Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0337 1 Ibm 1 Aix 2026-04-16 N/A
AIX batch queue (bsh) allows local and remote users to gain additional privileges when network printing is enabled.
CVE-2006-3657 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (stack overflow exception) via a DXImageTransform.Microsoft.Gradient ActiveX object with a long (1) StartColorStr or (2) EndColorStr property.
CVE-1999-0522 2026-04-16 N/A
The permissions for a system-critical NIS+ table (e.g. passwd) are inappropriate.
CVE-2006-2820 1 Hotwebscripts 1 Weblog Oggi 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in HotWebScripts.com Weblog Oggi 1.0 allows remote attackers to inject arbitrary web script or HTML via a comment, possibly involving a javascript URI in the SRC attribute of an IMG element.
CVE-1999-0961 1 Hp 1 Hp-ux 2026-04-16 N/A
HPUX sysdiag allows local users to gain root privileges via a symlink attack during log file creation.
CVE-2004-2229 1 Oracle 1 Database Server Lite 2026-04-16 N/A
Multiple unknown vulnerabilities in Oracle 9i Lite Mobile Server 5.0.0.0.0 through 5.0.2.9.0 allow remote authenticated users to gain privileges.
CVE-2006-0491 1 Subzane 1 Szusermgnt 2026-04-16 N/A
SQL injection vulnerability in SZUserMgnt.class.php in SZUserMgnt 1.4 allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2006-3672 1 Kde 1 Konqueror 2026-04-16 N/A
KDE Konqueror 3.5.1 and earlier allows remote attackers to cause a denial of service (application crash) by calling the replaceChild method on a DOM object, which triggers a null dereference, as demonstrated by calling document.replaceChild with a 0 (zero) argument.
CVE-2001-1088 1 Microsoft 2 Outlook, Outlook Express 2026-04-16 N/A
Microsoft Outlook 8.5 and earlier, and Outlook Express 5 and earlier, with the "Automatically put people I reply to in my address book" option enabled, do not notify the user when the "Reply-To" address is different than the "From" address, which could allow an untrusted remote attacker to spoof legitimate addresses and intercept email from the client that is intended for another user.
CVE-2006-0494 1 Mybulletinboard 1 Mybulletinboard 2026-04-16 N/A
Directory traversal vulnerability in MyBB (aka MyBulletinBoard) 1.02 allows local users with MyBB administrative privileges to include and possibly execute arbitrary local files via directory traversal sequences and a nul (%00) character in the plugin parameter.
CVE-2006-0495 1 Mybulletinboard 1 Mybulletinboard 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the Add Thread to Favorites feature in usercp2.php in MyBB (aka MyBulletinBoard) 1.02 allows remote attackers to inject arbitrary web script or HTML via an HTTP Referer header ($url variable).
CVE-2006-0500 1 Punctweb 1 Myco Guestbook 2026-04-16 N/A
MyCO Guestbook 1.0 stores the admin directory under the web document root with insufficient access control, which allows remote attackers to perform unspecified privileged actions by directly accessing files via a URL.
CVE-2006-0501 1 Punctweb 1 Myco Guestbook 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in MyCO Guestbook 1.0 allows remote attackers to inject arbitrary web script or HTML via the Name field, when registering a user.
CVE-2003-1338 1 Aprelium Technologies 1 Abyss Web Server 2026-04-16 N/A
CRLF injection vulnerability in Aprelium Abyss Web Server 1.1.2 and earlier allows remote attackers to inject arbitrary HTTP headers and possibly conduct HTTP Response Splitting attacks via CRLF sequences in the Location header.
CVE-2006-0505 1 Zbattle.net 1 Zbattle Client 2026-04-16 N/A
zbattle.net Zbattle client 1.09 SR-1 beta allows remote attackers to cause an unspecified denial of service by rapidly creating and closing a game.
CVE-2004-2271 1 Minishare 1 Minimal Http Server 2026-04-16 N/A
Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
CVE-2006-0508 1 Easy Cms 1 Easy Cms 2026-04-16 N/A
Easy CMS stores the images directory under the web document root with insufficient access control and browsing enabled, which allows remote attackers to list and possibly read images that are stored in that directory.
CVE-2006-1046 1 Monopd 1 Monopd 2026-04-16 N/A
server.cpp in Monopd 0.9.3 allows remote attackers to cause a denial of service (CPU and memory consumption) via a string containing a large number of characters that are escaped when Monopd produces XML output.
CVE-2006-3673 1 Armagetron 1 Armagetron Advanced 2026-04-16 N/A
nNetObject.cpp in Armagetron Advanced 2.8.2 and earlier allows remote attackers to cause a denial of service (application crash) via a large owner value, which causes an assert error.
CVE-2006-0624 1 Webeveyn 1 Whomp Real Estate Manager Xp 2005 2026-04-16 N/A
SQL injection vulnerability in check.asp in Whomp Real Estate Manager XP 2005 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.