Search Results (367163 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-4064 1 Yenerturk 1 Yenerturk Haber Script 2026-04-16 N/A
SQL injection vulnerability in default.asp in YenerTurk Haber Script 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: it was later reported reported that 2.0 is also affected.
CVE-2006-4053 1 Ehmig 1 Me Download System 2026-04-16 N/A
PHP remote file inclusion vulnerability in templates/header.php in ME Download System 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the Vb8878b936c2bd8ae0cab parameter.
CVE-2002-0498 1 Etnus 1 Totalview 2026-04-16 N/A
Etnus TotalView 5.0.0-4 installs certain files with UID 5039 and GID 59, which could allow local users with that UID or GID to modify the files and gain privileges as other TotalView users.
CVE-2005-3685 1 Virtual Programming 1 Vp-asp 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in shopadmin.asp in VP-ASP Shopping Cart 5.50 allows remote attackers to inject arbitrary web script or HTML via the UserName parameter.
CVE-2006-4054 1 Ehmig 1 Me Download System 2026-04-16 N/A
Multiple PHP remote file inclusion vulnerabilities in ME Download System 1.3 allow remote attackers to execute arbitrary PHP code via a URL in the (1) Vb8878b936c2bd8ae0cab parameter to (a) inc/sett_style.php or (b) inc/sett_smilies.php; or the (2) Vb6c4d0e18a204a63b38f, (3) V18a78b93c3adaaae84e2, or (4) V9ae5d2ca9e9e787969ff parameters to (c) inc/datei.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
CVE-2006-4069 1 Ozjournals 1 Ozjournals 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Elaine Aquino Online Zone Journals (OZJournals) 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) m and (2) c parameters in index.php, (3) a search action, and (4) a "submit comment" action.
CVE-2005-4816 1 Proftpd Project 1 Proftpd 2026-04-16 N/A
Buffer overflow in mod_radius in ProFTPD before 1.3.0rc2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password.
CVE-2002-0499 1 Linux 1 Linux Kernel 2026-04-16 N/A
The d_path function in Linux kernel 2.2.20 and earlier, and 2.4.18 and earlier, truncates long pathnames without generating an error, which could allow local users to force programs to perform inappropriate operations on the wrong directories.
CVE-2002-0500 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Internet Explorer 5.0 through 6.0 allows remote attackers to determine the existence of files on the client via an IMG tag with a dynsrc property that references the target file, which sets certain elements of the image object such as file size.
CVE-2005-3663 1 Kaspersky Lab 1 Kaspersky Anti-virus 2026-04-16 N/A
Unquoted Windows search path vulnerability in Kaspersky Anti-Virus 5.0 might allow local users to gain privileges via a malicious "program.exe" file in the C: folder.
CVE-2006-4016 1 Toenda Software Development 1 Toendacms 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in /toendaCMS in toendaCMS stable 1.0.3 and earlier, and unstable 1.1 and earlier, allows remote attackers to inject arbitrary web script or HTML via the s parameter.
CVE-2005-4271 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in the malloc debug system in IBM AIX 5.3 allows local users to execute arbitrary code.
CVE-2002-0379 2 Redhat, University Of Washington 2 Linux, Uw-imap 2026-04-16 N/A
Buffer overflow in University of Washington imap server (uw-imapd) imap-2001 (imapd 2001.315) and imap-2001a (imapd 2001.315) with legacy RFC 1730 support, and imapd 2000.287 and earlier, allows remote authenticated users to execute arbitrary code via a long BODY request.
CVE-2002-0378 2 Astart Technologies, Redhat 3 Lprng, Enterprise Linux, Linux 2026-04-16 N/A
The default configuration of LPRng print spooler in Red Hat Linux 7.0 through 7.3, Mandrake 8.1 and 8.2, and other operating systems, accepts print jobs from arbitrary remote hosts.
CVE-2005-3662 2 Greg Roelofs, Redhat 2 Pnmtopng, Enterprise Linux 2026-04-16 N/A
Off-by-one buffer overflow in pnmtopng before 2.39, when using the -alpha command line option (Alphas_Of_Color), allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PNM file with exactly 256 colors.
CVE-2006-3552 1 Ipswitch 2 Ipswitch Collaboration Suite, Ipswitch Secure Server 2026-04-16 N/A
Premium Anti-Spam in Ipswitch IMail Secure Server 2006 and Collaboration Suite 2006 Premium, when using a certain .dat file in the StarEngine /data directory from 20060630 or earlier, does not properly receive and implement bullet signature updates, which allows context-dependent attackers to use the server for spam transmission.
CVE-2006-4014 1 Symantec 1 Brightmail Antispam 2026-04-16 N/A
Symantec Brightmail AntiSpam (SBAS) before 6.0.4, when the Control Center is allowed to connect from any computer, allows remote attackers to cause a denial of service (application freeze) "by sending invalid posts".
CVE-2005-3661 1 Dell 1 Truemobile 2300 Wireless Broadband Router 2026-04-16 N/A
Dell TrueMobile 2300 Wireless Broadband Router running firmware 3.0.0.8 and 5.1.1.6, and possibly other versions, allows remote attackers to reset authentication credentials, then change configuration or firmware, via a direct request to apply.cgi with the Page parameter set to adv_password.asp.
CVE-2006-0672 1 Hp 1 Psc 1210 All-in-one 2026-04-16 N/A
Unspecified vulnerability in HP PSC 1210 All-in-One Drivers before 1.0.06 has unknown impact and attack vectors.
CVE-2005-3659 1 Emc 1 Legato Networker 2026-04-16 N/A
nsrd.exe in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other products such as Sun Solstice Backup (SBU) 6.0 and 6.1 and StorEdge Enterprise Backup Software (EBS) 7.1 through 7.2L, allows remote attackers to cause a denial of service (nsrd service crash) via a malformed RPC request to RPC program number 390109, which triggers a null dereference.