Total
29753 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-1384 | 1 Ibm | 1 Tivoli Business Systems Manager | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in apwc_win_main.jsp in the web console in IBM Tivoli Business Systems Manager (TBSM) before 3.1.0.1 allows remote attackers to inject arbitrary web script or HTML via the skin parameter. | ||||
| CVE-2006-1397 | 2 Phpadsnew, Phppgads | 2 Phpadsnew, Phppgads | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in (a) phpAdsNew and (b) phpPgAds before 2.0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) certain parameters to the banner delivery module, which is not properly handled in the administrator interface, or (2) certain parameters to the login form. | ||||
| CVE-2006-4032 | 1 Cisco | 1 Callmanager Express | 2025-04-03 | N/A |
| Unspecified vulnerability in Cisco IOS CallManager Express (CME) allows remote attackers to gain sensitive information (user names) from the Session Initiation Protocol (SIP) user directory via certain SIP messages, aka bug CSCse92417. | ||||
| CVE-2006-1411 | 1 Xigla | 1 Absolute Image Gallery Xe | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Absolute Image Gallery XE 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) the shownew parameter in gallery.asp and (2) unspecified search module parameters. | ||||
| CVE-2006-1413 | 1 Htmljunction | 1 Ezhomepagepro | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in EZHomepagePro 1.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) adid or (2) aname parameter in (a) common/email.asp, (b) users/users_search.asp, or (c) users/users_profiles.asp; (3) page parameter in (d) users/users_calendar.asp; (4) usid parameter in (e) users/users_mgallery.asp; or (5) m parameter in (f) users/users_search.asp. | ||||
| CVE-2004-0011 | 1 Debian | 1 Fsp | 2025-04-03 | N/A |
| Buffer overflow in fsp before 2.81.b18 allows remote users to execute arbitrary code. | ||||
| CVE-2004-0050 | 1 Verity | 1 Ultraseek | 2025-04-03 | N/A |
| Verity Ultraseek before 5.2.2 allows remote attackers to obtain the full pathname of the document root via an MS-DOS device name in the web search option, such as (1) NUL, (2) CON, (3) AUX, (4) COM1, (5) COM2, and others. | ||||
| CVE-2006-1430 | 1 Controlzx | 1 Hms | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in CONTROLzx HMS (formerly DRZES) 3.3.4 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) dedicatedPlanID parameter to dedicated_order.php, (2) sharedPlanID parameter to shared_order.php, (3) plan_id parameter to customers/server_management.php, and (4) email field to customers/forgotpass.php. | ||||
| CVE-2006-4051 | 1 Turnkey Web Tools | 1 Php Live Helper | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in global.php in Turnkey Web Tools PHP Live Helper 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the abs_path parameter. | ||||
| CVE-2004-0059 | 1 Lionmax Software | 1 Www File Share Pro | 2025-04-03 | N/A |
| Directory traversal vulnerability in upload capability of WWW File Share Pro 2.42 and earlier allows remote attackers to overwrite arbitrary files via .. (dot dot) sequences in the filename parameter of a Content-Disposition: header. | ||||
| CVE-2006-1440 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| BOM in Apple Mac OS X 10.3.9 and 10.4.6 allows attackers to overwrite arbitrary files via an archive that contains symbolic links. | ||||
| CVE-2004-0096 | 2 Apache, Redhat | 3 Mod Python, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Unknown vulnerability in mod_python 2.7.9 allows remote attackers to cause a denial of service (httpd crash) via a certain query string, a variant of CAN-2003-0973. | ||||
| CVE-2006-1443 | 1 Apple | 1 Mac Os X | 2025-04-03 | N/A |
| Integer underflow in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4.6 allows context-dependent attackers to execute arbitrary code via unspecified vectors involving conversions from string to file system representation within (1) CFStringGetFileSystemRepresentation or (2) getFileSystemRepresentation:maxLength:withPath in NSFileManager, and possibly other similar API functions. | ||||
| CVE-2006-4057 | 1 Mitch Murray | 1 Eremove | 2025-04-03 | N/A |
| Buffer overflow in the preview_create function in gui.cpp in Mitch Murray Eremove 1.4 allows remote attackers to cause a denial of service (application crash), and possibly execute arbitrary code, via a large email attachment. | ||||
| CVE-2004-0132 | 1 Visualshapers | 1 Ezcontents | 2025-04-03 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in ezContents 2.0.2 and earlier allow remote attackers to execute arbitrary PHP code from a remote web server, as demonstrated using (1) the GLOBALS[rootdp] parameter to db.php, or (2) the GLOBALS[language_home] parameter to archivednews.php, and a malicious version of lang_admin.php. | ||||
| CVE-2004-0148 | 3 Redhat, Sgi, Washington University | 3 Enterprise Linux, Propack, Wu-ftpd | 2025-04-03 | N/A |
| wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead. | ||||
| CVE-2004-0160 | 1 Synaesthesia | 1 Synaesthesia | 2025-04-03 | N/A |
| Synaesthesia 2.2 and earlier allows local users to execute arbitrary code via a symlink attack on the configuration file. | ||||
| CVE-2004-0165 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| Format string vulnerability in Point-to-Point Protocol (PPP) daemon (pppd) 2.4.0 for Mac OS X 10.3.2 and earlier allows remote attackers to read arbitrary pppd process data, including PAP or CHAP authentication credentials, to gain privileges. | ||||
| CVE-2006-1472 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| Unspecified vulnerability in AFP Server in Apple Mac OS X 10.3.9 allows remote attackers to determine names of unauthorized files and folders via unknown vectors related to the search results. | ||||
| CVE-2004-0181 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-03 | N/A |
| The JFS file system code in Linux 2.4.x has an information leak in which in-memory data is written to the device for the JFS file system, which allows local users to obtain sensitive information by reading the raw device. | ||||