Total
29944 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-0405 | 1 Libtiff | 1 Libtiff | 2026-04-16 | N/A |
| The TIFFFetchShortPair function in tif_dirread.c in libtiff 3.8.0 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers a NULL pointer dereference, possibly due to changes in type declarations and/or the TIFFVSetField function. | ||||
| CVE-2005-0133 | 1 Clam Anti-virus | 1 Clamav | 2026-04-16 | N/A |
| ClamAV 0.80 and earlier allows remote attackers to cause a denial of service (clamd daemon crash) via a ZIP file with malformed headers. | ||||
| CVE-2006-4073 | 1 Phpcc | 1 Phpcc | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Fabian Hainz phpCC Beta 4.2 allow remote attackers to execute arbitrary PHP code via a URL in the base_dir parameter to (1) login.php, (2) reactivate.php, or (3) register.php. | ||||
| CVE-2005-0182 | 1 Mod Dosevasive | 1 Mod Dosevasive | 2026-04-16 | N/A |
| The mod_dosevasive module 1.9 and earlier for Apache creates temporary files with predictable filenames, which could allow remote attackers to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2005-3866 | 1 Wwwsearchsolutions | 1 Searchfeed Search Engine | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in SearchFeed Search Engine 1.3.2 and earlier allows remote attackers to inject arbitrary HTML and web script, possibly via the REQ parameter, which is used when performing a search. | ||||
| CVE-2005-3869 | 1 Google | 1 Api Search | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Google API Search 1.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via hex-encoded values in the REQ parameter. | ||||
| CVE-2006-4081 | 1 Barracuda Networks | 1 Barracuda Spam Firewall | 2026-04-16 | N/A |
| preview_email.cgi in Barracuda Spam Firewall (BSF) 3.3.01.001 through 3.3.03.053 allows remote attackers to execute commands via shell metacharacters ("|" pipe symbol) in the file parameter. NOTE: the attack can be extended to arbitrary commands by the presence of CVE-2006-4000. | ||||
| CVE-2006-0457 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| Race condition in the (1) add_key, (2) request_key, and (3) keyctl functions in Linux kernel 2.6.x allows local users to cause a denial of service (crash) or read sensitive kernel memory by modifying the length of a string argument between the time that the kernel calculates the length and when it copies the data into kernel memory. | ||||
| CVE-2005-0265 | 1 Owl | 1 Owl Intranet Engine | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in browse.php in OWL 0.7 and 0.8 allow remote attackers to execute arbitrary SQL commands via the (1) parent or (2) sortposted parameter. | ||||
| CVE-2005-0234 | 1 Apple | 1 Safari | 2026-04-16 | N/A |
| The International Domain Name (IDN) support in Safari 1.2.5 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks. | ||||
| CVE-2006-0458 | 1 Irssi | 1 Irssi | 2026-04-16 | N/A |
| The DCC ACCEPT command handler in irssi before 0.8.9+0.8.10rc5-0ubuntu4.1 in Ubuntu Linux, and possibly other distributions, allows remote attackers to cause a denial of service (application crash) via certain crafted arguments in a DCC command. | ||||
| CVE-2006-0462 | 1 Andonet | 1 Andonet Blog | 2026-04-16 | N/A |
| SQL injection vulnerability in comentarios.php in AndoNET Blog 2004.09.02 allows remote attackers to execute arbitrary SQL commands via the entrada parameter. | ||||
| CVE-2005-0267 | 1 Flatnuke | 1 Flatnuke | 2026-04-16 | N/A |
| index.php in FlatNuke 2.5.1 allows remote attackers to create an administrator account via carriage returns and #10 in the url_avatar field, which is interpreted as a sensitive directive. | ||||
| CVE-2005-3872 | 1 Ugroup | 1 Ugroup | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Ugroup 2.6.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) FORUM_ID parameter in forum.php, and the (2) TOPIC_ID, (3) FORUM_ID, and (4) CAT_ID parameters in topic.php. | ||||
| CVE-2006-0471 | 1 My Little Homepage | 1 My Little Forum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the bbcode function in functions.php in my little homepage my little forum, as last modified in June 2005, allows remote attackers to inject arbitrary Javascript via a javascript URI in BBcode link tags. | ||||
| CVE-2005-0330 | 1 People Can Fly | 1 Painkiller | 2026-04-16 | N/A |
| Buffer overflow in Painkiller 1.35 and earlier, and possibly other versions before 1.61, allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via a long cd-key hash. | ||||
| CVE-2006-0474 | 1 Shareaza | 1 Shareaza | 2026-04-16 | N/A |
| Multiple integer overflows in Shareaza 2.2.1.0 allow remote attackers to execute arbitrary code via (1) a large packet length field, which causes an overflow in the ReadBuffer function in (a) BTPacket.cpp and (b) EDPacket.cpp, or (2) a large packet, which causes a heap-based overflow in the Write function in (c) Packet.h. | ||||
| CVE-2005-0302 | 1 Comersus Open Technologies | 1 Comersus Backoffice Lite | 2026-04-16 | N/A |
| SQL injection vulnerability in default.asp in BackOffice Lite 6.0 and 6.01 allows remote attackers to execute arbitrary SQL commands via the referer field in the HTTP header. | ||||
| CVE-2006-4106 | 1 Blursoft | 1 Blur6ex | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in blursoft blur6ex 0.3 allows remote attackers to inject arbitrary web script or HTML via a comment title. | ||||
| CVE-2005-0326 | 1 Php Arena | 1 Pafiledb | 2026-04-16 | N/A |
| pafiledb.php in PaFileDB 3.1 allows remote attackers to gain sensitive information via an invalid or missing action parameter, which reveals the path in an error message when it cannot include a login.php script. | ||||