Export limit exceeded: 341835 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29886 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29886 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-2131 | 1 Oracle | 1 Peoplesoft Enterprise | 2025-04-09 | N/A |
| Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterprise 8.22.14, 8.47.12, and 8.48.08 has unknown impact and attack vectors, aka PSE01. | ||||
| CVE-2007-2158 | 1 Kooijman-design | 1 Jgallery | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in index.php in jGallery 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the G_JGALL[inc_path] parameter. | ||||
| CVE-2006-4387 | 1 Apple | 1 Mac Os X | 2025-04-09 | N/A |
| Apple Mac OS X 10.4 through 10.4.7, when the administrator clears the "Allow user to administer this computer" checkbox in System Preferences for a user, does not remove the user's account from the appserveradm or appserverusr groups, which still allows the user to manage WebObjects applications. | ||||
| CVE-2006-4390 | 1 Apple | 1 Mac Os X | 2025-04-09 | N/A |
| CFNetwork in Apple Mac OS X 10.4 through 10.4.7 and 10.3.9 allows remote SSL sites to appear as trusted sites by using encryption without authentication, which can cause the lock icon in Safari to be displayed even when the site's identity cannot be trusted. | ||||
| CVE-2006-4400 | 1 Apple | 1 Mac Os X | 2025-04-09 | N/A |
| Stack-based buffer overflow in the Apple Type Services (ATS) server in Mac OS 10.4.8 and earlier allow user-assisted attackers to execute arbitrary code via crafted font files. | ||||
| CVE-2006-4410 | 1 Apple | 1 Mac Os X | 2025-04-09 | N/A |
| The Security Framework in Apple Mac OS X 10.3.9, and 10.4.x before 10.4.7, does not properly search certificate revocation lists (CRL), which allows remote attackers to access systems by using revoked certificates. | ||||
| CVE-2006-4520 | 1 Novell | 1 Edirectory | 2025-04-09 | N/A |
| ncp in Novell eDirectory before 8.7.3 SP9, and 8.8.x before 8.8.1 FTF2, does not properly handle NCP fragments with a negative length, which allows remote attackers to cause a denial of service (daemon crash) when the heap is written to a log file. | ||||
| CVE-2006-4518 | 1 Qbik | 1 Wingate | 2025-04-09 | N/A |
| Qbik WinGate 6.1.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a DNS request with a self-referencing compressed name pointer, which triggers an infinite loop. | ||||
| CVE-2006-5289 | 1 Vtiger | 1 Vtiger Crm | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Vtiger CRM 4.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the calpath parameter to (1) modules/Calendar/admin/update.php, (2) modules/Calendar/admin/scheme.php, or (3) modules/Calendar/calendar.php. | ||||
| CVE-2006-5356 | 1 Oracle | 2 Application Server, Collaboration Suite | 2025-04-09 | N/A |
| Unspecified vulnerability in Oracle Containers for J2EE component in Oracle Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.1.0, and Collaboration Suite 9.0.4.2 and 10.1.2, has unknown impact and remote attack vectors, aka Vuln# OC4J02. | ||||
| CVE-2006-5370 | 1 Oracle | 1 E-business Suite | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10CU2 have unknown impact and remote authenticated attack vectors, aka Vuln# (1) APPS06 for Oracle CRM Gateway for Mobile Devices and (2) APPS08 for Oracle iStore. | ||||
| CVE-2006-5436 | 1 Freefaq | 1 Freefaq | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in index.php in FreeFAQ 1.0.e allows remote attackers to execute arbitrary PHP code via a URL in the faqpath parameter. | ||||
| CVE-2006-5760 | 1 Phpdynasite | 1 Phpdynasite | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in phpDynaSite 3.2.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the racine parameter to (1) function_log.php, (2) function_balise_url.php, or (3) connection.php. | ||||
| CVE-2006-6914 | 1 Ibm | 1 Aix | 2025-04-09 | N/A |
| Unspecified vulnerability in ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote attackers to obtain sensitive information, including passwords, via unspecified vectors. | ||||
| CVE-2006-5773 | 1 Freewebshop | 1 Freewebshop | 2025-04-09 | N/A |
| Directory traversal vulnerability in index.php in FreeWebshop 2.2.1 and earlier allows remote attackers to read arbitrary files and disclose the installation path via a .. (dot dot) in the action parameter. | ||||
| CVE-2006-5775 | 1 Funkboard | 1 Funkboard | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in profile.php in FunkBoard 0.71 before 4 November 2006 at 18:16 GMT allows remote attackers to inject arbitrary web script or HTML, possibly via the name parameter. | ||||
| CVE-2006-5781 | 1 Iodine | 1 Iodine | 2025-04-09 | N/A |
| Stack-based buffer overflow in the handshake function in iodine 0.3.2 allows remote attackers to execute arbitrary code via a crafted DNS response. | ||||
| CVE-2006-5790 | 1 Stefan Ritt | 1 Elog Web Logbook | 2025-04-09 | N/A |
| Multiple format string vulnerabilities in elogd.c in ELOG 2.6.2 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) an entry with an attachment whose name contains format string specifiers (el_submit function), and possibly other vectors in the (2) receive_config, (3) show_rss_feed, (4) show_elog_list, (5) show_logbook_node, and (6) server_loop functions. | ||||
| CVE-2006-5801 | 1 Owfs | 1 Owfs | 2025-04-09 | N/A |
| The owserver module in owfs and owhttpd 2.5p5 and earlier does not properly check the path type, which allows attackers to cause a denial of service (application crash) related to use of the path in owshell. | ||||
| CVE-2006-5809 | 1 Jonathon J. Freeman | 1 Ovbb | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in Jonathon J. Freeman OvBB before 0.13a have unknown impact and attack vectors. | ||||