Export limit exceeded: 346144 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346144 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-0436 | 1 Barron Mccann | 4 Install, X-kryptor Driver, X-kryptor Secure Client and 1 more | 2026-04-23 | N/A |
| Barron McCann X-Kryptor Driver BMS1446HRR (Xgntr BMS1351 Install BMS1472) in X-Kryptor Secure Client does not drop privileges when launching an Explorer window in response to a help command, which allows local users to gain LocalSystem privileges via interactive use of Explorer. | ||||
| CVE-2006-5601 | 1 Xsupplicant | 1 Xsupplicant | 2026-04-23 | N/A |
| Stack-based buffer overflow in the eap_do_notify function in eap.c in xsupplicant before 1.2.6, and possibly other versions, allows remote authenticated users to execute arbitrary code via unspecified vectors. | ||||
| CVE-2007-0229 | 2 Apple, Freebsd | 3 Mac Os X, Mac Os X Server, Freebsd | 2026-04-23 | N/A |
| Integer overflow in the ffs_mountfs function in Mac OS X 10.4.8 and FreeBSD 6.1 allows local users to cause a denial of service (panic) and possibly gain privileges via a crafted DMG image that causes "allocation of a negative size buffer" leading to a heap-based buffer overflow, a related issue to CVE-2006-5679. NOTE: a third party states that this issue does not cross privilege boundaries in FreeBSD because only root may mount a filesystem. | ||||
| CVE-2007-0443 | 1 Gracenote | 1 Cddbcontrol Activex Control | 2026-04-23 | N/A |
| Multiple buffer overflows in the CDDBControl ActiveX control in Gracenote CDDB before 20070418 allow remote attackers to execute arbitrary code via long values for certain Proxy configuration parameters. | ||||
| CVE-2007-0474 | 1 Smb4k | 1 Smb4k | 2026-04-23 | N/A |
| Smb4K before 0.8.0 allow local users, when present on the Smb4K sudoers list, to kill arbitrary processes, related to a "design issue with smb4k_kill." | ||||
| CVE-2006-5602 | 1 Xsupplicant | 1 Xsupplicant | 2026-04-23 | N/A |
| Multiple memory leaks in xsupplicant before 1.2.6, and possibly other versions, allow attackers to cause a denial of service (memory consumption) via unspecified vectors. | ||||
| CVE-2006-5603 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2026-04-23 | 9.8 Critical |
| SQL injection vulnerability in pop_mail.asp in Snitz Forums 2000 3.4.06 allows remote attackers to execute arbitrary SQL commands via the RC parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2006-5604 | 1 Phpcards | 1 Phpcards | 2026-04-23 | N/A |
| Directory traversal vulnerability in phpcards.header.php in phpCards 1.3 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the CardLanguageFile parameter. | ||||
| CVE-2006-5605 | 1 Phpcards | 1 Phpcards | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpcards.footer.php in phpCards 1.3 allow remote attackers to inject arbitrary web script or HTML via the CardFontFace parameter and other unspecified parameters. | ||||
| CVE-2007-0230 | 1 Cs-cart | 1 Cs-cart | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in install.php in CS-Cart 1.3.3 allows remote attackers to execute arbitrary PHP code via a URL in the install_dir parameter. NOTE: CVE and third parties dispute this vulnerability because install_dir is defined before use | ||||
| CVE-2006-5606 | 1 Bytesfall Explorer | 1 Bytesfall Explorer | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in BytesFall Explorer (bfExplorer) 0.0.7.1 and earlier allow remote attackers to execute arbitrary SQL commands via the username ($User variable) to login/doLogin.php and other unspecified vectors. | ||||
| CVE-2006-5607 | 1 Inca | 1 Im-204 Adsl Router | 2026-04-23 | N/A |
| Directory traversal vulnerability in /cgi-bin/webcm in INCA IM-204 allows remote attackers to read arbitrary files via a "/./." (modified dot dot) sequences in the getpage parameter. | ||||
| CVE-2006-5608 | 1 Drupal | 1 Extended Tracker | 2026-04-23 | N/A |
| SQL injection vulnerability in Extended Tracker (xtracker) 4.7 before 1.5.2.1 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to "parameters from URLs." | ||||
| CVE-2006-5609 | 1 Torrentflux | 1 Torrentflux | 2026-04-23 | N/A |
| Directory traversal vulnerability in dir.php in TorrentFlux 2.1 allows remote attackers to list arbitrary directories via "\.\./" sequences in the dir parameter. | ||||
| CVE-2007-0232 | 1 Jshop E-commerce | 1 Jshop Server | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in routines/fieldValidation.php in Jshop Server 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the jssShopFileSystem parameter. | ||||
| CVE-2007-0444 | 1 Citrix | 2 Metaframe, Metaframe Presentation Server | 2026-04-23 | N/A |
| Stack-based buffer overflow in the print provider library (cpprov.dll) in Citrix Presentation Server 4.0, MetaFrame Presentation Server 3.0, and MetaFrame XP 1.0 allows local users and remote attackers to execute arbitrary code via long arguments to the (1) EnumPrintersW and (2) OpenPrinter functions. | ||||
| CVE-2006-5610 | 1 Fully Modded Phpbb | 1 Fully Modded Phpbb | 2026-04-23 | 9.8 Critical |
| PHP remote file inclusion vulnerability in player/includes/common.php in Teake Nutma Foing, as modified in Fully Modded phpBB (phpbbfm) 2021.4.40, allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | ||||
| CVE-2006-5614 | 1 Microsoft | 2 Windows Nt Helper Components, Windows Xp | 2026-04-23 | N/A |
| Microsoft Windows NAT Helper Components (ipnathlp.dll) on Windows XP SP2, when Internet Connection Sharing is enabled, allows remote attackers to cause a denial of service (svchost.exe crash) via a malformed DNS query, which results in a null pointer dereference. | ||||
| CVE-2006-5615 | 1 Textpattern | 1 Textpattern | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in publish.php in Textpattern 1.19, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the txpcfg[txpath] parameter. | ||||
| CVE-2006-5617 | 1 Thepeak | 1 Thepeak File Upload Manager | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in Thepeak File Upload Manager 1.3 allows remote attackers to read or download arbitrary files via a base64-encoded file path containing a .. (dot dot) sequence in the file parameter. | ||||