Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-5318 1 Nayco 1 Jasmine 2025-04-09 N/A
PHP remote file inclusion vulnerability in index.php in Nayco JASmine (aka Jasmine-Web) allows remote attackers to execute arbitrary PHP code via an FTP URL in the section parameter.
CVE-2006-5471 1 Softerra 1 Php Developer Library 2025-04-09 N/A
PHP remote file inclusion vulnerability in example/lib/grid3.lib.php in Softerra PHP Developer Library 1.5.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the (1) cfg_dir and (2) lib_dir parameters.
CVE-2007-3632 1 Limesurvey 1 Limesurvey 2025-04-09 N/A
Multiple PHP remote file inclusion vulnerabilities in LimeSurvey (aka PHPSurveyor) 1.49RC2 allow remote attackers to execute arbitrary PHP code via a URL in the homedir parameter to (1) OLE/PPS/File.php, (2) OLE/PPS/Root.php, (3) Spreadsheet/Excel/Writer.php, or (4) OLE/PPS.php in admin/classes/pear/; or (5) Worksheet.php, (6) Parser.php, (7) Workbook.php, (8) Format.php, or (9) BIFFwriter.php in admin/classes/pear/Spreadsheet/Excel/Writer/.
CVE-2006-5876 1 Libsoup 1 Libsoup 2025-04-09 N/A
The soup_headers_parse function in soup-headers.c for libsoup HTTP library before 2.2.99 allows remote attackers to cause a denial of service (crash) via malformed HTTP headers, probably involving missing fields or values.
CVE-2006-6075 1 Baalasp 1 Smart Form Portal 2025-04-09 N/A
Cross-site scripting (XSS) vulnerability in addpost1.asp in BaalAsp forum allows remote attackers to inject arbitrary web script or HTML via the name parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-1674 1 Landesk 1 Landesk Management Suite 2025-04-09 N/A
Stack-based buffer overflow in the Alert Service (aolnsrvr.exe) in LANDesk Management Suite 8.7 allows remote attackers to execute arbitrary code via a crafted packet to port 65535/UDP.
CVE-2007-0878 1 Microsoft 1 Windows Mobile 2025-04-09 N/A
Unspecified vulnerability in Microsoft Internet Explorer on Windows Mobile 5.0 allows remote attackers to cause a denial of service (loss of browser and other device functionality) via a malformed WML page, related to an "overflow state." NOTE: it is possible that this issue is related to CVE-2007-0685.
CVE-2006-5216 1 Sergey Lyubka 1 Simple Httpd 2025-04-09 N/A
Stack-based buffer overflow in Sergey Lyubka Simple HTTPD (shttpd) 1.34 allows remote attackers to execute arbitrary code via a long URI.
CVE-2007-0252 1 Easy-content Filemanager 1 Easy-content Filemanager 2025-04-09 N/A
Unspecified vulnerability in easy-content filemanager allows remote attackers to upload or modify arbitrary files via unspecified vectors.
CVE-2006-6014 1 Netbsd 1 Netbsd 2025-04-09 N/A
The NetBSD-current kernel before 20061028 does not properly perform bounds checking of an unspecified userspace parameter in the ptrace system call during a PT_DUMPCORE request, which allows local users to have an unknown impact.
CVE-2007-0255 1 Xine 1 Xine 2025-04-09 N/A
XINE 0.99.4 allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a certain M3U file that contains a long #EXTINF line and contains format string specifiers in an invalid udp:// URI, possibly a variant of CVE-2007-0017.
CVE-2007-0752 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
The PPP daemon (pppd) in Apple Mac OS X 10.4.8 checks ownership of the stdin file descriptor to determine if the invoker has sufficient privileges, which allows local users to load arbitrary plugins and gain root privileges by bypassing this check.
CVE-2007-1677 2 Navision Software, Netbsd 2 Navision Financials Server, Netbsd 2025-04-09 N/A
Multiple buffer overflows in the ISO network protocol support in the NetBSD kernel 2.0 through 4.0_BETA2, and NetBSD-current before 20070329, allow local users to execute arbitrary code via long parameters to certain functions, as demonstrated by a long sockaddr structure argument to the clnp_route function.
CVE-2007-2663 1 Beacon 1 Beacon 2025-04-09 N/A
PHP remote file inclusion vulnerability in language/1/splash.lang.php in Beacon 0.2.0 allows remote attackers to execute arbitrary PHP code via a URL in the languagePath parameter.
CVE-2006-6853 1 Mozilla 1 Durian Web Application Server 2025-04-09 N/A
Buffer overflow in Durian Web Application Server 3.02 freeware on Windows allows remote attackers to execute arbitrary code via a long string in a crafted packet to TCP port 4002.
CVE-2006-6858 1 Miredo 1 Miredo 2025-04-09 N/A
Miredo 0.9.8 through 1.0.5 does not properly authenticate a Teredo bubble during UDP hole punching with HMAC-MD5-64 hashing, which allows remote attackers to impersonate an arbitrary Teredo client.
CVE-2007-1706 1 Ewebquiz 1 Ewebquiz 2025-04-09 N/A
SQL injection vulnerability in eWebQuiz.asp in eWebQuiz 8 allows remote attackers to execute arbitrary SQL commands via the QuizID parameter.
CVE-2006-6059 1 Netgear 1 Ma521 Driver 2025-04-09 N/A
Buffer overflow in MA521nd5.SYS driver 5.148.724.2003 for NetGear MA521 PCMCIA adapter allows remote attackers to execute arbitrary code via (1) beacon or (2) probe 802.11 frame responses with an long supported rates information element. NOTE: this issue was reported as a "memory corruption" error, but the associated exploit code suggests that it is a buffer overflow.
CVE-2006-6062 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 N/A
Unspecified vulnerability in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to cause a denial of service (crash) via a malformed UDTO HFS+ disk image, such as with "bad sectors," which triggers memory corruption.
CVE-2006-6063 1 Un4seen 1 Xmplay 2025-04-09 N/A
Stack-based buffer overflow in Un4seen XMPlay 3.3.0.5 and earlier allows remote attackers to execute arbitrary code via a M3U file containing a long (1) FileName, and cause a crash via a long (2) DisplayName.