Search Results (364448 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-3856 1 Ibm 1 Informix Dynamic Server 2026-04-16 N/A
IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 allows local users to cause a denial of service (crash) via unspecified vectors.
CVE-2006-3854 1 Ibm 1 Informix Dynamic Database Server 2026-04-16 N/A
Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.TC7, 9.40.TC8, 10.00.TC4, and 10.00.TC5, when running on Windows, allows remote attackers to execute arbitrary code via a long username, which causes an overflow in vsprintf when displaying in the resulting error message. NOTE: this issue is due to an incomplete fix for CVE-2006-3853.
CVE-2006-3853 1 Ibm 1 Informix Dynamic Server 2026-04-16 N/A
Buffer overflow in IBM Informix Dynamic Server (IDS) before 9.40.TC7 and 10.00 before 10.00.TC3, when running on Windows, allows remote attackers to execute arbitrary code via a long username.
CVE-2006-0430 1 Bea 1 Weblogic Server 2026-04-16 N/A
Certain configurations of BEA WebLogic Server and WebLogic Express 9.0, 8.1 through SP5, and 7.0 through SP6, when connection filters are enabled, cause the server to run more slowly, which makes it easier for remote attackers to cause a denial of service (server slowdown).
CVE-2006-0434 1 Phpxplorer 1 Phpxplorer 2026-04-16 N/A
Directory traversal vulnerability in action.php in phpXplorer allows remote attackers to read arbitrary files via ".." (dot dot) sequences and null bytes in the sAction parameter, a different vulnerability than CVE-2006-0244. NOTE: if the functionality of phpXplorer supports the upload of PHP files, then this issue would not cross privilege boundaries and would not be a vulnerability.
CVE-2002-0134 1 Avirt 1 Avirt Gateway Suite 2026-04-16 N/A
Telnet proxy in Avirt Gateway Suite 4.2 does not require authentication for connecting to the proxy system itself, which allows remote attackers to list file contents of the proxy and execute arbitrary commands via a "dos" command.
CVE-2006-0435 1 Oracle 2 Application Server, Http Server 2026-04-16 N/A
Unspecified vulnerability in Oracle PL/SQL (PLSQL), as used in Database Server DS 9.2.0.7 and 10.1.0.5, Application Server 1.0.2.2, 9.0.4.2, 10.1.2.0.2, 10.1.2.1.0, and 10.1.3.0.0, E-Business Suite and Applications 11.5.10, and Collaboration Suite 10.1.1, 10.1.2.0, 10.1.2.1, and 9.0.4.2, allows attackers to bypass the PLSQLExclusion list and access excluded packages and procedures, aka Vuln# PLSQL01.
CVE-2002-0579 1 Workforceroi 1 Xpede 2026-04-16 N/A
WorkforceROI Xpede 4.1 allows remote attackers to gain privileges as an Xpede administrator via a direct HTTP request to the /admin/adminproc.asp script, which does not prompt for a password.
CVE-2006-0446 1 Webwork 1 Webwork 2026-04-16 N/A
Unspecified vulnerability in WeBWorK 2.1.3 and 2.2-pre1 allows remote privileged attackers to execute arbitrary commands as the web server via unknown attack vectors.
CVE-2006-0447 1 E-post Corporation 3 Mail Server, Smtp Server, Spa-pro Mail Atsolomon 2026-04-16 N/A
Multiple buffer overflows in E-Post Mail Server 4.10 and SPA-PRO Mail @Solomon 4.00 allow remote attackers to execute arbitrary code via a long username to the (1) AUTH PLAIN or (2) AUTH LOGIN SMTP commands, which is not properly handled by (a) EPSTRS.EXE or (b) SPA-RS.EXE; (3) a long username in the APOP POP3 command, which is not properly handled by (c) EPSTPOP4S.EXE or (d) SPA-POP3S.EXE; (4) a long IMAP DELETE command, which is not properly handled by (e) EPSTIMAP4S.EXE or (f) SPA-IMAP4S.EXE.
CVE-2006-0448 1 E-post Corporation 2 Mail Server, Spa-pro Mail Atsolomon 2026-04-16 N/A
Multiple directory traversal vulnerabilities in (1) EPSTIMAP4S.EXE and (2) SPA-IMAP4S.EXE in the IMAP service in E-Post Mail 4.05 and SPA-PRO Mail 4.05 allow remote attackers to (a) list arbitrary directories or cause a denial of service via the LIST command; or create arbitrary files via the (b) APPEND, (c) COPY, or (d) RENAME commands.
CVE-2006-0457 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
Race condition in the (1) add_key, (2) request_key, and (3) keyctl functions in Linux kernel 2.6.x allows local users to cause a denial of service (crash) or read sensitive kernel memory by modifying the length of a string argument between the time that the kernel calculates the length and when it copies the data into kernel memory.
CVE-2006-0458 1 Irssi 1 Irssi 2026-04-16 N/A
The DCC ACCEPT command handler in irssi before 0.8.9+0.8.10rc5-0ubuntu4.1 in Ubuntu Linux, and possibly other distributions, allows remote attackers to cause a denial of service (application crash) via certain crafted arguments in a DCC command.
CVE-2006-0462 1 Andonet 1 Andonet Blog 2026-04-16 N/A
SQL injection vulnerability in comentarios.php in AndoNET Blog 2004.09.02 allows remote attackers to execute arbitrary SQL commands via the entrada parameter.
CVE-2006-2849 1 Andrew Godwin 1 Bytehoard 2026-04-16 N/A
PHP remote file inclusion vulnerability in includes/webdav/server.php in Bytehoard 2.1 Epsilon/Delta allows remote attackers to execute arbitrary PHP code via a URL in the bhconfig[bhfilepath] parameter.
CVE-2006-0465 1 Active121 1 Site Manager 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in risultati_ricerca.php in active121 Site Manager allows remote attackers to inject arbitrary web script or HTML via the cerca parameter.
CVE-2006-0466 1 Goldstag 1 Goldstag Content Management System 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in search.asp in Goldstag Content Management System allows remote attackers to inject arbitrary web script or HTML via the text parameter.
CVE-2006-0468 1 Stalker 1 Communigate Pro 2026-04-16 N/A
CommuniGate Pro Core Server before 5.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via LDAP messages with negative BER lengths, and possibly other vectors, as demonstrated by the ProtoVer LDAP test suite.
CVE-2006-0471 1 My Little Homepage 1 My Little Forum 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the bbcode function in functions.php in my little homepage my little forum, as last modified in June 2005, allows remote attackers to inject arbitrary Javascript via a javascript URI in BBcode link tags.
CVE-2006-2856 1 Activestate 1 Activeperl 2026-04-16 N/A
ActiveState ActivePerl 5.8.8.817 for Windows configures the site/lib directory with "Users" group permissions for changing files, which allows local users to gain privileges by creating a malicious sitecustomize.pl file in that directory. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.