Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-0988 1 Apple 1 Quicktime 2026-04-16 N/A
Integer overflow on Apple QuickTime before 6.5.2, when running on Windows systems, allows remote attackers to cause a denial of service (memory consumption) via certain inputs that cause a large memory operation.
CVE-2005-1318 1 Horde 1 Forwards 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Horde Forwards E-Mail Forwarding Manager before 2.2.2 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title.
CVE-2005-2560 1 Ader Software 1 Cfbb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.cfm in CFBB 1.1.0 allows remote attackers to inject arbitrary web script or HTML via the page parameter.
CVE-2005-3173 1 Microsoft 1 Windows 2000 2026-04-16 N/A
Microsoft Windows 2000 before Update Rollup 1 for SP4 does not apply group policies if the user logs on using UPN credentials with a trailing dot, which prevents Windows 2000 from finding the correct domain controller and could allow the user to bypass intended restrictions.
CVE-2005-2606 1 Phlymail 1 Phlymail 2026-04-16 N/A
Unknown vulnerability in the "frontend authentication" in PHlyMail 3.02.00 has unknown impact and attack vectors.
CVE-2005-1519 2 Redhat, Squid 2 Enterprise Linux, Squid 2026-04-16 N/A
Squid 2.5 STABLE9 and earlier, when the DNS client port is unfiltered and the environment does not prevent IP spoofing, allows remote attackers to spoof DNS lookups.
CVE-2005-1577 1 Apg Technology 1 Classmaster 2026-04-16 N/A
APG Technology ClassMaster does not properly restrict access to sensitive folders, which allows remote attackers to access folders via a network share.
CVE-2005-2612 1 Wordpress 1 Wordpress 2026-04-16 N/A
Direct code injection vulnerability in WordPress 1.5.1.3 and earlier allows remote attackers to execute arbitrary PHP code via the cache_lastpostdate[server] cookie.
CVE-2006-4715 1 Spoonlabs 1 Vivvo Article Management Cms 2026-04-16 N/A
SQL injection vulnerability in pdf_version.php in SpoonLabs Vivvo Article Management CMS (aka phpWordPress) 3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2006-4284 1 Lblog 1 Lblog 2026-04-16 N/A
SQL injection vulnerability in comments.asp in LBlog 1.05 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2002-1932 1 Microsoft 2 Windows 2000, Windows Xp 2026-04-16 N/A
Microsoft Windows XP and Windows 2000, when configured to send administrative alerts and the "Do not overwrite events (clear log manually)" option is set, does not notify the administrator when the log reaches its maximum size, which allows local users and remote attackers to avoid detection.
CVE-2006-3195 1 Singapore 1 Singapore 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in singapore 0.10.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the template parameter.
CVE-2005-1798 1 Serverscheck 1 Monitoring Software 2026-04-16 N/A
Directory traversal vulnerability in ServersCheck Monitoring Software 5.9.0 to 5.10.0 allows remote attackers to read arbitrary files via .. (dot dot) sequences in an HTTP request.
CVE-2002-2370 1 Sws 1 Sws Simple Web Server 2026-04-16 N/A
SWS web server 0.0.4, 0.0.3 and 0.1.0 allows remote attackers to cause a denial of service (crash) via a URL request that does not end with a newline.
CVE-2006-3212 1 Cjguestbook 1 Cjguestbook 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in sign.php in cjGuestbook 1.3 and earlier allows remote attackers to inject web script or HTML via the (1) name, (2) email, (3) add, and (4) wName parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-3230 1 Azureus Tracker 1 Azureus Tracker 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.tmpl in Azureus Tracker 2.4.0.2 and earlier (Java BitTorrent Client Tracker) allows remote attackers to inject arbitrary web script or HTML via the search parameter.
CVE-2006-3242 2 Mutt, Redhat 2 Mutt, Enterprise Linux 2026-04-16 N/A
Stack-based buffer overflow in the browse_get_namespace function in imap/browse.c of Mutt 1.4.2.1 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via long namespaces received from the IMAP server.
CVE-2006-3263 1 Mambo 1 Mambo 2026-04-16 N/A
SQL injection vulnerability in the Weblinks module (weblinks.php) in Mambo 4.6rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter.
CVE-2006-3316 1 Spiffyjr 1 Phpraid 2026-04-16 N/A
Multiple PHP remote file inclusion vulnerabilities in phpRaid 3.0.5 allow remote attackers to execute arbitrary code via a URL in the phpraid_dir parameter to (1) logs.php and (2) users.php, a different set of vectors than CVE-2006-3116.
CVE-2006-3274 1 Webmin 1 Webmin 2026-04-16 N/A
Directory traversal vulnerability in Webmin before 1.280, when run on Windows, allows remote attackers to read arbitrary files via \ (backslash) characters in the URL to certain directories under the web root, such as the image directory.