Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1853 1 Atari 1 Terminator 3 War Of The Machines 2026-04-16 N/A
Buffer overflow in Terminator 3: War of the Machines 1.0 allows remote attackers to cause a denial of service via a long ServerInfo variable.
CVE-2006-1374 1 Brain Book Software 1 Adman 2026-04-16 N/A
SQL injection vulnerability in viewStatement.php in AdMan 1.0.20051221 and earlier allows remote attackers to execute arbitrary SQL commands via the transactions_offset parameter.
CVE-2002-1974 1 Sharp 1 Zaurus 2026-04-16 N/A
The FTP service in Zaurus PDAs SL-5000D and SL-5500 does not require authentication, which allows remote attackers to access the file system as root.
CVE-2006-0503 1 Mailenable 1 Mailenable Professional 2026-04-16 N/A
IMAP service in MailEnable Professional Edition before 1.72 allows remote attackers to cause a denial of service (service crash) via unspecified vectors involving the EXAMINE command.
CVE-2006-0509 1 Cerberus 1 Cerberus Helpdesk 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in clients.php in Cerberus Helpdesk, possibly 2.7, allow remote attackers to inject arbitrary web script or HTML via (1) the contact_search parameter and (2) unspecified url fields.
CVE-2006-1378 1 Counterpane 1 Password Safe 2026-04-16 N/A
PasswordSafe 3.0 beta, when running on Windows before XP, uses a weak random number generator (C++ rand function) during generation of the database encryption key, which makes it easier for attackers to decrypt the database and steal passwords by generating keys for all possible rand() seed values and conducting a known plaintext attack.
CVE-2002-1976 1 Linux 1 Linux Kernel 2026-04-16 N/A
ifconfig, when used on the Linux kernel 2.2 and later, does not report when the network interface is in promiscuous mode if it was put in promiscuous mode using PACKET_MR_PROMISC, which could allow attackers to sniff the network without detection, as demonstrated using libpcap.
CVE-2002-1977 1 Pgp 1 Pgp 2026-04-16 N/A
Network Associates PGP 7.0.4 and 7.1 does not time out according to the value set in the "Passphrase Cache" option, which could allow attackers to open encrypted files without providing a passphrase.
CVE-2006-1390 1 Gentoo 1 Linux 2026-04-16 N/A
The configuration of NetHack 3.4.3-r1 and earlier, Falcon's Eye 1.9.4a and earlier, and Slash'EM 0.0.760 and earlier on Gentoo Linux allows local users in the games group to modify saved games files to execute arbitrary code via buffer overflows and overwrite arbitrary files via symlink attacks.
CVE-2004-1873 1 Alan Ward 1 A-cart 2026-04-16 N/A
SQL injection vulnerability in category.asp in A-CART Pro and A-CART 2.0 allows remote attackers to gain privileges via the catcode parameter.
CVE-2002-1980 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in Volume Manager daemon (vold) of Sun Solaris 2.5.1 through 8 allows local users to execute arbitrary code via unknown attack vectors.
CVE-2006-0511 1 Blackboard 2 Blackboard, Blackboard Academic Suite 2026-04-16 N/A
Blackboard Academic Suite 6.0 and earlier does not properly clear session information when de-authenticating a user who is idle, which allows subsequent users to log in as the previous user and gain privileges. NOTE: the vendor has disputed this issue, saying that "This is a customer specific issue related to their Kerberos authentication single sign-on application and not a vulnerability in the Blackboard product.
CVE-2002-2060 1 Twibright Labs 1 Links 2026-04-16 N/A
Buffer overflow in Links 2.0 pre4 allows remote attackers to crash client browsers and possibly execute arbitrary code via gamma tables in large 16-bit PNG images.
CVE-2004-2056 1 Nucleus Group 1 Nucleus Cms 2026-04-16 N/A
SQL injection vulnerability in action.php in Nucleus CMS 3.01 allows remote attackers to execute arbitrary SQL statements via the itemid parameter.
CVE-2006-1495 2 Netoffice, Phpcollab 2 Netoffice, Phpcollab 2026-04-16 N/A
SQL injection vulnerability in general/sendpassword.php in (1) PHPCollab 2.4 and 2.5.rc3, and (2) NetOffice 2.5.3-pl1 and 2.6.0b2 allows remote attackers to execute arbitrary SQL commands via the loginForm parameter in the "forgotten password" option.
CVE-2002-2063 1 Atguard 1 Atguard Personal Firewall 2026-04-16 N/A
AtGuard 3.2 allows remote attackers to bypass firwall filters and execute prohibited programs by changing the filenames to permitted filenames.
CVE-2006-0546 1 Egeinternet 1 Egeinternet 2026-04-16 N/A
Unspecified vulnerability in index.php in a certain application available from /v1/tr/portfoy.php on www.egeinternet.com allows remote attackers to execute arbitrary code via "evilcode" in the key parameter, possibly a PHP remote file include vulnerability in which the attack vector is a URL in the key parameter. NOTE: it is not clear whether this vulnerability is associated with an online service or application service provider. If so, then it should not be included in CVE.
CVE-2006-1496 1 Vihor 1 Vihordesign 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php in ViHor Design allow remote attackers to inject arbitrary web script or HTML via (1) a remote URL in the page parameter, which is processed by an fopen call, or (2) HTML or script in the page parameter, which is returned to the client in an error message for the failed fopen call.
CVE-2002-2064 1 Phpwebgallery 1 Phpwebgallery 2026-04-16 N/A
isadmin.php in PhpWebGallery 1.0 allows remote attackers to gain administrative access via by setting the photo_login cookie to pseudo.
CVE-2006-1507 1 Phpkit 1 Phpkit 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in PHPKIT 1.6.03 allows remote attackers to inject arbitrary web script or HTML via the error parameter to include.php, possibly due to a problem in login/login.php.