Search Results (351250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-5328 2 Apple, Openbase International Ltd 2 Xcode, Openbase 2026-04-23 N/A
OpenBase SQL 10.0 and earlier, as used in Apple Xcode 2.2 2.2 and earlier and possibly other products, allows local users to create arbitrary files via a symlink attack on the simulation.sql file.
CVE-2006-5330 2 Adobe, Redhat 2 Flash Player, Rhel Extras 2026-04-23 N/A
CRLF injection vulnerability in Adobe Flash Player plugin 9.0.16 and earlier for Windows, 7.0.63 and earlier for Linux, 7.x before 7.0 r67 for Solaris, and before 9.0.28.0 for Mac OS X, allows remote attackers to modify HTTP headers of client requests and conduct HTTP Request Splitting attacks via CRLF sequences in arguments to the ActionScript functions (1) XML.addRequestHeader and (2) XML.contentType. NOTE: the flexibility of the attack varies depending on the type of web browser being used.
CVE-2006-5337 1 Oracle 1 Database Server 2026-04-23 N/A
Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.0.1.5, 9.2.0.8, 10.1.0.5, and 10.2.0.2 has unknown impact and remote authenticated attack vectors, aka Vuln# DB09.
CVE-2007-0517 1 Scriptsez 1 Random Php Quote 2026-04-23 N/A
Scriptsez Random PHP Quote 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain password information via a direct request for pwd.txt.
CVE-2006-5342 1 Oracle 1 Database Server 2026-04-23 N/A
Unspecified vulnerability in Oracle Spatial component in Oracle Database 9.0.1.5, 9.2.0.6, and 10.1.0.3 has unknown impact and remote authenticated attack vectors related to mdsys.sdo_tune, aka Vuln# DB18. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB18 might be related to SQL injection in the EXTENT_OF function.
CVE-2007-0518 1 Scriptsez 1 Smart Php Subscriber 2026-04-23 N/A
Scriptsez Smart PHP Subscriber (aka subscribe) stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain encoded passwords via a direct request for pwd.txt.
CVE-2006-5344 1 Oracle 1 Database Server 2026-04-23 N/A
Multiple unspecified vulnerabilities in Oracle Spatial component in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 have unknown impact and remote authenticated attack vectors related to (1) mdsys.sdo_3gl, aka Vuln# DB20, and (2) mdsys.sdo_cs, aka DB21. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB20 is a buffer overflow in GEOM_OPERATION, and DB21 is related to a buffer overflow and SQL injection in TRANSFORM_LAYER.
CVE-2006-5348 1 Oracle 3 Collaboration Suite, E-business Suite, Http Server 2026-04-23 N/A
Unspecified vulnerability in Oracle HTTP Server 9.2.0.7, Oracle Collaboration Suite 9.0.4.2, and Oracle E-Business Suite and Applications 11.5.10CU2 has unknown impact and remote attack vectors related to HTTPS and SSL, aka Vuln# OHS05.
CVE-2007-0520 1 Unique Ads 1 Unique Ads 2026-04-23 N/A
SQL injection vulnerability in banner.php in Unique Ads (UDS) 1.x allows remote attackers to execute arbitrary SQL commands via the bid parameter.
CVE-2006-5350 1 Oracle 2 E-business Suite, Http Server 2026-04-23 N/A
Unspecified vulnerability in Oracle HTTP Server 9.2.0.7 and Oracle E-Business Suite and Applications 11.5.10CU2 has unknown impact and local attack vectors, aka Vuln# OHS08.
CVE-2007-0521 1 Sony Ericsson 2 K700i, W810i 2026-04-23 N/A
The Sony Ericsson K700i and W810i phones allow remote attackers to cause a denial of service (continual modal dialogs and UI unavailability) by repeatedly trying to OBEX push a file over Bluetooth, as demonstrated by ussp-push.
CVE-2006-5353 1 Oracle 2 Application Server, Collaboration Suite 2026-04-23 N/A
Unspecified vulnerability in Oracle HTTP Server component in Oracle Application Server 9.0.4.3, 10.1.2.0.2, 10.1.2.1.0, and 10.1.3.0.0, and Oracle Collaboration Suite 9.0.4.2 and 10.1.2, has unknown impact and remote attack vectors related to the Mod_rewrite Module, aka Vuln# OHS01.
CVE-2006-5354 1 Oracle 4 Application Server, Collaboration Suite, E-business Suite and 1 more 2026-04-23 N/A
Unspecified vulnerability in Oracle HTTP Server 9.2.0.7 and 10.1.0.5, Application Server 9.0.4.3, 10.1.2.0.2, 10.1.2.1.0, and 10.1.3.0, racle Collaboration Suite 9.0.4.2 and 10.1.2, and Oracle E-Business Suite and Applications 11.5.10CU2 has unknown impact and remote attack vectors, aka Vuln# OHS06.
CVE-2006-5355 1 Oracle 3 Application Server, Collaboration Suite, E-business Suite 2026-04-23 N/A
Unspecified vulnerability in Oracle Single Sign-On component in Oracle Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.1.0, Collaboration Suite 9.0.4.2 and 10.1.2, and Oracle E-Business Suite and Applications 11.5.10CU2 has unknown impact and remote attack vectors, aka Vuln# SSO01.
CVE-2006-5361 1 Oracle 2 Application Server, Collaboration Suite 2026-04-23 N/A
Unspecified vulnerability in Oracle Containers for J2EE in Oracle Application Server 9.0.4.3, 10.1.2.0.0, and 10.1.2.0.1, and Oracle Collaboration Suite 9.0.4.2 and 10.1.2, has unknown impact and remote attack vectors, aka Vuln# OC4J03.
CVE-2006-5362 1 Oracle 1 Application Server 2026-04-23 N/A
Unspecified vulnerability in Oracle Containers for J2EE component in Oracle Application Server 10.1.3.0.0 has unknown impact and remote attack vectors, aka Vuln# OC4J04.
CVE-2006-5363 1 Oracle 2 Application Server, Collaboration Suite 2026-04-23 N/A
Unspecified vulnerability in Oracle Single Sign-On component in Oracle Application Server 10.1.2.0.1 and Collaboration Suite 10.1.2 has unknown impact and remote attack vectors, aka Vuln# SSO02.
CVE-2006-5371 1 Oracle 1 E-business Suite 2026-04-23 N/A
Unspecified vulnerability in Oracle Email Center component in Oracle E-Business Suite 11.5.9 has unknown impact and remote authenticated attack vectors, aka Vuln# APPS07.
CVE-2006-5375 1 Oracle 1 Peoplesoft Enterprise 2026-04-23 N/A
Multiple unspecified vulnerabilities in PeopleTools component in Oracle PeopleSoft Enterprise 8.46 GA, 8.47 GA, 8.48 GA, 8.46.15, 8.47.09, and 8.48.03 have unknown impact and remote attack vectors, aka Vuln# (1) PSE01, (2) PSE02, and (3) PSE03.
CVE-2006-5376 1 Oracle 1 Peoplesoft Enterprise 2026-04-23 N/A
Multiple unspecified vulnerabilities in PeopleTools component in Oracle PeopleSoft Enterprise 8.22 GA, 8.46 GA, 8.47 GA, 8.48 GA, 8.22.11, 8.46.15, 8.47.09, and 8.48.03 have unknown impact and remote authenticated attack vectors, aka Vuln# (1) PSE04, (2) PSE06, (3) PSE07, and (4) PSE08.