Export limit exceeded: 29923 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29923 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-5721 | 1 Agnitum | 1 Outpost Firewall | 2026-04-23 | N/A |
| The \Device\SandBox driver in Outpost Firewall PRO 4.0 (964.582.059) allows local users to cause a denial of service (system crash) via an invalid argument to the DeviceIoControl function that triggers an invalid memory operation. | ||||
| CVE-2006-5714 | 1 Efs Software | 1 Efs Web Server | 2026-04-23 | N/A |
| Easy File Sharing (EFS) Web Server 4.0, when running on an NTFS file system, allows remote attackers to read arbitrary files under the web root by appending "::$DATA" to the end of a HTTP GET request, which accesses the alternate data stream. | ||||
| CVE-2006-5722 | 1 Middlebury College | 1 Segue Cms | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Segue CMS 1.5.9 and earlier, when magic_quotes_gpc is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the theme parameter to (1) themesettings.php or (2) index.php, a different vector than CVE-2006-5497. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-5723 | 1 Dataparksearch | 1 Dataparksearch | 2026-04-23 | N/A |
| SQL injection vulnerability in DataparkSearch Engine 4.42 and earlier allows remote attackers to execute arbitrary SQL commands via a malformed hostname in a URL. | ||||
| CVE-2006-5009 | 1 Ibm | 1 Aix | 2026-04-23 | N/A |
| Unspecified vulnerability in xlock in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands and overwrite arbitrary files via unspecified vectors, possibly involving a buffer overflow. | ||||
| CVE-2006-5005 | 1 Ibm | 1 Aix | 2026-04-23 | N/A |
| Unspecified vulnerability in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors involving /etc/slip.login. | ||||
| CVE-2006-5010 | 1 Ibm | 1 Aix | 2026-04-23 | N/A |
| Untrusted search path vulnerability in acctctl in IBM AIX 5.3.0 allows local users to execute arbitrary commands by modifying the path to point to a malicious mkdir program. | ||||
| CVE-2006-4927 | 1 Symantec | 2 Naveng Driver, Navex15 Driver | 2026-04-23 | N/A |
| The (a) NAVENG (NAVENG.SYS) and (b) NAVEX15 (NAVEX15.SYS) device drivers 20061.3.0.12 and later, as used in Symantec AntiVirus and security products, allow local users to gain privileges by overwriting critical system addresses using a crafted Irp to the IOCTL functions (1) 0x222AD3, (2) 0x222AD7, and (3) 0x222ADB. | ||||
| CVE-2006-4839 | 1 Sophos | 1 Sophos Anti-virus | 2026-04-23 | N/A |
| Sophos Anti-Virus 5.1 allows remote attackers to cause a denial of service (memory consumption) via a file that is compressed with Petite and contains a large number of sections. | ||||
| CVE-2006-4902 | 1 Symantec | 3 Veritas Netbackup Client, Veritas Netbackup Enterprise Server, Veritas Netbackup Server | 2026-04-23 | N/A |
| The NetBackup bpcd daemon (bpcd.exe) in Symantec Veritas NetBackup 5.0 before 5.0_MP7, 5.1 before 5.1_MP6, and 6.0 before 6.0_MP4 does not properly check for chained commands, which allows remote attackers to execute arbitrary commands by appending malicious commands to valid commands. | ||||
| CVE-2006-5718 | 1 Phpmyadmin | 1 Phpmyadmin | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in error.php in phpMyAdmin 2.6.4 through 2.9.0.2 allows remote attackers to inject arbitrary web script or HTML via UTF-7 or US-ASCII encoded characters, which are injected into an error message, as demonstrated by a request with a utf7 charset parameter accompanied by UTF-7 data. | ||||
| CVE-2006-5724 | 1 Mirabilis | 1 Icq | 2026-04-23 | N/A |
| Heap-based buffer overflow the "Answering Service" function in ICQ 2003b Build 3916 allows local users to cause a denial of service (application crash) via a long string in the "AwayMsg Presets" value in the ICQ\ICQPro\DefaultPrefs\Presets registry key. | ||||
| CVE-2006-4807 | 1 Enlightenment | 1 Imlib2 | 2026-04-23 | N/A |
| loader_tga.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) via a crafted TGA image that triggers an out-of-bounds memory read, a different issue than CVE-2006-4808. | ||||
| CVE-2006-4806 | 1 Enlightenment | 1 Imlib2 | 2026-04-23 | N/A |
| Multiple integer overflows in imlib2 allow user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) ARGB (loader_argb.c), (2) PNG (loader_png.c), (3) LBM (loader_lbm.c), (4) JPEG (loader_jpeg.c), or (5) TIFF (loader_tiff.c) images. | ||||
| CVE-2006-4808 | 1 Enlightenment | 1 Imlib2 | 2026-04-23 | N/A |
| Heap-based buffer overflow in loader_tga.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TGA image. | ||||
| CVE-2006-4248 | 1 Acme Labs | 1 Thttpd | 2026-04-23 | N/A |
| thttpd on Debian GNU/Linux, and possibly other distributions, allows local users to create or touch arbitrary files via a symlink attack on the start_thttpd temporary file. | ||||
| CVE-2006-4843 | 1 Ibm | 1 Lotus Domino | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Active Content Filter feature in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to inject arbitrary web script or HTML via unspecified "code sequences" that bypass the protection scheme. | ||||
| CVE-2006-4925 | 1 Openbsd | 1 Openssh | 2026-04-23 | N/A |
| packet.c in ssh in OpenSSH allows remote attackers to cause a denial of service (crash) by sending an invalid protocol sequence with USERAUTH_SUCCESS before NEWKEYS, which causes newkeys[mode] to be NULL. | ||||
| CVE-2006-4926 | 1 Kaspersky Lab | 4 Kaspersky Anti-virus, Kaspersky Anti-virus Personal, Kaspersky Anti-virus Personal Pro and 1 more | 2026-04-23 | N/A |
| The NDIS-TDI Hooking Engine, as used in the (1) KLICK (KLICK.SYS) and (2) KLIN (KLIN.SYS) device drivers 2.0.0.281 for in Kaspersky Labs Anti-Virus 6.0.0.303 and other Anti-Virus and Internet Security products, allows local users to execute arbitrary code via crafted Irp structure with invalid addresses in the 0x80052110 IOCTL. | ||||
| CVE-2006-4980 | 2 Python, Redhat | 3 Python, Enterprise Linux, Network Satellite | 2026-04-23 | N/A |
| Buffer overflow in the repr function in Python 2.3 through 2.6 before 20060822 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via crafted wide character UTF-32/UCS-4 strings to certain scripts. | ||||