Export limit exceeded: 346144 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346144 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-6423 | 1 Mailenable | 2 Mailenable Enterprise, Mailenable Professional | 2026-04-23 | N/A |
| Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35, Professional Edition 1.6 through 1.84, and Enterprise Edition 1.1 through 1.41 allows remote attackers to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string, as addressed by the ME-10025 hotfix. | ||||
| CVE-2006-6429 | 1 Xerox | 1 Workcentre | 2026-04-23 | N/A |
| Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 allows attackers to modify certain configuration settings via unspecified vectors involving the "TFTP/BOOTP auto configuration option." | ||||
| CVE-2006-6432 | 1 Xerox | 1 Workcentre | 2026-04-23 | N/A |
| Unspecified vulnerability in the Scan-to-mailbox feature in Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 allows remote attackers to download certain files via unspecified vectors. | ||||
| CVE-2006-6434 | 1 Xerox | 6 Workcentre 232, Workcentre 238, Workcentre 245 and 3 more | 2026-04-23 | N/A |
| Unspecified vulnerability in the Web User Interface in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 allows remote attackers to bypass authentication controls via unknown vectors. | ||||
| CVE-2007-0487 | 1 Zoneo-soft | 1 Freeforum | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in index.php in FreeForum 0.9.0 allows remote attackers to execute arbitrary PHP code via a URL in the fpath parameter. NOTE: this issue has been disputed by third party researchers, stating that fpath variable is initialized before being used | ||||
| CVE-2006-6436 | 1 Xerox | 6 Workcentre 232, Workcentre 238, Workcentre 245 and 3 more | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Network controller in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 allows remote attackers to inject arbitrary web script or HTML via HTTP TRACE messages. | ||||
| CVE-2006-6442 | 1 Aol | 1 Aol Client Software | 2026-04-23 | N/A |
| Stack-based buffer overflow in the SetClientInfo function in the CDDBControlAOL.CDDBAOLControl ActiveX control (cddbcontrol.dll), as used in America Online (AOL) 7.0 4114.563, 8.0 4129.230, and 9.0 Security Edition 4156.910, and possibly other products, allows remote attackers to execute arbitrary code via a long ClientId argument. | ||||
| CVE-2006-6445 | 1 Envolution | 1 Envolution | 2026-04-23 | N/A |
| Directory traversal vulnerability in error.php in Envolution 1.1.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the PNSVlang (PNSV lang) parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by error.php. | ||||
| CVE-2006-6453 | 1 J-owamp | 1 Web Interface | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in JOWAMP_ShowPage.php in J-OWAMP Web Interface 2.1 allows remote authenticated users to execute arbitrary PHP code via a URL in the link parameter. | ||||
| CVE-2006-6456 | 1 Microsoft | 4 Office, Word, Word Viewer and 1 more | 2026-04-23 | N/A |
| Unspecified vulnerability in Microsoft Word 2000, 2002, and 2003 and Word Viewer 2003 allows remote attackers to execute code via unspecified vectors related to malformed data structures that trigger memory corruption, a different vulnerability than CVE-2006-5994. | ||||
| CVE-2006-6465 | 1 Wikyblog | 1 Wikyblog | 2026-04-23 | N/A |
| Directory traversal vulnerability in WBmap.php in WikyBlog 1.3.2 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the l parameter. NOTE: CVE disputes this vulnerability because l is validated by ctype_alpha before use | ||||
| CVE-2006-6466 | 1 Wikyblog | 1 Wikyblog | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in WBmap.php in WikyBlog 1.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) key, (2) d, (3) l, or (4) v parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: CVE disputes the l vector because l is validated by ctype_alpha before use. | ||||
| CVE-2007-0488 | 1 Huawei | 1 Versatile Routing Platform | 2026-04-23 | N/A |
| The Huawei Versatile Routing Platform 1.43 2500E-003 firmware on the Quidway R1600 Router, and possibly other models, allows remote attackers to cause a denial of service (device crash) via a long show arp command. | ||||
| CVE-2006-6473 | 1 Xerox | 1 Workcentre | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 have unknown impact and attack vectors, related to (1) an Immediate Image Overwrite (IIO) error message at the Local User Interface (LUI) if overwrite fails, (2) an IIO failure when a Held Job is deleted, and (3) an On Demand Image Overwrite failure when the overwrite is greater than 2 Gb. | ||||
| CVE-2006-6480 | 1 Scriptphp | 1 Annoncescripthp | 2026-04-23 | N/A |
| admin/admin_membre/fiche_membre.php in AnnonceScriptHP 2.0 allows remote attackers to obtain sensitive information via the idmembre parameter, which discloses the passwords for arbitrary users. | ||||
| CVE-2006-6481 | 1 Clam Anti-virus | 1 Clamav | 2026-04-23 | N/A |
| Clam AntiVirus (ClamAV) 0.88.6 allows remote attackers to cause a denial of service (stack overflow and application crash) by wrapping many layers of multipart/mixed content around a document, a different vulnerability than CVE-2006-5874 and CVE-2006-6406. | ||||
| CVE-2006-6484 | 1 Mailenable | 2 Mailenable Enterprise, Mailenable Professional | 2026-04-23 | N/A |
| The IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.34, Professional Edition 1.6 through 1.83, and Enterprise Edition 1.1 through 1.40 allows remote attackers to cause a denial of service (crash) via unspecified vectors that trigger a null pointer dereference, as addressed by the ME-10023 hotfix, and a different issue than CVE-2006-6423. NOTE: some details were obtained from third party information. | ||||
| CVE-2007-0489 | 1 Visohotlink | 1 Visohotlink | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in includes/functions.visohotlink.php in VisoHotlink 1.01 and possibly earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| CVE-2006-6489 | 1 Sisco | 5 Ax-s4 Iccp, Ax-s4 Mms, Iccp Toolkit and 2 more | 2026-04-23 | N/A |
| The SISCO OSI stack, as used in SISCO MMS-EASE, ICCP Toolkit for MMS-EASE, AX-S4 MMS and AX-S4 ICCP, and possibly other control system applications, allows remote attackers to cause a denial of service (application termination and restart) via malformed packets. | ||||
| CVE-2006-6497 | 2 Mozilla, Redhat | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in the layout engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via unknown attack vectors. | ||||