Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0521 2026-04-16 N/A
An NIS domain name is easily guessable.
CVE-2006-1128 1 Gallery Project 1 Gallery 2026-04-16 N/A
Directory traversal vulnerability in the session handling class (GallerySession.class) in Gallery 2 up to 2.0.2 allows remote attackers to access and delete files by specifying the session in a cookie, which is used in constructing file paths before the session value is sanitized.
CVE-2006-1131 1 Bitweaver 1 Bitweaver 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in read.php in bitweaver CMS 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the comment_title parameter.
CVE-2006-1136 1 Xerox 6 Copycentre C65, Copycentre C75, Copycentre C90 and 3 more 2026-04-16 N/A
Buffer overflow in the PostScript file interpreter code for Xerox CopyCentre and Xerox WorkCentre Pro, running software 1.001.02.073 or earlier, or 1.001.02.074 before 1.001.02.715, allows attackers to cause a denial of service via unknown vectors.
CVE-1999-1389 1 3com 1 Total Control Netserver Card 2026-04-16 N/A
US Robotics/3Com Total Control Chassis with Frame Relay between 3.6.22 and 3.7.24 does not properly enforce access filters when the "set host prompt" setting is made for a port, which allows attackers to bypass restrictions by providing the hostname twice at the "host: " prompt.
CVE-2006-1137 1 Xerox 12 Copycentre C65, Copycentre C65 Firmware, Copycentre C75 and 9 more 2026-04-16 N/A
Multiple unspecified vulnerabilities in Xerox CopyCentre and Xerox WorkCentre Pro, running software 1.001.02.073 or earlier, or 1.001.02.074 before 1.001.02.715, allow remote attackers to cause an unspecified denial of service via a crafted PostScript file that will (1) "navigate through the directory" or (2) a "file sent to expose TCP/IP ports".
CVE-2006-1138 1 Xerox 12 Copycentre C65, Copycentre C65 Firmware, Copycentre C75 and 9 more 2026-04-16 N/A
Unspecified vulnerability in the web server code in Xerox CopyCentre and Xerox WorkCentre Pro, running software 1.001.02.073 or earlier, or 1.001.02.074 before 1.001.02.715, allows remote attackers to cause a denial of service (memory corruption) via unknown vectors.
CVE-2004-0685 3 Linux, Redhat, Trustix 4 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 1 more 2026-04-16 N/A
Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structures, which could allow local users to obtain sensitive information by reading memory that was not cleared from previous usage.
CVE-2006-2736 1 Phpbb-portal 1 Blend Portal 2026-04-16 N/A
PHP remote file inclusion vulnerability in blend_data/blend_common.php in Blend Portal 1.2.0, as used with phpBB when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. NOTE: This is a similar vulnerability to CVE-2006-2507.
CVE-2003-0137 1 Nokia 1 Sgsn Dx200 2026-04-16 N/A
SNMP daemon in the DX200 based network element for Nokia Serving GPRS support node (SGSN) allows remote attackers to read SNMP options via arbitrary community strings.
CVE-2006-1140 1 Redblog 1 Redblog 2026-04-16 N/A
SQL injection vulnerability in rss.php in RedBLoG 0.5 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
CVE-1999-1390 1 Debian 1 Debian Linux 2026-04-16 N/A
suidexec in suidmanager 0.18 on Debian 2.0 allows local users to gain root privileges by specifying a malicious program on the command line.
CVE-2006-1143 1 Ftpoed 1 Ftpoed Blog Engine 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in FTPoed Blog Engine 1.1 allows remote attackers to inject arbitrary web script or HTML via the comment_body parameter, as used by the comment field, when posting a comment.
CVE-1999-0753 1 Hughes 1 Msql 2026-04-16 N/A
The w3-msql CGI script provided with Mini SQL allows remote attackers to view restricted directories.
CVE-2006-1144 1 David Ravenscroft 1 Hithost 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in HitHost 1.0.0 allows remote attackers to inject arbitrary web script or HTML via (1) the user parameter in deleteuser.php and (2) the hits parameter in viewuser.php.
CVE-1999-0757 1 Allaire 1 Coldfusion Server 2026-04-16 N/A
The ColdFusion CFCRYPT program for encrypting CFML templates has weak encryption, allowing attackers to decrypt the templates.
CVE-2006-1150 1 Teg 1 Tenes Empanadas Graciela 2026-04-16 N/A
Buffer overflow in Tenes Empanadas Graciela (TEG) 0.11.1, automatically appends an _ (underscore) to the end of duplicate nicknames, which allows remote attackers to cause a denial of service (application crash) by creating multiple users with long, identical nicknames, which triggers an off-by-one error.
CVE-2006-1152 1 M Phorum 1 M Phorum 2026-04-16 N/A
PHP remote file inclusion vulnerability in index.php in M-Phorum 0.2 allows remote attackers to include arbitrary files via the go parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-1160 1 Efs Software 1 Efs Web Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Easy File Sharing (EFS) Web Server 3.2 allows remote attackers to inject arbitrary web script or HTML via the Description field in creating a folder or uploading a file.
CVE-2006-1197 1 Macrovision 1 Safedisc 2026-04-16 N/A
SafeDisc installs the driver service for the secdrv.sys driver with insecure permissions, which allows local users to gain privileges by changing the configuration to reference a malicious program.