Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-2672 1 Argosoft 1 Ftp Server 2026-04-16 N/A
Unspecified vulnerability in ArGoSoft FTP server before 1.4.2.2 allows attackers to upload .lnk files via unknown vectors.
CVE-2004-2673 1 Argosoft 1 Ftp Server 2026-04-16 N/A
Multiple buffer overflows in ArGoSoft FTP Server before 1.4.1.6 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via (1) a SITE ZIP command with a long first or second argument, or (2) a SITE COPY with a long argument.
CVE-2006-3096 1 Ipostmx 1 Ipostmx 2005 2026-04-16 N/A
Multiple SQL injection vulnerabilities in iPostMX 2005 2.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) forum parameter in messagepost.cfm and (2) topic parameter in topics.cfm. NOTE: this item was created based on information in a blog entry that was apparently removed after CVE analysis. As of 20060619, CVE is attempting to determine the cause of the removal.
CVE-2004-2677 1 Qwikmail 1 Qwikmail Smtp 2026-04-16 N/A
Format string vulnerability in qwik-smtpd.c in QwikMail SMTP (qwik-smtpd) 0.3 and earlier allows remote attackers to execute arbitrary code via format specifiers in the (1) clientRcptTo array, and the (2) Received and (3) messageID variables, possibly involving HELO and hostname arguments.
CVE-2004-2678 1 Hp 1 Tru64 2026-04-16 N/A
Unspecified vulnerability in HP Tru64 UNIX 5.1B PK2(BL22) and PK3(BL24), and 5.1A PK6(BL24), when using IPsec/IKE (Internet Key Exchange) with Certificates, allows remote attackers to gain privileges via unknown attack vectors.
CVE-2004-2681 1 Peersec Networks 1 Matrixssl 2026-04-16 N/A
PeerSec MatrixSSL before 1.1 caches session keys for an indefinitely long time, which might make it easier for remote attackers to hijack a session.
CVE-2006-3103 1 Bitweaver 1 Bitweaver 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Bitweaver 1.3 allows remote attackers to inject arbitrary web script or HTML via the (1) error parameter in users/login.php and the (2) feedback parameter in articles/index.php.
CVE-2006-3109 1 Cisco 1 Call Manager 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Cisco CallManager 3.3 before 3.3(5)SR3, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3), and 4.3 before 4.3(1), allows remote attackers to inject arbitrary web script or HTML via the (1) pattern parameter in ccmadmin/phonelist.asp and (2) arbitrary parameters in ccmuser/logon.asp, aka bugid CSCsb68657.
CVE-2004-2690 1 Newsphp 1 Newsphp 2026-04-16 N/A
Unrestricted file upload vulnerability in the Administration Panel for NewsPHP allows remote authenticated administrators to upload and execute arbitrary code instead of video files.
CVE-2006-3115 1 Spiffyjr 1 Phpraid 2026-04-16 N/A
SQL injection vulnerability in view.php in phpRaid 3.0.4, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the raid_id parameter.
CVE-1999-0101 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in AIX and Solaris "gethostbyname" library call allows root access through corrupt DNS host names.
CVE-1999-1320 1 Novell 1 Netware 2026-04-16 N/A
Vulnerability in Novell NetWare 3.x and earlier allows local users to gain privileges via packet spoofing.
CVE-2006-3116 1 Spiffyjr 1 Phpraid 2026-04-16 N/A
Multiple PHP remote file inclusion vulnerabilities in phpRaid 3.0.4 and 3.0.5 allow remote attackers to execute arbitrary code via a URL in the phpraid_dir parameter to (1) configuration.php, (3) guilds.php, (4) index.php, (5) locations.php, (6) login.php, (7) lua_output.php, (8) permissions.php, (9) profile.php, (10) raids.php, (11) register.php, (12) roster.php, and (13) view.php.
CVE-2004-2726 1 Mailenable 1 Mailenable 2026-04-16 N/A
HTTPMail service in MailEnable Professional 1.18 does not properly handle arguments to the Authorization header, which allows remote attackers to cause a denial of service (null dereference and application crash). NOTE: This is a different vulnerability than CVE-2005-1348.
CVE-2006-3118 1 Canonical 1 Spread 2026-04-16 N/A
spread uses a temporary file with a static filename based on the port number, which allows local users to cause a denial of service by creating the file during a race condition between unlink and bind function calls. NOTE: spread deletes this temporary file before use, which could cause conflicts with other programs that use the same filename, but this is not a distinct issue.
CVE-1999-0102 1 Seattle Lab Software 1 Slmail 2026-04-16 N/A
Buffer overflow in SLmail 3.x allows attackers to execute commands using a large FROM line.
CVE-2005-0105 1 Typespeed 1 Typespeed 2026-04-16 N/A
Unknown vulnerability in typespeed 0.4.1 and earlier allows local users to gain privileges.
CVE-2006-3143 1 Maximus 1 Schoolmax 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in icue_login.asp in Maximus SchoolMAX 4.0.1 and earlier iCue and iParent applications allows remote attackers to inject arbitrary web script or HTML via the error_msg parameter.
CVE-1999-0108 1 Sgi 1 Irix 2026-04-16 N/A
The printers program in IRIX has a buffer overflow that gives root access to local users.
CVE-2006-3149 1 Phpmyforum 1 Phpmyforum 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in topic.php in phpMyForum 4.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the highlight parameter.