Export limit exceeded: 351254 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (351254 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-5600 | 1 Axalto | 1 Protiva | 2026-04-23 | N/A |
| Axalto Protiva 1.1, possibly only non-commercial versions, stores passwords in plaintext in files with insecure permissions, which allows local users to gain privileges by reading the passwords from (1) KeyTool\keytool.config or (2) webapps\protiva\WEB-INF\classes\authserver.config. | ||||
| CVE-2006-5601 | 1 Xsupplicant | 1 Xsupplicant | 2026-04-23 | N/A |
| Stack-based buffer overflow in the eap_do_notify function in eap.c in xsupplicant before 1.2.6, and possibly other versions, allows remote authenticated users to execute arbitrary code via unspecified vectors. | ||||
| CVE-2006-5602 | 1 Xsupplicant | 1 Xsupplicant | 2026-04-23 | N/A |
| Multiple memory leaks in xsupplicant before 1.2.6, and possibly other versions, allow attackers to cause a denial of service (memory consumption) via unspecified vectors. | ||||
| CVE-2006-5603 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2026-04-23 | 9.8 Critical |
| SQL injection vulnerability in pop_mail.asp in Snitz Forums 2000 3.4.06 allows remote attackers to execute arbitrary SQL commands via the RC parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2006-5604 | 1 Phpcards | 1 Phpcards | 2026-04-23 | N/A |
| Directory traversal vulnerability in phpcards.header.php in phpCards 1.3 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the CardLanguageFile parameter. | ||||
| CVE-2006-5605 | 1 Phpcards | 1 Phpcards | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpcards.footer.php in phpCards 1.3 allow remote attackers to inject arbitrary web script or HTML via the CardFontFace parameter and other unspecified parameters. | ||||
| CVE-2006-5606 | 1 Bytesfall Explorer | 1 Bytesfall Explorer | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in BytesFall Explorer (bfExplorer) 0.0.7.1 and earlier allow remote attackers to execute arbitrary SQL commands via the username ($User variable) to login/doLogin.php and other unspecified vectors. | ||||
| CVE-2006-5607 | 1 Inca | 1 Im-204 Adsl Router | 2026-04-23 | N/A |
| Directory traversal vulnerability in /cgi-bin/webcm in INCA IM-204 allows remote attackers to read arbitrary files via a "/./." (modified dot dot) sequences in the getpage parameter. | ||||
| CVE-2006-5608 | 1 Drupal | 1 Extended Tracker | 2026-04-23 | N/A |
| SQL injection vulnerability in Extended Tracker (xtracker) 4.7 before 1.5.2.1 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to "parameters from URLs." | ||||
| CVE-2006-5609 | 1 Torrentflux | 1 Torrentflux | 2026-04-23 | N/A |
| Directory traversal vulnerability in dir.php in TorrentFlux 2.1 allows remote attackers to list arbitrary directories via "\.\./" sequences in the dir parameter. | ||||
| CVE-2006-5610 | 1 Fully Modded Phpbb | 1 Fully Modded Phpbb | 2026-04-23 | 9.8 Critical |
| PHP remote file inclusion vulnerability in player/includes/common.php in Teake Nutma Foing, as modified in Fully Modded phpBB (phpbbfm) 2021.4.40, allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | ||||
| CVE-2006-5611 | 1 Toshiba | 1 Bluetooth Stack | 2026-04-23 | N/A |
| Unspecified vulnerability in Toshiba Bluetooth Stack before 4.20.01 has unspecified impact and attack vectors, related to the 4.20.01(T) "Security fix." NOTE: due to the lack of details in the vendor advisory, it is not clear whether this issue is related to CVE-2006-5405. | ||||
| CVE-2006-5612 | 1 Michel Pradel | 1 Gestart | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in aide.php3 (aka aide.php) in GestArt beta 1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the aide parameter. | ||||
| CVE-2006-5613 | 1 Mp3 Streaming Downsampler | 1 Mp3 Streaming Downsampler | 2026-04-23 | N/A |
| PHP remote file inclusion in Core/core.inc.php in MP3 Streaming DownSampler (mp3SDS) 3.0, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the fullpath parameter | ||||
| CVE-2006-5614 | 1 Microsoft | 2 Windows Nt Helper Components, Windows Xp | 2026-04-23 | N/A |
| Microsoft Windows NAT Helper Components (ipnathlp.dll) on Windows XP SP2, when Internet Connection Sharing is enabled, allows remote attackers to cause a denial of service (svchost.exe crash) via a malformed DNS query, which results in a null pointer dereference. | ||||
| CVE-2006-5615 | 1 Textpattern | 1 Textpattern | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in publish.php in Textpattern 1.19, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the txpcfg[txpath] parameter. | ||||
| CVE-2006-5616 | 2 Openpbs, Suse | 2 Openpbs, Suse Linux | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in OpenPBS, as used in SUSE Linux 9.2 through 10.1, allow attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2006-5617 | 1 Thepeak | 1 Thepeak File Upload Manager | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in Thepeak File Upload Manager 1.3 allows remote attackers to read or download arbitrary files via a base64-encoded file path containing a .. (dot dot) sequence in the file parameter. | ||||
| CVE-2006-5618 | 1 Netref | 1 Netref | 2026-04-23 | N/A |
| Directory traversal vulnerability in script/cat_for_aff.php in Netref 4 allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the ad_direct parameter. | ||||
| CVE-2006-5619 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-23 | N/A |
| The seqfile handling (ip6fl_get_n function in ip6_flowlabel.c) in Linux kernel 2.6 up to 2.6.18-stable allows local users to cause a denial of service (hang or oops) via unspecified manipulations that trigger an infinite loop while searching for flowlabels. | ||||