Search Results (363662 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-0963 1 Toshiba 1 Acpi Flash Bios 2026-04-16 N/A
An error in the Toshiba ACPI BIOS 1.6 causes the BIOS to only examine the first slot in the Master Boot Record (MBR) table for an active partition, which prevents the system from booting even though the MBR is not malformed. NOTE: it has been debated as to whether or not this issue poses a security vulnerability, since administrative privileges would be required, and other DoS attacks are possible with such privileges.
CVE-2005-0964 1 Kerio 1 Personal Firewall 2026-04-16 N/A
Unknown vulnerability in Kerio Personal Firewall 4.1.2 and earlier allows local users to bypass firewall rules via a malicious process that impersonates a legitimate process that has fewer restrictions.
CVE-2006-1498 1 Mediawiki 1 Mediawiki 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.5.8 and 1.4.15 allows remote attackers to inject arbitrary web script or HTML via crafted encoded links.
CVE-2001-0693 1 Webtrends 2 Webtrends Enterprise Reporting Server, Webtrends Enterprise Reporting Server Nt 2026-04-16 N/A
WebTrends HTTP Server 3.1c and 3.5 allows a remote attacker to view script source code via a filename followed by an encoded space (%20).
CVE-2005-0966 2 Redhat, Rob Flynn 2 Enterprise Linux, Gaim 2026-04-16 N/A
The IRC protocol plugin in Gaim 1.2.0, and possibly earlier versions, allows (1) remote attackers to inject arbitrary Gaim markup via irc_msg_kick, irc_msg_mode, irc_msg_part, irc_msg_quit, (2) remote attackers to inject arbitrary Pango markup and pop up empty dialog boxes via irc_msg_invite, or (3) malicious IRC servers to cause a denial of service (application crash) by injecting certain Pango markup into irc_msg_badmode, irc_msg_banned, irc_msg_unknown, irc_msg_nochan functions.
CVE-2001-0695 1 Texas Imperial Software 1 Wftpd 2026-04-16 N/A
WFTPD 3.00 R5 allows a remote attacker to cause a denial of service by making repeated requests to cd to the floppy drive (A:\).
CVE-2005-0970 1 Apple 1 Mac Os X 2026-04-16 N/A
Mac OS X 10.3.9 and earlier allows users to install, create, and execute setuid/setgid scripts, contrary to the intended design, which may allow attackers to conduct unauthorized activities with escalated privileges via vulnerable scripts.
CVE-2005-0975 2 Apple, Opendarwin 3 Mac Os X, Mac Os X Server, Darwin Kernel 2026-04-16 N/A
Integer signedness error in the parse_machfile function in the mach-o loader (mach_loader.c) for the Darwin Kernel as used in Mac OS X 10.3.7, and other versions before 10.3.9, allows local users to cause a denial of service (CPU consumption) via a crafted mach-o header.
CVE-2006-1499 1 Source Workshop 1 Vcounter 2026-04-16 N/A
SQL injection vulnerability in vCounter.php in vCounter 1.0 allows remote attackers to execute arbitrary SQL commands via the URI (_SERVER[REQUEST_URI] variable).
CVE-2005-0976 3 Apple, Hmdt, Omnigroup 3 Safari, Shiira, Omniweb 2026-04-16 N/A
AppleWebKit (WebCore and WebKit), as used in multiple products such as Safari 1.2 and OmniGroup OmniWeb 5.1, allows remote attackers to read arbitrary files via the XMLHttpRequest Javascript component, as demonstrated using automatically mounted disk images and file:// URLs.
CVE-2001-0707 1 Denicomp 1 Rshd 2026-04-16 N/A
Denicomp RSHD 2.18 and earlier allows a remote attacker to cause a denial of service (crash) via a long string to port 514.
CVE-2005-0977 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The shmem_nopage function in shmem.c for the tmpfs driver in Linux kernel 2.6 does not properly verify the address argument, which allows local users to cause a denial of service (kernel crash) via an invalid address.
CVE-2006-1504 1 Arab Portal 1 Arab Portal 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Arab Portal 2.0 (aka Arab Dynamic Portal or ADP) stable allow remote attackers to inject arbitrary web script or HTML via the title parameter in (1) online.php and (2) download.php.
CVE-2005-0980 1 Alstrasoft 1 Epay 2026-04-16 N/A
PHP remote file inclusion vulnerability in index.php in AlstraSoft EPay Pro 2.0 allows remote attackers to execute arbitrary PHP code by modifying the view parameter to reference a URL on a remote web server that contains the code.
CVE-2006-1506 1 Sun 2 Grid Engine, N1 Grid Engine 2026-04-16 N/A
Unspecified vulnerability in rsh in Sun Microsystems Sun Grid Engine 5.3 before 20060327 and N1 Grid Engine 6.0 before 20060327 allows local users to gain root privileges.
CVE-2006-3204 1 Ultimate Php Board 1 Ultimate Php Board 2026-04-16 N/A
Ultimate PHP Board (UPB) 1.9.6 and earlier uses a cryptographically weak block cipher with a large key collision space, which allows remote attackers to determine a suitable decryption key given the plaintext and ciphertext by obtaining the plaintext password, which is sent when logging in, and the ciphertext, which is set in the pass_env cookie.
CVE-2005-0982 1 Yet Another Forum.net 1 Yet Another Forum.net 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Yet Another Forum.net 0.9.9 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) location, or (3) Subject field.
CVE-2005-0983 4 Activision, Id Software, Lucasarts and 1 more 10 Call Of Duty, Call Of Duty United Offensive, Return To Castle Wolfenstein and 7 more 2026-04-16 N/A
Quake 3 engine, as used in multiple games, allows remote attackers to cause a denial of service (client disconnect) via a long message, which is not properly truncated and causes the engine to process the remaining data as if it were network data.
CVE-2006-1508 1 Mh Software 1 Connect Daily 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in MH Software Connect Daily Web Calendar Software 3.2.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) calendar_id, (2) style_sheet, and (3) start parameters in (a) ViewDay.html; the (4) txtSearch and (5) opgSearch parameters in (b) ViewSearch.html; the (6) calendar_id and (7) approved parameters in (c) ViewYear.html; the (8) item_type_id parameter in (d) ViewCal.html; and the (9) week parameter in (e) ViewWeek.html.
CVE-2005-0985 1 Apple 1 Mac Os X 2026-04-16 N/A
Unspecified vulnerability in the Mac OS X kernel before 10.3.8 allows local users to cause a denial of service (temporary hang) via unspecified attack vectors related to the fan control unit (FCU) driver.