execute arbitrary SQL commands via the wallpaperid parameter. | ||||
| CVE-2007-1657 | 1 Python Software Foundation | 1 Python | 2026-04-23 | N/A |
| Stack-based buffer overflow in the file_compress function in minigzip (Modules/zlib) in Python 2.5 allows context-dependent attackers to execute arbitrary code via a long file argument. | ||||
| CVE-2006-5106 | 1 Facileforms | 1 Facileforms | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in FacileForms before 1.4.7 for Mambo and Joomla!, when either register_globals or RG_EMULATION is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2006-5091 | 1 Hp | 1 Hp-ux | 2026-04-23 | N/A |
| Unspecified vulnerability in HP-UX B.11.11 and B.11.23 CIFS Server (Samba) allows local users to gain privileges or obtain "unauthorized access" via unspecified vectors. | ||||