Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-1356 1 Andrew Hsu 2 Libvc, Rolo 2026-04-16 N/A
Stack-based buffer overflow in the count_vcards function in LibVC 3, as used in Rolo, allows user-assisted attackers to execute arbitrary code via a vCard file (e.g. contacts.vcf) containing a long line.
CVE-2006-0736 1 Novell 2 Linux Desktop, Open Enterprise Server 2026-04-16 N/A
Stack-based buffer overflow in the pam_micasa PAM authentication module in CASA on Novell Linux Desktop 9 and Open Enterprise Server 1 allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2006-0737 1 Estara 1 Softphone 2026-04-16 N/A
eStara SIP softphone allows remote attackers to cause a denial of service (crash) via a SIP OPTIONS request with a negative Expires field.
CVE-2006-2061 1 Invision Power Services 2 Invision Board, Invision Power Board 2026-04-16 N/A
SQL injection vulnerability in lib/func_taskmanager.php in Invision Power Board (IPB) 2.1.x and 2.0.x before 20060425 allows remote attackers to execute arbitrary SQL commands via the ck parameter, which can inject at most 32 characters.
CVE-2006-0739 1 Estara 1 Softphone 2026-04-16 N/A
eStara SIP softphone allows remote attackers to cause a denial of service (crash) via an INVITE request with a Content-Length field that has more than 9 digits.
CVE-2005-0547 1 Hp 1 Hp-ux 2026-04-16 N/A
Unknown vulnerability in ftpd on HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and B.11.23 allows remote authenticated users to gain "unauthorized access to files."
CVE-2005-1192 1 Hp 1 Hp-ux 2026-04-16 N/A
Unknown vulnerability in HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and B.11.23, when running TCP/IP on IPv4, allows remote attackers to cause a denial of service via certain packets, related to the PMTU, a different vulnerability than CVE-2004-1060.
CVE-2006-0745 5 Mandrakesoft, Redhat, Sun and 2 more 6 Mandrake Linux, Fedora Core, Solaris and 3 more 2026-04-16 N/A
X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile.
CVE-2000-0166 1 Interaccess 1 Interaccess Telnetd Server 2026-04-16 N/A
Buffer overflow in the InterAccess telnet server TelnetD allows remote attackers to execute commands via a long login name.
CVE-2002-0921 1 Cgiscript.net 1 Csnews 2026-04-16 N/A
CGIScript.net csNews.cgi allows remote attackers to obtain potentially sensitive information, such as the full server pathname and other configuration settings, via the viewnews command with an invalid database, which leaks the information in error messages.
CVE-2006-4823 1 Reamday Enterprises 1 Magic News Pro 2026-04-16 N/A
PHP remote file inclusion vulnerability in scripts/news_page.php in Reamday Enterprises Magic News Pro 1.0.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the script_path parameter.
CVE-2000-0173 1 Sco 1 Unixware 2026-04-16 N/A
Vulnerability in the EELS system in SCO UnixWare 7.1.x allows remote attackers to cause a denial of service.
CVE-2006-0746 2 Redhat, Xpdf 2 Enterprise Linux, Xpdf 2026-04-16 N/A
Certain patches for kpdf do not include all relevant patches from xpdf that were associated with CVE-2005-3627, which allows context-dependent attackers to exploit vulnerabilities that were present in CVE-2005-3627.
CVE-1999-0031 2 Microsoft, Netscape 2 Internet Explorer, Communicator 2026-04-16 N/A
JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user's web activities, aka the Bell Labs vulnerability.
CVE-2006-4919 1 Siteatschool 1 Siteatschool 2026-04-16 N/A
Directory traversal vulnerability in starnet/editors/htmlarea/popups/images.php in Site@School (S@S) 2.4.02 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the dir parameter.
CVE-2002-0963 1 Geeklog 1 Geeklog 2026-04-16 N/A
SQL injection vulnerability in comment.php for GeekLog 1.3.5 and earlier allows remote attackers to obtain sensitive user information via the pid parameter.
CVE-2006-4922 1 Siteatschool 1 Siteatschool 2026-04-16 N/A
Unrestricted file upload vulnerability in starnet/editors/htmlarea/popups/images.php in Site@School (S@S) 2.4.02 and earlier allows remote attackers to upload and execute arbitrary files with executable extensions.
CVE-2002-1961 1 Finjan Software 1 Surfingate 2026-04-16 N/A
Finjan Software SurfinGate 6.0 and 6.0 1 allows remote attackers to bypass URL access restrictions via a URL whose hostname portion uses a fully qualified domain name (FQDN) that ends in a "." (dot).
CVE-1999-0054 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Sun's ftpd daemon can be subjected to a denial of service.
CVE-1999-0073 2 Digital, Sgi 3 Osf 1, Unix, Irix 2026-04-16 N/A
Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing an attacker to bypass the normal system libraries and gain root access.