Filtered by NVD-CWE-Other
Total 29947 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2007-0510 1 Awffull 1 Awffull 2026-04-23 N/A
Multiple buffer overflows in (1) graphs.c, (2) output.c, and (3) preserve.c in AWFFull 3.7.1 and earlier have unknown impact and attack vectors. NOTE: some of these details are obtained from third party information. NOTE: There may not be any attack vector that crosses privilege boundaries.
CVE-2006-5794 2 Openbsd, Redhat 2 Openssh, Enterprise Linux 2026-04-23 N/A
Unspecified vulnerability in the sshd Privilege Separation Monitor in OpenSSH before 4.5 causes weaker verification that authentication has been successful, which might allow attackers to bypass authentication. NOTE: as of 20061108, it is believed that this issue is only exploitable by leveraging vulnerabilities in the unprivileged process, which are not known to exist.
CVE-2006-5796 1 Soholaunch 1 Soholaunch Pro Edition 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in Soholaunch Pro Edition 4.9 r46 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the _SESSION[docroot_path] parameter to (1) includes/shared_functions.php or (2) client_files/shopping_cart/pgm-shopping_css.inc.php.
CVE-2006-5797 1 Xenis 1 Xenis.creator Cms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in default.asp in Xenis.creator CMS allow remote attackers to execute arbitrary SQL commands via the (1) nav, (2) s, or (3) print parameters.
CVE-2006-5798 1 Xenis 1 Xenis.creator Cms 2026-04-23 N/A
SQL injection vulnerability in default.asp in Xenis.creator CMS allows remote attackers to execute arbitrary SQL commands via the contid parameter.
CVE-2006-5801 1 Owfs 1 Owfs 2026-04-23 N/A
The owserver module in owfs and owhttpd 2.5p5 and earlier does not properly check the path type, which allows attackers to cause a denial of service (application crash) related to use of the path in owshell.
CVE-2007-0511 1 Phpxmldom 1 Phpxmldom 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in phpXMLDOM (phpXD) 0.3 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) dom.php, (2) dtd.php, or (3) parser.php in include/.
CVE-2006-5802 1 The Web Drivers 1 Simple Forum 2026-04-23 N/A
SQL injection vulnerability in message_details.php in The Web Drivers Simple Forum, dated 20060318, allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-0513 1 Hitachi 5 Hirdb Datareplicator, Hirdb Parallel Server, Hirdb Single Server and 2 more 2026-04-23 N/A
Hitachi HiRDB Datareplicator 7HiRDB, 7(64), 6, 6(64), 5.0, and 5.0(64); and various products that bundle HiRDB Datareplicator; allows attackers to cause a denial of service (CPU consumption) via certain data.
CVE-2006-5809 1 Jonathon J. Freeman 1 Ovbb 2026-04-23 N/A
Multiple unspecified vulnerabilities in Jonathon J. Freeman OvBB before 0.13a have unknown impact and attack vectors.
CVE-2006-5811 1 Openemr 1 Openemr 2026-04-23 N/A
PHP remote file inclusion vulnerability in library/translation.inc.php in OpenEMR 2.8.1, with register_globals enabled, allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[srcdir] parameter.
CVE-2007-1266 1 Gnome 1 Evolution 2026-04-23 N/A
Evolution 2.8.1 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Evolution from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message without detection.
CVE-2006-5812 1 Kerio 1 Kerio Mailserver 2026-04-23 N/A
Unspecified vulnerability in Kerio MailServer allows attackers to cause a denial of service, as demonstrated by vd_kms4.pm, a "Kerio MailServer DoS." NOTE: As of 20061108, this disclosure has no actionable information. However, since it is from a reliable researcher, it is being assigned a CVE identifier for tracking purposes.
CVE-2007-0538 1 Telligent Systems 1 Community Server Forums 2026-04-23 N/A
Telligent Community Server 2.1 and earlier allows remote attackers to cause a denial of service (bandwidth or thread consumption) via pingback service calls with a source URI that corresponds to (1) a large file, which triggers a long download session without a timeout constraint; or (2) a file with a binary content type, which is downloaded even though it cannot contain usable pingback data.
CVE-2006-5814 1 Novell 1 Edirectory 2026-04-23 N/A
Unspecified vulnerability in Novell eDirectory allows remote attackers to execute arbitrary code, as demonstrated by vd_novell.pm, a "Novell eDirectory remote exploit." NOTE: As of 20061108, this disclosure has no actionable information. However, since it is from a reliable researcher, it is being assigned a CVE identifier for tracking purposes.
CVE-2006-5816 1 Dmitry Sheiko 1 Business Card Web Builder 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in Dmitry Sheiko Business Card Web Builder (BCWB) 2.5 allow remote attackers to execute arbitrary PHP code via a URL in the root_path_admin parameter to (1) /include/startup.inc.php, (2) dcontent/default.css.php, or (3) system/default.css.php, different vectors than CVE-2006-4946.
CVE-2007-0540 1 Wordpress 1 Wordpress 2026-04-23 N/A
WordPress allows remote attackers to cause a denial of service (bandwidth or thread consumption) via pingback service calls with a source URI that corresponds to a file with a binary content type, which is downloaded even though it cannot contain usable pingback data.
CVE-2006-5817 1 Parallels 1 Parallels Desktop 2026-04-23 N/A
prl_dhcpd in Parallels Desktop for Mac Build 1940 uses insecure permissions (0666) for /Library/Parallels/.dhcpd_configuration, which allows local users to modify DHCP configuration.
CVE-2006-5818 1 Ibm 1 Lotus Domino 2026-04-23 N/A
Multiple buffer overflows in tunekrnl in IBM Lotus Domino 6.x before 6.5.5 FP2 and 7.x before 7.0.2 allow local users to gain privileges and execute arbitrary code via unspecified vectors.
CVE-2006-5820 1 Aol 1 Aol 2026-04-23 N/A
The LinkSBIcons method in the SuperBuddy ActiveX control (Sb.SuperBuddy.1) in America Online 9.0 Security Edition dereferences an arbitrary function pointer, which allows remote attackers to execute arbitrary code via a modified pointer value.