Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-2500 1 Ilohamail 1 Ilohamail 2026-04-16 N/A
Unknown vulnerability in IlohaMail before 0.8.14-rc1 has unknown impact and attack vectors.
CVE-2002-2001 2 Jmcce, Mandrakesoft 2 Jmcce, Mandrake Linux 2026-04-16 N/A
jmcce 1.3.8 in Mandrake 8.1 creates log files in /tmp with predictable names, which allows local users to overwrite arbitrary files via a symlink attack.
CVE-2006-2065 1 Phpsurveyor 1 Phpsurveyor 2026-04-16 N/A
SQL injection vulnerability in save.php in PHPSurveyor 0.995 and earlier allows remote attackers to execute arbitrary SQL commands via the surveyid cookie. NOTE: this issue could be leveraged to execute arbitrary PHP code, as demonstrated by inserting directory traversal sequences into the database, which are then processed by the thissurvey['language'] variable.
CVE-2006-2070 1 Mybb 1 Devbb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in member.php in DevBB 1.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the member parameter in a viewpro action.
CVE-2005-0014 1 Ncpfs 1 Ncpfs 2026-04-16 N/A
Buffer overflow in ncplogin in ncpfs before 2.2.6 allows remote malicious NetWare servers to execute arbitrary code on the NetWare client.
CVE-2006-2068 1 Hitachi 9 Jp1-cm2-network Node Manager, Jp1-cm2-network Node Manager 250, Jpi Automatic Job Management System 2 and 6 more 2026-04-16 N/A
Unspecified vulnerability in Hitachi JP1 products allow remote attackers to cause a denial of service (application stop or fail) via unexpected requests or data.
CVE-2006-2071 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass IPC permissions and modify a readonly attachment of shared memory by using mprotect to give write permission to the attachment. NOTE: some original raw sources combined this issue with CVE-2006-1524, but they are different bugs.
CVE-2006-2078 1 Furukawa Electric 2 Fitelnet, Mucho-ev Pk 2026-04-16 N/A
Multiple unspecified vulnerabilities in multiple FITELnet products, including FITELnet-F40, F80, F100, F120, F1000, and E20/E30, allow remote attackers to cause a denial of service via crafted DNS messages that trigger errors in (1) ProxyDNS or (2) PKI-Resolver, as demonstrated by the OUSPG PROTOS DNS test suite.
CVE-2002-2008 1 Apache 1 Tomcat 2026-04-16 N/A
Apache Tomcat 4.0.3 for Windows allows remote attackers to obtain the web root path via an HTTP request for a resource that does not exist, such as lpt9, which leaks the information in an error message.
CVE-2006-2079 1 Verosky Media 1 Instant Photo Gallery 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in portfolio.php in Verosky Media Instant Photo Gallery, possibly before 1.0.2, allows remote attackers to inject arbitrary web script or HTML via the cat_id parameter.
CVE-2006-2080 1 Verosky Media 1 Instant Photo Gallery 2026-04-16 N/A
SQL injection vulnerability in portfolio_photo_popup.php in Verosky Media Instant Photo Gallery 1.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter, which is not cleansed before calling the count_click function in includes/functions/fns_std.php. NOTE: this issue could produce resultant XSS.
CVE-2006-2089 1 Mysmartbb 1 Mysmartbb 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in misc.php in MySmartBB 1.1.x allow remote attackers to inject arbitrary web script or HTML via the (1) id and (2) username parameters.
CVE-2002-2012 1 Apache 1 Http Server 2026-04-16 N/A
Unknown vulnerability in Apache 1.3.19 running on HP Secure OS for Linux 1.0 allows remote attackers to cause "unexpected results" via an HTTP request.
CVE-2004-2074 1 Bolintech 1 Dream Ftp Server 2026-04-16 N/A
Format string vulnerability in Dream FTP 1.02 allows local users to cause a denial of service (crash) via format string specifiers in the (1) PASS or (2) RETR commands.
CVE-2006-2092 1 Hp 1 Storageworks Secure Path Windows 2026-04-16 N/A
Unspecified vulnerability in HP StorageWorks Secure Path for Windows 4.0C-SP2 before 20060419 allows remote attackers to cause an unspecified denial of service via unknown vectors.
CVE-2006-2098 1 Php Thumbnail Autoindex 1 Php Thumbnail Autoindex 2026-04-16 N/A
PHP remote file inclusion vulnerability in Thumbnail AutoIndex before 2.0 allows remote attackers to execute arbitrary PHP code via (1) README.html or (2) HEADER.html.
CVE-2002-2015 1 Postnuke Software Foundation 1 Postnuke 2026-04-16 N/A
PHP file inclusion vulnerability in user.php in PostNuke 0.703 allows remote attackers to include arbitrary files and possibly execute code via the caselist parameter.
CVE-2006-2104 1 Kmail 1 Kmail 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Kamgaing Email System (kmail) 2.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) d parameter to main.php, ordner parameter to (2) main.php, or (3) webdisk.php, (4) draft parameter to compose.php, or (5) m, or (6) y parameter to calendar.php.
CVE-2002-2016 1 User-mode Linux 1 User-mode Linux 2026-04-16 N/A
User-mode Linux (UML) 2.4.17-8 does not restrict access to kernel address space, which allows local users to execute arbitrary code.
CVE-2006-2105 1 Jupiter Cms 1 Jupiter Cms 2026-04-16 N/A
Directory traversal vulnerability in index.php in Jupiter CMS 1.1.4 and 1.1.5 allows remote attackers to read arbitrary files via ".." sequences terminated by a %00 (null) character in the n parameter.