Total
29739 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-4823 | 1 Hp | 1 Http Server | 2025-04-03 | N/A |
| Buffer overflow in the HP HTTP Server 5.0 through 5.95 of the HP Web-enabled Management Software allows remote attackers to execute arbitrary code via unknown vectors. | ||||
| CVE-2005-4820 | 1 Smc Networks | 1 Smc7904wbra | 2025-04-03 | N/A |
| SMC Wireless Router model SMC7904WBRA allows remote attackers to cause a denial of service (reboot) by flooding the router with traffic. | ||||
| CVE-2005-4822 | 1 Digger Solutions | 1 Intranet Open Source | 2025-04-03 | N/A |
| SQL injection vulnerability in projects/project-edit.asp in Digger Solutions Intranet Open Source (IOS) version 2.7.2 allows remote attackers to execute arbitrary SQL commands via the project_id parameter. | ||||
| CVE-2005-4859 | 1 Chitta | 1 Mimicboard | 2025-04-03 | N/A |
| mimicboard2 (Mimic2) 086 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for mimic2.dat. | ||||
| CVE-2006-0004 | 1 Microsoft | 1 Office | 2025-04-03 | N/A |
| Microsoft PowerPoint 2000 in Office 2000 SP3 has an interaction with Internet Explorer that allows remote attackers to obtain sensitive information via a PowerPoint presentation that attempts to access objects in the Temporary Internet Files Folder (TIFF). | ||||
| CVE-2005-1506 | 1 Cj | 1 Ultra Plus | 2025-04-03 | N/A |
| SQL injection vulnerability in out.php in CJ Ultra (CJUltra) Plus 1.0.3 and 1.0.4 allows remote attackers to execute arbitrary SQL commands via the perm parameter. | ||||
| CVE-2006-0117 | 1 Ibm | 3 Lotus Domino, Lotus Domino Enterprise Server, Lotus Notes | 2025-04-03 | N/A |
| Buffer overflow in IBM Lotus Notes and Domino Server before 6.5.5 allows attackers to cause a denial of service (router crash or hang) via unspecified vectors involving "CD to MIME Conversion". | ||||
| CVE-2006-0118 | 1 Ibm | 3 Lotus Domino, Lotus Domino Enterprise Server, Lotus Notes | 2025-04-03 | N/A |
| Unspecified vulnerability in IBM Lotus Notes and Domino Server before 6.5.5, when running on AIX, allows attackers to cause a denial of service (deep recursion leading to stack overflow and crash) via long formulas. | ||||
| CVE-2006-0145 | 1 Netbsd | 1 Netbsd | 2025-04-03 | N/A |
| The kernfs_xread function in kernfs in NetBSD 1.6 through 2.1, and OpenBSD 3.8, does not properly validate file offsets against negative 32-bit values that occur as a result of truncation, which allows local users to read arbitrary kernel memory and gain privileges via the lseek system call. | ||||
| CVE-2006-0167 | 1 Myphpim | 1 Myphpim | 2025-04-03 | N/A |
| SQL injection vulnerability in MyPhPim 01.05 allows remote attackers to execute arbitrary SQL commands via the (1) cal_id parameter in calendar.php3 and the (2) password field on the login page. | ||||
| CVE-2006-0168 | 1 Myphpim | 1 Myphpim | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in MyPhPim 01.05 allows remote attackers to inject arbitrary web script or HTML via the description field on the "Create New todo" page. | ||||
| CVE-2006-0169 | 1 Myphpim | 1 Myphpim | 2025-04-03 | N/A |
| addresses.php3 in MyPhPim 01.05 does not restrict uploaded files, which allows remote attackers to execute arbitrary PHP code via the pdbfile variable, then directly accessing those files from the uploads directory. | ||||
| CVE-2006-0171 | 1 Orjinweb | 1 Orjinweb E-commerce | 2025-04-03 | N/A |
| PHP remote file include vulnerability in index.php in OrjinWeb E-commerce allows remote attackers to execute arbitrary code via a URL in the page parameter. NOTE: it is not clear, but OrjinWeb might be an application service, in which case it should not be included in CVE. | ||||
| CVE-2006-0204 | 1 Wordcircle | 1 Wordcircle | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Wordcircle 2.17 allow remote attackers to inject arbitrary web script or HTML via (1) the "Course name" field in index.php when the frm parameter has the value "mine" and (2) possibly certain other fields in unspecified scripts. | ||||
| CVE-2006-0244 | 1 Phpxplorer | 1 Phpxplorer | 2025-04-03 | N/A |
| Directory traversal vulnerability in workspaces.php in phpXplorer 0.9.33 allows remote attackers to include arbitrary files via a .. (dot dot) and trailing null byte (%00) in the sShare parameter. NOTE: a followup post claims that this is not a vulnerability since the functionality of phpXplorer supports the upload of PHP files, which would not cross privilege boundaries since the PHP functionality would support read access outside the web root | ||||
| CVE-2006-0241 | 1 Webmobo | 1 Wbnews | 2025-04-03 | N/A |
| Cross-site scripting vulnerability in WBNews 1.1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the Name field. | ||||
| CVE-2006-0242 | 1 Php Fusebox | 1 Php Fusebox | 2025-04-03 | N/A |
| Cross-site scripting vulnerability in index.php in PHP Fusebox 4.0.6 allows remote attackers to inject arbitrary web script or HTML via the fuseaction parameter. | ||||
| CVE-2006-1915 | 1 Dbbs | 1 Dbbs | 2025-04-03 | N/A |
| SQL injection vulnerability in topics.php in DbbS 2.0-alpha and earlier allows remote attackers to execute arbitrary SQL commands via the fcategoryid parameter. | ||||
| CVE-2006-0327 | 1 Typo3 | 1 Typo3 | 2025-04-03 | N/A |
| TYPO3 3.7.1 allows remote attackers to obtain sensitive information via a direct request to (1) thumbs.php, (2) showpic.php, or (3) tables.php, which causes them to incorrectly define a variable and reveal the path in an error message when a require function call fails. | ||||
| CVE-2006-0328 | 1 Philippe Jounin | 1 Tftpd32 | 2025-04-03 | N/A |
| Format string vulnerability in Tftpd32 2.81 allows remote attackers to cause a denial of service via format string specifiers in a filename in a (1) GET or (2) SEND request. | ||||