Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0855 1 Freebsd 1 Freebsd 2026-04-16 N/A
Buffer overflow in FreeBSD gdc program.
CVE-2006-1942 3 K-meleon Project, Mozilla, Netscape 3 K-meleon, Firefox, Navigator 2026-04-16 N/A
Mozilla Firefox 1.5.0.2 and possibly other versions before 1.5.0.4, Netscape 8.1, 8.0.4, and 7.2, and K-Meleon 0.9.13 allows user-assisted remote attackers to open local files via a web page with an IMG element containing a SRC attribute with a non-image file:// URL, then tricking the user into selecting View Image for the broken image, as demonstrated using a .wma file to launch Windows Media Player, or by referencing an "alternate web page."
CVE-2006-1946 1 Visale 1 Visale 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Visale 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the keyval parameter in pbpgst.cgi, (2) the catsubno parameter in pblscg.cgi, and (3) the listno parameter in pblsmb.cgi.
CVE-1999-0956 1 Next 1 Nextstep 2026-04-16 N/A
The NeXT NetInfo _writers property allows local users to gain root privileges or conduct a denial of service.
CVE-2001-0583 1 Alt-n 1 Mdaemon 2026-04-16 N/A
Alt-N Technologies MDaemon 3.5.4 allows a remote attacker to create a denial of service via the URL request of a MS-DOS device (such as GET /aux) to (1) the Worldclient service at port 3000, or (2) the Webconfig service at port 3001.
CVE-1999-0965 1 X.org 1 X11 2026-04-16 N/A
Race condition in xterm allows local users to modify arbitrary files via the logging option.
CVE-1999-0966 1 Sun 1 Sunos 2026-04-16 N/A
Buffer overflow in Solaris getopt in libc allows local users to gain root privileges via a long argv[0].
CVE-2001-0588 1 Sco 1 Openserver 2026-04-16 N/A
sendmail 8.9.3, as included with the MMDF 2.43.3b package in SCO OpenServer 5.0.6, can allow a local attacker to gain additional privileges via a buffer overflow in the first argument to the command.
CVE-2006-2003 1 Community Architect 1 Community Architect Guestbook 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in cgi-bin/guest in Community Architect Guestbook allows remote attackers to inject arbitrary web script or HTML by signing the guestbook, which is displayed by fsguestbook.html. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-2004 1 Michael Romedahl 1 Ri Blog 2026-04-16 N/A
Multiple SQL injection vulnerabilities in RI Blog 1.1 allow remote attackers to execute arbitrary SQL command via the (1) username or (2) password fields.
CVE-2006-2007 1 Winny 1 Winny 2026-04-16 N/A
Heap-based buffer overflow in Winny 2.0 b7.1 and earlier allows remote attackers to execute arbitrary code via long strings to certain commands sent to the file transfer port.
CVE-2006-2009 1 Phpmyagenda 1 Phpmyagenda 2026-04-16 N/A
PHP remote file inclusion vulnerability in agenda.php3 in phpMyAgenda 3.0 Final and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootagenda parameter.
CVE-2006-2010 1 Paras Chopra 1 Bloggage 2026-04-16 N/A
Multiple SQL injection vulnerabilities in check_login.asp in Bloggage allow remote attackers to execute arbitrary SQL commands via the (1) acc_name and (2) password parameter.
CVE-2006-2012 1 Skulltag Team 1 Skulltag 2026-04-16 N/A
Format string vulnerability in Skulltag 0.96f and earlier allows remote attackers to cause a denial of service via the version string.
CVE-1999-0968 1 James Seter 1 Bnc Irc 2026-04-16 N/A
Buffer overflow in BNC IRC proxy allows remote attackers to gain privileges.
CVE-2006-4853 1 Haberx 1 Haberx 2026-04-16 N/A
SQL injection vulnerability in kategorix.asp in Haberx 1.02 through 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in kategorihaberx.asp.
CVE-2003-1363 1 Aprelium Technologies 1 Abyss Web Server 2026-04-16 N/A
The remote web management interface of Aprelium Technologies Abyss Web Server 1.1.2 and earlier does not log connection attempts to the web management port (9999), which allows remote attackers to mount brute force attacks on the administration console without detection.
CVE-2006-4746 1 Comscripts 1 Web Server Creator 2026-04-16 N/A
PHP remote file inclusion vulnerability in news/include/customize.php in Web Server Creator 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the l parameter.
CVE-2001-0383 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
banners.php in PHP-Nuke 4.4 and earlier allows remote attackers to modify banner ad URLs by directly calling the Change operation, which does not require authentication.
CVE-2006-2068 1 Hitachi 9 Jp1-cm2-network Node Manager, Jp1-cm2-network Node Manager 250, Jpi Automatic Job Management System 2 and 6 more 2026-04-16 N/A
Unspecified vulnerability in Hitachi JP1 products allow remote attackers to cause a denial of service (application stop or fail) via unexpected requests or data.