Total
29918 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-1835 | 1 Php | 1 Php | 2026-04-23 | N/A |
| PHP 4 before 4.4.5 and PHP 5 before 5.2.1, when using an empty session save path (session.save_path), uses the TMPDIR default after checking the restrictions, which allows local users to bypass open_basedir restrictions. | ||||
| CVE-2006-5642 | 1 Nmnlogger | 1 Nmnlogger | 2026-04-23 | N/A |
| Unspecified vulnerability in NmnLogger 1.0.0 and earlier has unknown impact and attack vectors related to configuration of mesasge drivers. | ||||
| CVE-2006-5643 | 1 Foresite Cms | 1 Foresite Cms | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in search_de.html in foresite CMS allows remote attackers to inject arbitrary web script or HTML via the query parameter. | ||||
| CVE-2007-1837 | 1 Mangobery Cms | 1 Mangobery Cms | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in MangoBery CMS 0.5.5 allow remote attackers to execute arbitrary PHP code via a URL in the Site_Path parameter to (1) boxes/quotes.php or (2) templates/mangobery/footer.sample.php. | ||||
| CVE-2006-5657 | 1 Vilistextum | 1 Vilistextum | 2026-04-23 | N/A |
| Multiple off-by-one errors in src/text.c in Vilistextum before 2.6.9 have unknown impact and attack vectors. | ||||
| CVE-2006-5672 | 1 Mysource Cms | 1 Mysource Cms | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in web/init_mysource.php in MySource CMS 2.16.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the INCLUDE_PATH parameter. | ||||
| CVE-2006-5680 | 1 Freebsd | 1 Freebsd | 2026-04-23 | N/A |
| The libarchive library in FreeBSD 6-STABLE after 2006-09-05 and before 2006-11-08 allows context-dependent attackers to cause a denial of service (CPU consumption) via a malformed archive that causes libarchive to skip a region past the actual end of the archive, which triggers an infinite loop that attempts to read more data. | ||||
| CVE-2006-7207 | 1 Ageet | 1 Agephone | 2026-04-23 | N/A |
| Buffer overflow in ageet AGEphone before 1.4.0 might allow remote attackers to have an unknown impact via unspecified vectors. | ||||
| CVE-2006-5715 | 1 Efs Software | 1 Easy Address Book | 2026-04-23 | N/A |
| Easy File Sharing (EFS) Easy Address Book 1.2, when run on an NTFS file system, allows remote attackers to read arbitrary files under the web root by appending "::$DATA" to the end of an HTTP GET request, which accesses the alternate data stream. | ||||
| CVE-2006-5716 | 1 Freenews | 1 Freenews | 2026-04-23 | N/A |
| Directory traversal vulnerability in aff_news.php in FreeNews 2.1 allows remote attackers to include local files via a .. (dot dot) sequence in the chemin parameter, when the aff_news parameter is not set to "1." | ||||
| CVE-2006-5711 | 1 Eci Telecom | 1 B-focus Wireless 802.11bg Adsl2\+ Router | 2026-04-23 | N/A |
| ECI Telecom B-FOCuS Wireless 802.11b/g ADSL2+ Router allows remote attackers to read arbitrary files via a certain HTTP request, as demonstrated by a request for a router configuration file, related to the /html/defs/ URI. | ||||
| CVE-2006-5714 | 1 Efs Software | 1 Efs Web Server | 2026-04-23 | N/A |
| Easy File Sharing (EFS) Web Server 4.0, when running on an NTFS file system, allows remote attackers to read arbitrary files under the web root by appending "::$DATA" to the end of a HTTP GET request, which accesses the alternate data stream. | ||||
| CVE-2007-1844 | 1 Avatic | 1 Aardvark Topsites Php | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Aardvark Topsites PHP 5 allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) button/settings_sql.php, (2) settings_sql.php, and (3) sources/misc/new_day.php. | ||||
| CVE-2006-5721 | 1 Agnitum | 1 Outpost Firewall | 2026-04-23 | N/A |
| The \Device\SandBox driver in Outpost Firewall PRO 4.0 (964.582.059) allows local users to cause a denial of service (system crash) via an invalid argument to the DeviceIoControl function that triggers an invalid memory operation. | ||||
| CVE-2006-5743 | 1 Mobilesecure | 2 Highwall Endpoint, Highwall Enterprise | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Highwall Enterprise and Highwall Endpoint 4.0.2.11045 management interface allow remote attackers to inject arbitrary web script or HTML via (1) an Access Point with a crafted SSID, (2) the name of the sensor WIDS, (3) the name of the Highwall EndPoint workstation, or other unspecified vectors. | ||||
| CVE-2006-5746 | 1 Airmagnet | 1 Enterprise | 2026-04-23 | N/A |
| The console in AirMagnet Enterprise before 7.5 build 6307 does not properly validate the Enterprise Server certificate, which allows remote attackers to read network traffic via a man-in-the-middle (MITM) attack, possibly related to the use of self-signed certificates. | ||||
| CVE-2006-5747 | 2 Mozilla, Redhat | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2026-04-23 | N/A |
| Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allows remote attackers to execute arbitrary code via the XML.prototype.hasOwnProperty JavaScript function. | ||||
| CVE-2006-5751 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-23 | N/A |
| Integer overflow in the get_fdb_entries function in net/bridge/br_ioctl.c in the Linux kernel before 2.6.18.4 allows local users to execute arbitrary code via a large maxnum value in an ioctl request. | ||||
| CVE-2006-5759 | 1 Rhadrix | 1 If-cms | 2026-04-23 | N/A |
| index.php in Rhadrix If-CMS, possibly 1.01 and 2.07, allows remote attackers to obtain the full path of the web server via empty (1) rns[] or (2) pag[] arguments, which reveals the path in an error message. | ||||
| CVE-2009-0550 | 1 Microsoft | 7 Ie, Internet Explorer, Windows 2000 and 4 more | 2026-04-23 | N/A |
| Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008; and WinINet in Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008; allows remote web servers to capture and replay NTLM credentials, and execute arbitrary code, via vectors related to absence of a "credential-reflection protections" opt-in step, aka "Windows HTTP Services Credential Reflection Vulnerability" and "WinINet Credential Reflection Vulnerability." | ||||