Export limit exceeded: 29840 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29840 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-4691 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2025-04-09 | N/A |
| Stack-based buffer overflow in the NetpManageIPCConnect function in the Workstation service (wkssvc.dll) in Microsoft Windows 2000 SP4 and XP SP2 allows remote attackers to execute arbitrary code via NetrJoinDomain2 RPC messages with a long hostname. | ||||
| CVE-2006-4697 | 1 Microsoft | 5 Ie, Internet Explorer, Windows 2000 and 2 more | 2025-04-09 | N/A |
| Microsoft Internet Explorer 5.01, 6, and 7 uses certain COM objects from Imjpcksid.dll as ActiveX controls, which allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: this issue might be related to CVE-2006-4193. | ||||
| CVE-2006-5287 | 1 Xeobook | 1 Xeobook | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in sign.php in Xeobook 0.93 allow remote attackers to execute arbitrary SQL commands via (1) the User-Agent HTTP header, or the (2) gb_entry_text, (3) gb_location, (4) gb_fullname, or (5) gb_sex parameters. | ||||
| CVE-2006-3867 | 1 Microsoft | 2 Excel, Excel Viewer | 2025-04-09 | N/A |
| Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 for Mac, v.X for Mac, and Excel Viewer 2003 allows user-assisted attackers to execute arbitrary code via a crafted Lotus 1-2-3 file, a different vulnerability than CVE-2006-2387 and CVE-2006-3875. | ||||
| CVE-2004-2762 | 1 Ibm | 2 Mvs, Tivoli Storage Manager | 2025-04-09 | N/A |
| The server in IBM Tivoli Storage Manager (TSM) 4.2.x on MVS, 5.1.9.x before 5.1.9.1, 5.1.x before 5.1.10, 5.2.2.x before 5.2.2.3, 5.2.x before 5.2.3, 5.3.x before 5.3.0, and 6.x before 6.1, when the HTTP communication method is enabled, allows remote attackers to cause a denial of service (daemon crash or hang) via unspecified HTTP traffic, as demonstrated by the IBM port scanner 1.3.1. | ||||
| CVE-2007-0922 | 1 Radical Technologies | 1 Portal Search | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in buscador/buscador.htm in Portal Search allows remote attackers to inject arbitrary web script or HTML via the query string. | ||||
| CVE-2006-5290 | 1 Xerox | 6 Workcentre 232, Workcentre 238, Workcentre 245 and 3 more | 2025-04-09 | N/A |
| The ESS/ Network Controller and MicroServer Web Server components of Xerox WorkCentre and WorkCentre Pro 232, 238, 245, 255, 265 and 275 allow remote attackers to bypass authentication and execute arbitrary code via "WebUI command injection on TCP/IP hostname." | ||||
| CVE-2007-1434 | 1 Grayscale | 1 Grayscale Blog | 2025-04-09 | N/A |
| SQL injection vulnerability in Grayscale Blog 0.8.0, and possibly earlier versions, might allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) userdetail.php, id and (2) url parameter to (b) jump.php, and id variable to (c) detail.php. | ||||
| CVE-2007-1997 | 1 Clam Anti-virus | 1 Clamav | 2025-04-09 | N/A |
| Integer signedness error in the (1) cab_unstore and (2) cab_extract functions in libclamav/cab.c in Clam AntiVirus (ClamAV) before 0.90.2 allow remote attackers to execute arbitrary code via a crafted CHM file that contains a negative integer, which passes a signed comparison and leads to a stack-based buffer overflow. | ||||
| CVE-2006-6774 | 1 Ciberia | 1 Content Federator | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in socios/maquetacion_socio.php (members/maquetacion_member.php) in Ciberia Content Federator 1.0 allows remote attackers to execute arbitrary PHP code via the path parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2006-5476 | 1 Drupal | 1 Drupal | 2025-04-09 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Drupal 4.6.x before 4.6.10 and 4.7.x before 4.7.4 allows remote attackers to perform unauthorized actions as an arbitrary user via unspecified vectors. | ||||
| CVE-2006-3887 | 1 Aol | 1 Ygp Screensaver Activex Control | 2025-04-09 | N/A |
| Buffer overflow in AOL You've Got Pictures (YGP) Screensaver ActiveX control allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2006-3888 | 1 Aol | 1 Ygp Pic Downloader Activex Control | 2025-04-09 | N/A |
| Buffer overflow in AOL You've Got Pictures (YGP) Pic Downloader YGPPDownload ActiveX control (AOL.PicDownloadCtrl.1, YGPPicDownload.dll), as used in America Online 9.0 Security Edition, allows remote attackers to execute arbitrary code via a long argument to the SetAlbumName method. | ||||
| CVE-2006-3892 | 1 Emc | 1 Networker | 2025-04-09 | N/A |
| The Management Console server in EMC NetWorker (formerly Legato NetWorker) 7.3.2 before Jumbo Update 1 uses weak authentication, which allows remote attackers to execute arbitrary commands. | ||||
| CVE-2007-2917 | 1 Authentium | 1 Command Antivirus | 2025-04-09 | N/A |
| Multiple buffer overflows in a certain ActiveX control in odapi.dll in Authentium Command Antivirus before 4.93.8 allow remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2007-0785 | 1 Flipsource | 1 Flip | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in previewtheme.php in Flipsource Flip 2.01-final 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the inc_path parameter. | ||||
| CVE-2007-0813 | 1 Home Production | 1 Mysearchengine | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in Home production MySearchEngine allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2006-6778 | 1 Timberwolf | 1 Timberwolf | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in shownews.php in TimberWolf 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the nid parameter. | ||||
| CVE-2006-4182 | 1 Clam Anti-virus | 1 Clamav | 2025-04-09 | N/A |
| Integer overflow in ClamAV 0.88.1 and 0.88.4, and other versions before 0.88.5, allows remote attackers to cause a denial of service (scanning service crash) and execute arbitrary code via a crafted Portable Executable (PE) file that leads to a heap-based buffer overflow when less memory is allocated than expected. | ||||
| CVE-2006-5564 | 1 Maxdev | 1 Md-pro | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in user.php in MAXdev MD-Pro 1.0.76 allows remote attackers to inject arbitrary web script or HTML via the op parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||