Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0145 2 Lbl, Redhat 3 Tcpdump, Enterprise Linux, Linux 2026-04-16 N/A
Unknown vulnerability in tcpdump before 3.7.2 related to an inability to "Handle unknown RADIUS attributes properly," allows remote attackers to cause a denial of service (infinite loop), a different vulnerability than CAN-2003-0093.
CVE-2006-1182 1 Adobe 2 Document Server, Graphics Server 2026-04-16 N/A
Adobe Graphics Server 2.0 and 2.1 (formerly AlterCast) and Adobe Document Server (ADS) 5.0 and 6.0 allows local users to read files with certain extensions or overwrite arbitrary files and execute code via a crafted SOAP request to the AlterCast web service in which the request uses the (1) saveContent or (2) saveOptimized ADS commands, or the (3) loadContent command.
CVE-2006-1188 2 Canon, Microsoft 3 Network Camera Server Vb101, Ie, Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTML elements with a certain crafted tag, which leads to memory corruption.
CVE-1999-1395 1 Dec 1 Dec Openvms 2026-04-16 N/A
Vulnerability in Monitor utility (SYS$SHARE:SPISHR.EXE) in VMS 5.0 through 5.4-2 allows local users to gain privileges.
CVE-1999-1448 1 Qualcomm 2 Eudora, Eudora Light 2026-04-16 N/A
Eudora and Eudora Light before 3.05 allows remote attackers to cause a crash and corrupt the user's mailbox via an e-mail message with certain dates, such as (1) dates before 1970, which cause a Divide By Zero error, or (2) dates that are 100 years after the current date, which causes a segmentation fault.
CVE-2006-1195 1 Enet 1 Enet Library 2026-04-16 N/A
The enet_protocol_handle_send_fragment function in protocol.c for ENet library CVS version Jul 2005 and earlier, as used in products including (1) Cube, (2) Sauerbraten, and (3) Duke3d_w32, allows remote attackers to cause a denial of service (application crash) via a packet fragment with a large total data size, which triggers an application abort when memory allocation fails.
CVE-2006-1197 1 Macrovision 1 Safedisc 2026-04-16 N/A
SafeDisc installs the driver service for the secdrv.sys driver with insecure permissions, which allows local users to gain privileges by changing the configuration to reference a malicious program.
CVE-2006-1207 1 Sergey Korostel 1 Php Upload Center 2026-04-16 N/A
PHP Upload Center stores password hashes under the web root with insufficient access control, which allows remote attackers to download each password hash via a direct request for the upload/users/[USERNAME] file.
CVE-2006-1209 1 Bugada Andrea 1 Php Advanced Transfer Manager 2026-04-16 N/A
PHP Advanced Transfer Manager 1.00 through 1.30 stores sensitive information, including password hashes, under the web root with insufficient access control, which allows remote attackers to download each password hash via a direct request for a users/[USERNAME] file.
CVE-1999-1398 1 Sgi 1 Irix 2026-04-16 N/A
Vulnerability in xfsdump in SGI IRIX may allow local users to obtain root privileges via the bck.log log file, possibly via a symlink attack.
CVE-1999-1461 1 Sgi 1 Irix 2026-04-16 N/A
inpview in InPerson on IRIX 5.3 through IRIX 6.5.10 trusts the PATH environmental variable to find and execute the ttsession program, which allows local users to obtain root access by modifying the PATH to point to a Trojan horse ttsession program.
CVE-2006-1212 1 Corenews 1 Corenews 2026-04-16 N/A
Unspecified vulnerability in index.php in Core CoreNews 2.0.1 allows remote attackers to execute arbitrary commands via the page parameter, possibly due to a PHP remote file include vulnerability. NOTE: this vulnerability could not be confirmed by source code inspection of CoreNews 2.0.1, which does not appear to use a "page" parameter or variable.
CVE-2006-1213 1 Jiro 1 Banner System 2026-04-16 N/A
JiRo's Banner System Experience and Professional 1.0 and earlier allows remote attackers to bypass access restrictions and gain privileges via a direct request to certain scripts in the files directory, as demonstrated by using addadmin.asp to create a new administrator account.
CVE-2006-2863 1 Cs-cart 1 Cs-cart 2026-04-16 N/A
PHP remote file inclusion vulnerability in class.cs_phpmailer.php in CS-Cart 1.3.3 allows remote attackers to execute arbitrary PHP code via a URL in the classes_dir parameter.
CVE-1999-1401 1 Sgi 1 Irix 2026-04-16 N/A
Vulnerability in Desktop searchbook program in IRIX 5.0.x through 6.2 sets insecure permissions for certain user files (iconbook and searchbook).
CVE-2006-3724 1 Oracle 1 Enterpriseone 2026-04-16 N/A
Unspecified vulnerability in JD Edwards HTML Server for Oracle OneWorld Tools EnterpriseOne Tools 8.95 and 8.96 has unknown impact and attack vectors, aka Oracle Vuln# JDE01.
CVE-2006-3726 1 Intervations 1 Filecopa 2026-04-16 N/A
Buffer overflow in FileCOPA FTP Server before 1.01 released on 18th July 2006, allows remote authenticated attackers to execute arbitrary code via a long argument to the LIST command.
CVE-2006-1244 4 Debian, Gnome, Libextractor and 1 more 4 Debian Linux, Gpdf, Libextractor and 1 more 2026-04-16 N/A
Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc. NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed. Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature.
CVE-2006-2902 1 Particle Soft 1 Particle Links 2026-04-16 N/A
Directory traversal vulnerability in Particle Links 1.2.2 might allow remote attackers to access arbitrary files via ".." sequences in an HTTP request. NOTE: it is not clear whether this issue is legitimate, as the original researcher seems unsure.
CVE-1999-1010 1 Openbsd 1 Openssh 2026-04-16 N/A
An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy.