Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-3124 1 Streamripper 1 Streamripper 2026-04-16 N/A
Buffer overflow in the HTTP header parsing in Streamripper before 1.61.26 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted HTTP headers.
CVE-2006-3687 2 D-link, Dlink 7 Di-604 Broadband Router, Di-784, Ebr-2310 Ethernet Broadband Router and 4 more 2026-04-16 N/A
Stack-based buffer overflow in the Universal Plug and Play (UPnP) service in D-Link DI-524, DI-604 Broadband Router, DI-624, D-Link DI-784, WBR-1310 Wireless G Router, WBR-2310 RangeBooster G Router, and EBR-2310 Ethernet Broadband Router allows remote attackers to execute arbitrary code via a long M-SEARCH request to UDP port 1900.
CVE-2006-1139 1 Xerox 12 Copycentre C65, Copycentre C65 Firmware, Copycentre C75 and 9 more 2026-04-16 N/A
Unspecified vulnerability in the ESS/ Network Controller in Xerox CopyCentre and Xerox WorkCentre Pro, running software 1.001.02.073 or earlier, or 1.001.02.074 before 1.001.02.715, causes the Immediate Image Overwrite feature to fail after a power loss, which could leave data exposed to attack.
CVE-2006-1140 1 Redblog 1 Redblog 2026-04-16 N/A
SQL injection vulnerability in rss.php in RedBLoG 0.5 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
CVE-2006-3125 1 Gtetrinet 1 Gtetrinet 2026-04-16 N/A
Array index error in tetrinet.c in gtetrinet 0.7.8 and earlier allows remote attackers to execute arbitrary code via a packet specifying a negative number of players, which is used as an array index.
CVE-2006-1142 1 Solido Systems 1 Ravenous Web Server 2026-04-16 N/A
Unspecified vulnerability in Ravenous Web Server before 0.7.1 allows remote attackers to access arbitrary rvplg files, with unknown impact.
CVE-2006-1145 1 Cor Entertainment 1 Alien Arena 2006 2026-04-16 N/A
Format string vulnerability in the safe_cprintf function in acebot_cmds.c in Alien Arena 2006 Gold Edition 5.00 allows remote attackers (possibly authenticated) to execute arbitrary code via unspecified vectors when the server sends crafted messages to the clients.
CVE-2006-1146 1 Cor Entertainment 1 Alien Arena 2006 2026-04-16 N/A
Stack-based buffer overflow in the Cmd_Say_f function in g_cmds.c in Alien Arena 2006 Gold Edition 5.00 allows remote attackers (possibly authenticated) to execute arbitrary code by sending a long message to the server.
CVE-2005-0109 5 Freebsd, Redhat, Sco and 2 more 9 Freebsd, Enterprise Linux, Enterprise Linux Desktop and 6 more 2026-04-16 N/A
Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses.
CVE-2005-0112 1 3com 1 3crwe454g72 2026-04-16 N/A
The web-based administrative interface for 3Com OfficeConnect Wireless 11g Access Point (AP) 1.00.08, and possibly earlier versions before 1.03.07A, allows remote attackers to bypass authentication and obtain sensitive information by directly accessing the (1) config.bin (2) profile.wlp?PN=ggg or (3) event.logs URLs.
CVE-2002-0322 1 Yahoo 1 Messenger 2026-04-16 N/A
Yahoo! Messenger 4.0 sends user passwords in cleartext, which could allow remote attackers to gain privileges of other users via sniffing.
CVE-2005-0113 1 Sgi 1 Irix 2026-04-16 N/A
inpview in SGI IRIX allows local users to execute arbitrary commands via the SUN_TTSESSION_CMD environment variable, which is executed by inpview without dropping privileges.
CVE-2006-1190 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 5.01 through 6 does not always return the correct IOleClientSite information when dynamically creating an embedded object, which could cause Internet Explorer to run the object in the wrong security context or zone, and allow remote attackers to execute arbitrary code.
CVE-2005-0119 1 Helvis 1 Helvis 2026-04-16 N/A
helvis 1.8h2_1 and earlier allows local users to recover and read the files of other users via the elvrec setuid program.
CVE-2005-0120 1 Helvis 1 Helvis 2026-04-16 N/A
helvis 1.8h2_1 and earlier allows local users to delete arbitrary files via the elvprsv setuid program.
CVE-2005-0125 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
The "at" commands on Mac OS X 10.3.7 and earlier do not properly drop privileges, which allows local users to (1) delete arbitrary files via atrm, (2) execute arbitrary programs via the -f argument to batch, or (3) read arbitrary files via the -f argument to batch, which generates a job file that is readable by the local user.
CVE-2006-1198 1 Comvigo 1 Im Lock 2026-04-16 N/A
Comvigo IM Lock 2006 uses a simple substitution cipher to encrypt a password stored in the msnvs\prc registry value, for which all users have Read permission, which allows local users to bypass the product's blocking functionality by decrypting the password.
CVE-2005-0129 1 Berlios 1 Konversation 2026-04-16 N/A
The Quick Buttons feature in Konversation 0.15 allows remote attackers to execute certain IRC commands via a channel name containing "%" variables, which are recursively expanded by the Server::parseWildcards function when the Part Button is selected.
CVE-2006-1202 1 Jcink.com 1 Textfilebb 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in textfileBB 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) mess and (2) user parameters in messanger.php, possibly requiring a URL encoded value.
CVE-2005-0140 1 Peid 1 Peid 2026-04-16 N/A
Buffer overflow in PeID allows attackers to execute arbitrary code via a PE file with an Import Address Table containing a long import library name.