Filtered by NVD-CWE-Other
Total 29947 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2005-1543 1 Novell 5 Zenworks, Zenworks Desktops, Zenworks Remote Management and 2 more 2026-04-16 N/A
Multiple stack-based and heap-based buffer overflows in Remote Management authentication (zenrem32.exe) on Novell ZENworks 6.5 Desktop and Server Management, ZENworks for Desktops 4.x, ZENworks for Servers 3.x, and Remote Management allows remote attackers to execute arbitrary code via (1) unspecified vectors, (2) type 1 authentication requests, and (3) type 2 authentication requests.
CVE-2006-2354 1 Ipswitch 1 Whatsup Professional 2026-04-16 N/A
NmConsole/Login.asp in Ipswitch WhatsUp Professional 2006 and Ipswitch WhatsUp Professional 2006 Premium generates different error messages in a way that allows remote attackers to enumerate valid usernames. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2000-0169 1 Oracle 1 Application Server 2026-04-16 N/A
Batch files in the Oracle web listener ows-bin directory allow remote attackers to execute commands via a malformed URL that includes '?&'.
CVE-2000-0174 1 Sun 1 Staroffice 2026-04-16 N/A
StarOffice StarScheduler web server allows remote attackers to read arbitrary files via a .. (dot dot) attack.
CVE-2006-2422 1 Coinsoft Technologies 1 Phpcoin 2026-04-16 N/A
phpCOIN 1.2.3 and earlier stores messages based upon e-mail addresses, which allows remote authenticated users to read messages for other users by adding the sender's e-mail address as an "additional contact".
CVE-2006-2464 1 Bea 1 Weblogic Server 2026-04-16 N/A
stopWebLogic.sh in BEA WebLogic Server 8.1 before Service Pack 4 and 7.0 before Service Pack 6 displays the administrator password to stdout when executed, which allows local users to obtain the password by viewing a local display.
CVE-2006-2463 1 Out Of The Trees Web Design 1 Selectapix 2026-04-16 N/A
view_album.php in SelectaPix 1.31 and earlier allows remote attackers to obtain the installation path via a certain request, which displays the path in an error message, possibly due to an invalid or missing parameter.
CVE-2006-2467 1 Bea 1 Weblogic Server 2026-04-16 N/A
BEA WebLogic Server 8.1 up to SP4, 7.0 up to SP6, and 6.1 up to SP7 displays the internal IP address of the WebLogic server in the WebLogic Server Administration Console, which allows remote authenticated administrators to determine the address.
CVE-2006-2509 1 Yourfreeworld 1 Short Url And Url Tracker Script 2026-04-16 N/A
SQL injection vulnerability in login.php in YourFreeWorld.com Short Url & Url Tracker Script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2004-2110 1 Phorum 1 Phorum 2026-04-16 N/A
SQL injection vulnerability in register.php in Phorum before 3.4.6 allows remote attackers to execute arbitrary SQL commands via the hide_email parameter.
CVE-2006-2579 1 Hp 1 Openview Storage Data Protector 2026-04-16 N/A
Unspecified vulnerability in HP OpenView Storage Data Protector 5.1 and 5.5 allows remote attackers to execute arbitrary code via unknown vectors.
CVE-2006-2666 1 V-webmail 1 V-webmail 2026-04-16 N/A
PHP remote file inclusion vulnerability in includes/mailaccess/pop3.php in V-Webmail 1.5 through 1.6.4 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[pear_dir] parameter.
CVE-2004-2118 1 Tinyserver 1 Tinyserver 2026-04-16 N/A
Tiny Server 1.1 allows remote attackers to cause a denial of service (crash) via a GET request with a long filename, possibly due to a buffer overflow.
CVE-2001-1406 2 Mozilla, Redhat 2 Bugzilla, Powertools 2026-04-16 N/A
process_bug.cgi in Bugzilla before 2.14 does not set the "groupset" bit when a bug is moved between product groups, which will cause the bug to have the old group's restrictions, which might not be as stringent.
CVE-2006-2698 1 Geeklog 1 Geeklog 2026-04-16 N/A
Geeklog 1.4.0sr2 and earlier allows remote attackers to obtain the full installation path via a direct request and possibly invalid arguments to (1) layout/professional/functions.php or (2) getimage.php.
CVE-2006-2776 2 Mozilla, Redhat 3 Firefox, Thunderbird, Enterprise Linux 2026-04-16 N/A
Certain privileged UI code in Mozilla Firefox and Thunderbird before 1.5.0.4 calls content-defined setters on an object prototype, which allows remote attackers to execute code at a higher privilege than intended.
CVE-2006-2817 1 Tekno.portal 1 Tekno.portal 2026-04-16 N/A
SQL injection vulnerability in bolum.php in tekno.Portal allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2000-0186 4 Freebsd, Mandrakesoft, Redhat and 1 more 4 Freebsd, Mandrake Linux, Linux and 1 more 2026-04-16 N/A
Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument.
CVE-2006-2874 1 Osads Alliance Database 1 Osads Alliance Database 2026-04-16 N/A
Unspecified vulnerability in OSADS Alliance Database before 1.4 has unknown impact and attack vectors related to a "Security Leak to lock in HTML-Code," possibly due to a cross-site scripting (XSS) vulnerability involving comments.
CVE-2000-0195 1 Corel 1 Linux 2026-04-16 N/A
setxconf in Corel Linux allows local users to gain root access via the -T parameter, which executes the user's .xserverrc file.