Search Results (364396 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-2819 1 Barnraiser 1 Igloo 2026-04-16 N/A
PHP remote file inclusion vulnerability in Wiki.php in Barnraiser Igloo 0.1.9 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the c_node[class_path] parameter.
CVE-2006-0356 1 Ari Pikivirta 1 Home Ftp Server 2026-04-16 N/A
Ari Pikivirta Home Ftp Server 1.0.7 allows remote attackers to cause an unspecified denial of service via a long USER command combined with a long PASS command.
CVE-2006-0353 1 Gnu 1 Lsh 2026-04-16 N/A
unix_random.c in lshd for lsh 2.0.1 leaks file descriptors related to the randomness generator, which allows local users to cause a denial of service by truncating the seed file, which prevents the server from starting, or obtain sensitive seed information that could be used to crack keys.
CVE-2006-0347 1 Stefan Ritt 1 Elog Web Logbook 2026-04-16 N/A
Directory traversal vulnerability in ELOG before 2.6.1 allows remote attackers to access arbitrary files outside of the elog directory via "../" (dot dot) sequences in the URL.
CVE-2002-0122 1 Siemens 1 3568i Wap 2026-04-16 N/A
Siemens 3568i WAP mobile phones allows remote attackers to cause a denial of service (crash) via an SMS message containing unusual characters.
CVE-2000-0375 1 Freebsd 1 Freebsd 2026-04-16 N/A
The kernel in FreeBSD 3.2 follows symbolic links when it creates core dump files, which allows local attackers to modify arbitrary files.
CVE-2006-0342 1 Rockliffe 1 Mailsite 2026-04-16 N/A
RockLiffe MailSite HTTP Mail management agent (httpma) 7.0.3.1 allows remote attackers to cause a denial of service (CPU consumption and crash) via a malformed query string containing special characters such as "|".
CVE-2000-0374 1 Caldera 1 Openlinux 2026-04-16 N/A
The default configuration of kdm in Caldera and Mandrake Linux, and possibly other distributions, allows XDMCP connections from any host, which allows remote attackers to obtain sensitive information or bypass additional access restrictions.
CVE-2006-0339 1 Bitcomet 1 Bitcomet 2026-04-16 N/A
Buffer overflow in BitComet Client 0.60 allows remote attackers to execute arbitrary code, when the publisher's name link is clicked, via a long publisher URI in a torrent file.
CVE-2002-0120 1 Palm 1 Palm Desktop 2026-04-16 N/A
Apple Palm Desktop 4.0b76 and 4.0b77 creates world-readable backup files and folders when a hotsync is performed, which could allow a local user to obtain sensitive information.
CVE-2006-0330 1 Gallery Project 1 Gallery 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Gallery before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors, possibly involving the user name (fullname).
CVE-2006-0323 2 Realnetworks, Redhat 5 Helix Player, Realone Player, Realplayer and 2 more 2026-04-16 N/A
Buffer overflow in swfformat.dll in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, Rhapsody 3, and Helix Player allows remote attackers to execute arbitrary code via a crafted SWF (Flash) file with (1) a size value that is less than the actual size, or (2) other unspecified manipulations.
CVE-2006-0319 1 Farmers Wife 1 Farmers Wife 2026-04-16 N/A
Directory traversal vulnerability in the FTP server (port 22003/tcp) in Farmers WIFE 4.4 SP1 allows remote attackers to create arbitrary files via ".." (dot dot) sequences in a (1) PUT, (2) SIZE, and possibly other commands.
CVE-2006-2815 1 Two Shoes Mambo Factory 1 Simpleboard 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Two Shoes M-Factory (TSMF) SimpleBoard 1.1.0 Stable (aka com_simpleboard), as used in Mambo and Joomla!, allow remote attackers to inject arbitrary web script or HTML via (1) the Name field in "post ne topic" in the Frontend, (2) the Title (aka Community-Title) field in Simpleboard Configuration in the Backend Admin Panel, and the (3) Name (aka Forum-Title) and (4) Name (aka Category-Title) fields in Simpleboard Administration in the Backend Admin Panel. NOTE: some sources have stated that the sb_authorname parameter is affected, but it is unclear which field is related to it.
CVE-2006-2813 1 Ishopcart 1 Ishopcart 2026-04-16 N/A
Directory traversal vulnerability in easy-scart.cgi in iShopCart allows remote attackers to read arbitrary files via a .. (dot dot) in the query string.
CVE-2006-0314 1 Pdfdirectory 1 Pdfdirectory 2026-04-16 N/A
PDFdirectory before 1.0 stores sensitive data in plaintext, which allows remote attackers to obtain arbitrary users' passwords by direct queries to the database, possibly via one of the SQL injection vulnerabilities.
CVE-2000-0358 1 Redhat 1 Linux 2026-04-16 N/A
ORBit and gnome-session in Red Hat Linux 6.1 allows remote attackers to crash a program.
CVE-2002-0116 1 Palm 1 Palm Os 2026-04-16 N/A
Palm OS 3.5h and possibly other versions, as used in Handspring Visor and Xircom products, allows remote attackers to cause a denial of service via a TCP connect scan, e.g. from nmap.
CVE-2000-0352 1 University Of Washington 1 Pine 2026-04-16 N/A
Pine before version 4.21 does not properly filter shell metacharacters from URLs, which allows remote attackers to execute arbitrary commands via a malformed URL.
CVE-2006-0312 1 Mike Helton 1 Aoblogger 2026-04-16 N/A
create.php in aoblogger 2.3 allows remote attackers to bypass authentication and create new blog entries by setting the uza parameter to 1.