ReportizFlow
Filtered by vendor
Subscriptions
Total
29909 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-3943 | 1 Microsoft | 1 Ie | 2026-04-16 | N/A |
| Stack-based buffer overflow in NDFXArtEffects in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) via long (1) RGBExtraColor, (2) RGBForeColor, and (3) RGBBackColor properties. | ||||
| CVE-2006-3953 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in usercp.php in MyBB (aka MyBulletinBoard) 1.x allows remote attackers to inject arbitrary web script or HTML via the gallery parameter. | ||||
| CVE-2006-3956 | 1 Total Online Solutions | 1 Advanced Webhost Billing System | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in contact.php in Advanced Webhost Billing System (AWBS) 2.2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Name, (2) AccountUsername and (3) Message parameters. | ||||
| CVE-2004-0925 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Postfix on Mac OS X 10.3.x through 10.3.5, with SMTPD AUTH enabled, does not properly clear the username between authentication attempts, which allows users with the longest username to prevent other valid users from being able to authenticate. | ||||
| CVE-2006-3982 | 1 Knusperleicht | 1 Quickie | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in quickie.php in Knusperleicht Quickie, probably 0.2, allows remote attackers to execute arbitrary PHP code via a URL in the QUICK_PATH parameter. | ||||
| CVE-2004-0926 | 2 Apple, Easy Software Products | 3 Mac Os X, Mac Os X Server, Cups | 2026-04-16 | N/A |
| Heap-based buffer overflow in Apple QuickTime on Mac OS 10.2.8 through 10.3.5 may allow remote attackers to execute arbitrary code via a certain BMP image. | ||||
| CVE-2006-3992 | 1 Intel | 2 2200bg Proset Wireless, 2915abg Proset Wireless | 2026-04-16 | N/A |
| Unspecified vulnerability in the Centrino (1) w22n50.sys, (2) w22n51.sys, (3) w29n50.sys, and (4) w29n51.sys Microsoft Windows drivers for Intel 2200BG and 2915ABG PRO/Wireless Network Connection before 10.5 with driver 9.0.4.16 allows remote attackers to execute arbitrary code via certain frames that trigger memory corruption. | ||||
| CVE-2005-0419 | 1 3com | 1 3cserver | 2026-04-16 | N/A |
| Multiple heap-based buffer overflows in 3Com 3CServer allow remote authenticated users to execute arbitrary code via long FTP commands, as demonstrated using the STAT command. | ||||
| CVE-2006-3200 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Unspecified versions of Internet Explorer allow remote attackers to cause a denial of service (crash) via an IFRAME with a src tag containing a "File://" URI followed by an 8-bit character. NOTE: some third parties were unable to verify this issue. | ||||
| CVE-2006-4014 | 1 Symantec | 1 Brightmail Antispam | 2026-04-16 | N/A |
| Symantec Brightmail AntiSpam (SBAS) before 6.0.4, when the Control Center is allowed to connect from any computer, allows remote attackers to cause a denial of service (application freeze) "by sending invalid posts". | ||||
| CVE-2006-4033 | 1 Lhaplus | 1 Lhaplus | 2026-04-16 | N/A |
| Heap-based buffer overflow in Lhaplus.exe in Lhaplus 1.52, and possibly earlier versions, allows remote attackers to execute arbitrary code via an LZH archive with a long header, as specified by the extendedHeaderSize. | ||||
| CVE-2006-4063 | 1 Csaba Godor | 1 Sapid Blog Beta 2 | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Csaba Godor SAPID Blog Beta 2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) root_path parameter to (a) usr/extensions/get_blog_infochannel.inc.php, (b) usr/extensions/get_blog_meta_info.inc.php, or (c) usr/extensions/get_infochannel.inc.php; or the (2) GLOBALS[root_path] parameter to (d) usr/extensions/get_tree.inc.php. | ||||
| CVE-2006-4140 | 1 Ipcheck | 1 Server Monitor | 2026-04-16 | N/A |
| Directory traversal vulnerability in IPCheck Server Monitor before 5.3.3.639/640 allows remote attackers to read arbitrary files via modified .. (dot dot) sequences in the URL, including (1) "..%2f" (encoded "/" slash), "..../" (multiple dot), and "..%255c../" (double-encoded "\" backslash). | ||||
| CVE-2006-4172 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| Integer overflow vulnerability in the i386_set_ldt call in FreeBSD 5.5, and possibly earlier versions down to 5.2, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2006-4178. | ||||
| CVE-2006-4203 | 1 Mamboxchange | 1 Mambo Email Publisher | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in help.mmp.php in the MMP Component (com_mmp) 1.2 and earlier for Mambo allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| CVE-2006-4208 | 1 Skippy.net | 1 Wp-db Backup Plugin For Wordpress | 2026-04-16 | N/A |
| Directory traversal vulnerability in wp-db-backup.php in Skippy WP-DB-Backup plugin for WordPress 1.7 and earlier allows remote authenticated users with administrative privileges to read arbitrary files via a .. (dot dot) in the backup parameter to edit.php. | ||||
| CVE-2006-4210 | 1 Andreas Kansok | 1 Phpay | 2026-04-16 | N/A |
| nu_mail.inc.php in Andreas Kansok phPay 2.02 and 2.02.1, when register_globals is enabled, allows remote attackers to use the server as an open mail relay via modified mail_text2, user_row[5], nu_mail_1, and shop_mail parameters. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2001-0979 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Buffer overflow in swverify in HP-UX 11.0, and possibly other programs, allows local users to gain privileges via a long command line argument. | ||||
| CVE-2006-4229 | 2 Joomla, Mambo | 2 Moslistmessenger Component, Moslistmessenger Component | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in archive.php in the mosListMessenger Component (com_lm) before 20060719 for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| CVE-2006-4231 | 1 Irfanview | 1 Irfanview | 2026-04-16 | N/A |
| IrfanView 3.98 (with plugins) allows remote attackers to cause a denial of service (application crash) via a crafted CUR image file. | ||||