Search Results (351250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-2351 1 Qualcomm 1 Eudora 2026-04-16 N/A
Eudora 5.1 allows remote attackers to bypass security warnings and possibly execute arbitrary code via attachments with names containing a trailing "." (dot).
CVE-2000-1169 1 Openbsd 1 Openssh 2026-04-16 N/A
OpenSSH SSH client before 2.3.0 does not properly disable X11 or agent forwarding, which could allow a malicious SSH server to gain access to the X11 display and sniff X11 events, or gain access to the ssh-agent.
CVE-2000-1184 1 Freebsd 1 Freebsd 2026-04-16 N/A
telnetd in FreeBSD 4.2 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service by specifying an arbitrary large file in the TERMCAP environmental variable, which consumes resources as the server processes the file.
CVE-2006-1163 1 Nodez 1 Nodez 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Nodez 4.6.1.1 allows remote attackers to inject arbitrary web script or HTML via the op parameter. NOTE: it is possible that this issue is resultant from the directory traversal vulnerability.
CVE-2004-2345 1 Oracle 1 Database Server 2026-04-16 N/A
Unknown multiple vulnerabilities in Oracle9i Database Server 9.0.1.4, 9.0.1.5, 9.2.0.3, and 9.2.0.4 allow local users with the ability to invoke SQL to cause a denial of service or obtain sensitive information.
CVE-2000-1207 1 Redhat 1 Linux 2026-04-16 N/A
userhelper in the usermode package on Red Hat Linux executes non-setuid programs as root, which does not activate the security measures in glibc and allows the programs to be exploited via format string vulnerabilities in glibc via the LANG or LC_ALL environment variables (CVE-2000-0844).
CVE-2006-1528 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
Linux kernel before 2.6.13 allows local users to cause a denial of service (crash) via a dio transfer from the sg driver to memory mapped (mmap) IO space.
CVE-2006-1450 1 Apple 1 Mac Os X 2026-04-16 N/A
Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via an enriched text e-mail message with "invalid color information" that causes Mail to allocate and initialize arbitrary classes.
CVE-2001-1201 1 Timecop 1 Wmcube Gdk 2026-04-16 N/A
Buffer overflow in wmcube-gdk for WMCube/GDK 0.98 allows local users to execute arbitrary code via long lines in the object description file.
CVE-2006-1320 1 Rssh 1 Rssh 2026-04-16 N/A
util.c in rssh 2.3.0 in Debian GNU/Linux does not use braces to make a block, which causes a check for CVS to always succeed and allows rsync and rdist to bypass intended access restrictions in rssh.conf.
CVE-2006-1553 1 Tachyon 1 Vsns Lemon 2026-04-16 N/A
SQL injection vulnerability in functions/final_functions.php in VSNS Lemon 3.2.0, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2006-1466 1 Apple 2 Mac Os X, Xcode 2026-04-16 N/A
Xcode Tools before 2.3 for Mac OS X 10.4, when running the WebObjects plugin, allows remote attackers to access or modify WebObjects projects through a network service.
CVE-2006-1640 1 Czaries Network 1 Czarnews 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in news.php in CzarNews 1.14 allows remote attackers to inject arbitrary web script or HTML via the email parameter.
CVE-2006-2833 1 Drupal 1 Drupal 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the taxonomy module in Drupal 4.6.8 and 4.7.2 allows remote attackers to inject arbitrary web script or HTML via inputs that are not properly validated when the page title is output, possibly involving the $names variable.
CVE-2006-2834 1 Gnopaste 1 Gnopaste 2026-04-16 N/A
PHP remote file inclusion vulnerability in includes/common.php in gnopaste 0.5.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter.
CVE-2006-2844 1 Redaxo 1 Redaxo 2026-04-16 N/A
Multiple PHP remote file inclusion vulnerabilities in Redaxo 3.0 allow remote attackers to execute arbitrary PHP code via a URL in the REX[INCLUDE_PATH] parameter to (1) simple_user/pages/index.inc.php and (2) stats/pages/index.inc.php.
CVE-2006-2845 1 Redaxo 1 Redaxo 2026-04-16 N/A
PHP remote file inclusion vulnerability in Redaxo 3.0 up to 3.2 allows remote attackers to execute arbitrary PHP code via a URL in the REX[INCLUDE_PATH] parameter to image_resize/pages/index.inc.php.
CVE-2006-2853 1 Abarcar 1 Abarcar Realty Portal 2026-04-16 N/A
SQL injection vulnerability in content.php in abarcar Realty Portal 5.1.5 allows remote attackers to execute arbitrary SQL commands via the cat parameter.
CVE-2006-2858 1 Locazo 1 Locazolist Classifieds 2026-04-16 N/A
SQL injection vulnerability in viewmsg.asp in LocazoList Classifieds 1.05e allows remote attackers to execute arbitrary SQL commands via the msgid parameter.
CVE-2006-2861 1 Particle Soft 1 Particle Wiki 2026-04-16 N/A
SQL injection vulnerability in index.php in Particle Wiki 1.0.2 and earlier allows remote attackers to execute arbitrary SQL commands via the version parameter.