Export limit exceeded: 29935 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29935 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-5047 | 1 Joomla | 1 Rs Gallery2 | 2026-04-23 | N/A |
| Unspecified vulnerability in rsgallery2.html.php in RS Gallery2 component (com_rsgallery2) before 1.11.3 for Joomla! allows attackers to execute arbitrary code. | ||||
| CVE-2006-3455 | 1 Symantec | 2 Client Security, Norton Antivirus | 2026-04-23 | N/A |
| The SAVRT.SYS device driver, as used in Symantec AntiVirus Corporate Edition 8.1 and 9.0.x up to 9.0.3, and Symantec Client Security 1.1 and 2.0.x up to 2.0.3, allows local users to execute arbitrary code via a modified address for the output buffer argument to the DeviceIOControl function. | ||||
| CVE-2007-0481 | 1 Cisco | 1 Ios Transmission Control Protocol | 2026-04-23 | N/A |
| Cisco IOS allows remote attackers to cause a denial of service (crash) via a crafted IPv6 Type 0 Routing header. | ||||
| CVE-2007-4255 | 1 Php | 1 Php | 2026-04-23 | N/A |
| Buffer overflow in the mSQL extension in PHP 5.2.3 allows context-dependent attackers to execute arbitrary code via a long first argument to the msql_connect function. | ||||
| CVE-2006-4099 | 1 Businessobjects | 1 Crystal Enterprise | 2026-04-23 | N/A |
| Business Objects Crystal Enterprise 9 and 10 generates predictable session identifiers, which allows remote attackers to hijack sessions of other users via WCSID cookie values. | ||||
| CVE-2006-5056 | 1 Opial | 1 Opial Audio Video Download Management | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Opial Audio/Video Download Management 1.0 allows remote attackers to inject arbitrary web script or HTML via the destination parameter in the Login view. | ||||
| CVE-2006-5059 | 1 Wired Community Software | 1 Wwwthreads | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in WWWthreads 5.4.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the Cat parameter to (1) dosearch.php, (2) postlist.php, (3) showmembers.php, (4) faq_english.php, (5) online.php, (6) login.php, (7) newuser.php, (8) wwwthreads.php, (9) search.php, or (10) postlist.php. | ||||
| CVE-2007-0911 | 1 Php | 1 Php | 2026-04-23 | N/A |
| Off-by-one error in the str_ireplace function in PHP 5.2.1 might allow context-dependent attackers to cause a denial of service (crash). | ||||
| CVE-2004-2762 | 1 Ibm | 2 Mvs, Tivoli Storage Manager | 2026-04-23 | N/A |
| The server in IBM Tivoli Storage Manager (TSM) 4.2.x on MVS, 5.1.9.x before 5.1.9.1, 5.1.x before 5.1.10, 5.2.2.x before 5.2.2.3, 5.2.x before 5.2.3, 5.3.x before 5.3.0, and 6.x before 6.1, when the HTTP communication method is enabled, allows remote attackers to cause a denial of service (daemon crash or hang) via unspecified HTTP traffic, as demonstrated by the IBM port scanner 1.3.1. | ||||
| CVE-2007-4355 | 1 Ibm | 1 Aix | 2026-04-23 | N/A |
| Buffer overflow in the at program on IBM AIX 5.3 allows local users to gain privileges via unspecified vectors. | ||||
| CVE-2007-0092 | 1 E-smart Cart | 1 E-smart Cart | 2026-04-23 | N/A |
| SQL injection vulnerability in productdetail.asp in E-SMARTCART 1.0 allows remote attackers to execute arbitrary SQL commands via the product_id parameter. | ||||
| CVE-2006-5063 | 1 Stefan Ritt | 1 Elog Web Logbook | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Elog 2.6.1 allows remote attackers to inject arbitrary web script or HTML by editing log entries in HTML mode. | ||||
| CVE-2006-5065 | 1 Zoomstats | 1 Zoomstats | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in libs/dbmax/mysql.php in ZoomStats 1.0.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[lib][db][path] parameter. | ||||
| CVE-2006-5066 | 1 Danphpsupport | 1 Danphpsupport | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in DanPHPSupport 0.5, and other versions before 1.0, allow remote attackers to inject arbitrary web script or HTML via the (1) page parameter in index.php or the (2) do parameter in admin.php. | ||||
| CVE-2007-0082 | 1 Imgallery | 1 Imgallery | 2026-04-23 | N/A |
| users_adm/start1.php in IMGallery 2.5 and earlier does not properly handle files with multiple extensions, which allows remote authenticated users to upload and execute arbitrary PHP scripts. | ||||
| CVE-2007-0380 | 1 Docman | 1 Docman | 2026-04-23 | N/A |
| DocMan 1.3 RC2 allows remote attackers to obtain sensitive information (the full path) via unspecified vectors. | ||||
| CVE-2006-4098 | 1 Cisco | 1 Secure Access Control Server | 2026-04-23 | N/A |
| Stack-based buffer overflow in the CSRadius service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 and ACS Solution Engine before 4.1 allows remote attackers to execute arbitrary code via a crafted RADIUS Accounting-Request packet. | ||||
| CVE-2006-5070 | 1 Facestones | 1 Facestones | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in fsl2/objects/fs_form_links.php in faceStones Personal 2.0.42 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[fsinit][objpath] parameter. | ||||
| CVE-2006-5077 | 1 Minerva | 1 Minerva | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in admin/admin_topic_action_logging.php in Chris Smith Minerva Build 238 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | ||||
| CVE-2006-5078 | 1 Polaring | 1 Polaring | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in view/general.php in Kristian Niemi Polaring 00.04.03 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _SESSION[dirMain] parameter. | ||||