Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-0793 1 V-webmail 1 V-webmail 2026-04-16 N/A
frameset.php in V-webmail 1.6.2 allows remote attackers to conduct phishing attacks by referencing arbitrary websites in the rframe parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-0804 1 Tin 1 Tin 2026-04-16 N/A
Off-by-one error in TIN 1.8.0 and earlier might allow attackers to execute arbitrary code via unknown vectors that trigger a buffer overflow.
CVE-2006-0810 1 Skate Board 1 Skate Board 2026-04-16 N/A
Unspecified vulnerability in config.php in Skate Board 0.9 allows remote authenticated administrators to execute arbitrary PHP code by causing certain variables in config.php to be modified, possibly due to XSS or direct static code injection.
CVE-2006-0811 1 Skate Board 1 Skate Board 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in reguser.php in Skate Board 0.9 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters involved with the registration form.
CVE-2006-0808 1 Mute 1 Mute 2026-04-16 N/A
MUTE 0.4 allows remote attackers to cause a denial of service (messages not forwarded) and obtain sensitive information about a target by filling a client's mWebCache cache with malicious "zombie" nodes.
CVE-2006-0829 1 E-blah 1 Platinum 2026-04-16 N/A
Cross-site scripting vulnerability in E-Blah Platinum 9.7 allows remote attackers to inject arbitrary web script or HTML via the referer (HTTP_REFERER), which is not sanitized when the log file is viewed by the administrator using "Click Log".
CVE-2006-0839 1 Sourcefire 1 Snort 2026-04-16 N/A
The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths.
CVE-2006-0844 1 Leif M. Wright 1 Web Blog 2026-04-16 N/A
Leif M. Wright's Blog 3.5 does not make a password comparison when authenticating an administrator via a cookie, which allows remote attackers to bypass login authentication, probably by setting the blogAdmin cookie.
CVE-2006-0877 1 Easy Forum 1 Easy Forum 2026-04-16 N/A
Cross-site scripting vulnerability in Easy Forum 2.5 allows remote attackers to inject arbitrary web script or HTML via the image variable.
CVE-2006-0845 1 Leif M. Wright 1 Web Blog 2026-04-16 N/A
Leif M. Wright's Blog 3.5 allows remote authenticated users with administrative privileges to execute arbitrary programs, including shell commands, by configuring the sendmail path to a malicious pathname.
CVE-2006-1445 1 Apple 1 Mac Os X 2026-04-16 N/A
Buffer overflow in the FTP server (FTPServer) in Apple Mac OS X 10.3.9 and 10.4.6 allows remote authenticated users to execute arbitrary code via vectors related to "FTP server path name handling."
CVE-2006-1441 1 Apple 1 Mac Os X 2026-04-16 N/A
Integer overflow in CFNetwork in Apple Mac OS X 10.4.6 allows remote attackers to execute arbitrary code via crafted chunked transfer encoding.
CVE-2006-1446 1 Apple 1 Mac Os X 2026-04-16 N/A
Keychain in Apple Mac OS X 10.3.9 and 10.4.6 might allow an application to bypass a locked Keychain by first obtaining a reference to the Keychain when it is unlocked, then reusing that reference after the Keychain has been locked.
CVE-2006-1452 1 Apple 1 Mac Os X 2026-04-16 N/A
Stack-based buffer overflow in Preview in Apple Mac OS 10.4 up to 10.4.6 allows local users to execute arbitrary code via a deep directory hierarchy.
CVE-2006-1455 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to cause a denial of service (crash and connection interruption) via a QuickTime movie with a missing track, which triggers a null dereference.
CVE-2006-1464 1 Apple 1 Quicktime 2026-04-16 N/A
Buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickTime MPEG4 (M4P) video format file.
CVE-2006-1465 1 Apple 1 Quicktime 2026-04-16 N/A
Buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickTime AVI video format file.
CVE-2006-1474 1 Raindance 1 Web Conferencing Pro 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the "failed" functionality in Raindance Web Conferencing Pro allows remote attackers to inject arbitrary web script or HTML via the browser parameter.
CVE-2006-1472 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Unspecified vulnerability in AFP Server in Apple Mac OS X 10.3.9 allows remote attackers to determine names of unauthorized files and folders via unknown vectors related to the search results.
CVE-2006-1473 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Integer overflow in AFP Server for Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors.