Total
29944 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-1009 | 1 M4 Project | 1 Enigma-suite | 2026-04-16 | N/A |
| M4 Project enigma-suite before 0.73.3 (Windows) has a default password of "nominal" for the "enigma-client" account, which allows local users to gain access. | ||||
| CVE-2006-1025 | 1 Addsoft | 1 Storebot | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in manage.asp in Addsoft StoreBot 2002 Standard allows remote attackers to inject arbitrary web script or HTML via the ShipMethod parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-1073 | 1 Simplog | 1 Simplog | 2026-04-16 | N/A |
| Directory traversal vulnerability in index.php in Daverave Simplog 1.0.2 and earlier allows remote attackers to include or read arbitrary .txt files via the (1) act and (2) blogid parameters. | ||||
| CVE-2002-1001 | 1 Analogx | 1 Proxy | 2026-04-16 | N/A |
| Buffer overflows in AnalogX Proxy before 4.12 allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long HTTP request to TCP port 6588 or (2) a SOCKS 4A request to TCP port 1080 with a long DNS hostname. | ||||
| CVE-2006-1065 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-16 | N/A |
| SQL injection vulnerability in search.php in MyBulletinBoard (MyBB) 1.04 allows remote attackers to execute arbitrary SQL commands via the forums[] parameter. | ||||
| CVE-2002-1003 | 1 Mywebserver | 1 Mywebserver | 2026-04-16 | N/A |
| Buffer overflow in MyWebServer 1.02 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | ||||
| CVE-2006-1155 | 1 Manas Tungare | 1 Site Membership Script | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in manas tungare Site Membership Script before 8 March, 2006 allows remote attackers to inject arbitrary web script or HTML via the Error parameter in (1) login.asp and (2) default.asp. | ||||
| CVE-2006-1166 | 1 Monotone | 1 Monotone | 2026-04-16 | N/A |
| Monotone 0.25 and earlier, when a user creates a file in a directory called "mt", and when checking out that file on a case-insensitive file system such as Windows or Mac OS X, places the file into the "MT" bookkeeping directory, which could allow context-dependent attackers to execute arbitrary Lua programs as the user running monotone. | ||||
| CVE-2006-1163 | 1 Nodez | 1 Nodez | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Nodez 4.6.1.1 allows remote attackers to inject arbitrary web script or HTML via the op parameter. NOTE: it is possible that this issue is resultant from the directory traversal vulnerability. | ||||
| CVE-2006-1342 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| net/ipv4/af_inet.c in Linux kernel 2.4 does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the (1) getsockname, (2) getpeername, and (3) accept functions, which allows local users to obtain portions of potentially sensitive memory. | ||||
| CVE-2006-1185 | 2 Canon, Microsoft | 3 Network Camera Server Vb101, Ie, Internet Explorer | 2026-04-16 | N/A |
| Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via certain invalid HTML that causes memory corruption. | ||||
| CVE-2006-1233 | 1 Mikael Software | 1 Wmnews | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in WMNews allow remote attackers to inject arbitrary web script or HTML via the (1) ArtCat parameter to wmview.php, (2) ctrrowcol parameter to footer.php, or (3) ArtID parameter to wmcomments.php. | ||||
| CVE-2002-1004 | 1 Argosoft | 1 Argosoft Mail Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in webmail feature of ArGoSoft Mail Server Plus or Pro 1.8.1.5 and earlier allows remote attackers to read arbitrary files via .. (dot dot) sequences in a URL. | ||||
| CVE-2006-1268 | 1 Funkwerk | 1 X2300 | 2026-04-16 | N/A |
| The Internet Key Exchange implementation in Funkwerk X2300 7.2.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. | ||||
| CVE-2006-1297 | 1 Symantec Veritas | 2 Backup Exec, Backup Exec Remote Agent | 2026-04-16 | N/A |
| Unspecified vulnerability in Veritas Backup Exec for Windows Server Remote Agent 9.1 through 10.1, for Netware Servers and Remote Agent 9.1 and 9.2, and Remote Agent for Linux Servers 10.0 and 10.1 allow attackers to cause a denial of service (application crash or unavailability) due to "memory errors." | ||||
| CVE-2002-1005 | 1 Argosoft | 1 Argosoft Mail Server | 2026-04-16 | N/A |
| ArGoSoft Mail Server 1.8.1.7 and earlier allows a webmail user to cause a denial of service (CPU consumption) by forwarding the email to the user while autoresponse is enabled, which creates an infinite loop. | ||||
| CVE-2006-2813 | 1 Ishopcart | 1 Ishopcart | 2026-04-16 | N/A |
| Directory traversal vulnerability in easy-scart.cgi in iShopCart allows remote attackers to read arbitrary files via a .. (dot dot) in the query string. | ||||
| CVE-2006-1352 | 1 Bea | 1 Weblogic Server | 2026-04-16 | N/A |
| BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP6 and earlier, and WebLogic Server 6.1 SP7 and earlier allow remote attackers to cause a denial of service (memory exhaustion) via crafted non-canonicalized XML documents. | ||||
| CVE-2006-1350 | 1 Articlesone | 1 99articles Directory | 2026-04-16 | N/A |
| PHP remote file include vulnerability in index.php in 99Articles.com (aka ArticlesOne.com) Free articles directory allows remote attackers to include and execute arbitrary PHP code via a URL in the page parameter. | ||||
| CVE-2006-1354 | 2 Freeradius, Redhat | 2 Freeradius, Enterprise Linux | 2026-04-16 | N/A |
| Unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows remote attackers to bypass authentication or cause a denial of service (server crash) via "Insufficient input validation" in the EAP-MSCHAPv2 state machine module. | ||||