Filtered by NVD-CWE-Other
Total 29947 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2006-4337 2 Gzip, Redhat 2 Gzip, Enterprise Linux 2026-04-16 N/A
Buffer overflow in the make_table function in the LHZ component in gzip 1.3.5 allows context-dependent attackers to execute arbitrary code via a crafted decoding table in a GZIP archive.
CVE-2006-4348 1 Kochsuite Component 1 Kochsuite Component 2026-04-16 N/A
PHP remote file inclusion vulnerability in config.kochsuite.php in the Kochsuite (com_kochsuite) 0.9.4 component for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVE-2006-4355 1 Drupal 1 Drupal Easylinks Module 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Drupal Easylinks Module (easylinks.module) 4.7 before 1.5.2.1 2006/08/19 12:02:27 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2006-4360 1 Drupal 1 Drupal E-commerce Module 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in E-commerce 4.7 for Drupal before file.module 1.37.2.4 (20060812) allows remote authenticated users with the "create products" permission to inject arbitrary web script or HTML via unspecified vectors.
CVE-2006-4367 1 All Topics 1 All Topics Hack 2026-04-16 N/A
SQL injection vulnerability in alltopics.php in the All Topics Hack 1.5.0 and earlier for phpBB 2.0.21 allows remote attackers to execute arbitrary SQL commands via the start parameter.
CVE-2006-4371 1 Alt-n 1 Webadmin 2026-04-16 N/A
Multiple directory traversal vulnerabilities in Alt-N WebAdmin 3.2.3 and 3.2.4 running with MDaemon 9.0.5, and possibly earlier, allow remote authenticated global administrators to read arbitrary files via a .. (dot dot) in the file parameter to (1) logfile_view.wdm and (2) configfile_view.wdm.
CVE-2006-4376 1 Guder Und Koch Netzwerktechnik 1 Eichhorn Portal 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Guder und Koch Netzwerktechnik Eichhorn Portal allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly including the (1) profil_nr and (2) sprache parameters in the main portion of the portal, the (3) suchstring field in suchForm in the main portion of the portal, the (4) GaleryKey and (5) Breadcrumbs parameters in the gallerie module, and the (6) GGBNSaction parameter in the ggbns module.
CVE-2006-4377 1 Guder Und Koch Netzwerktechnik 1 Eichhorn Portal 2026-04-16 N/A
Multiple SQL injection vulnerabilities in Guder und Koch Netzwerktechnik Eichhorn Portal allow remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly including the (1) profil_nr and (2) sprache parameters in the main portion of the portal, the (3) suchstring field in suchForm in the main portion of the portal, the (4) GaleryKey and (5) Breadcrumbs parameters in the gallerie module, and the (6) GGBNSaction parameter in the ggbns module.
CVE-2006-4380 2 Mysql, Redhat 2 Mysql, Enterprise Linux 2026-04-16 N/A
MySQL before 4.1.13 allows local users to cause a denial of service (persistent replication slave crash) via a query with multiupdate and subselects.
CVE-2006-4384 1 Apple 1 Quicktime 2026-04-16 N/A
Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via the COLOR_64 chunk in a FLIC (FLC) movie.
CVE-2006-4389 1 Apple 1 Quicktime 2026-04-16 N/A
Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted FlashPix (FPX) file, which triggers an exception that leads to an operation on an uninitialized object.
CVE-2006-4429 1 Phlymail 1 Phlymail Lite 2026-04-16 N/A
PHP remote file inclusion vulnerability in handlers/email/mod.output.php in PHlyMail Lite 3.4.4 and earlier (Build 3.04.04) allows remote attackers to execute arbitrary PHP code via a URL in the _PM_[path][handler] parameter, a different vector than CVE-2006-4291. NOTE: This issue has been disputed by a third party, who states that the _IN_PHM_ declaration prevents this file from being called directly
CVE-1999-0750 1 Microsoft 1 Hotmail 2026-04-16 N/A
Hotmail allows Javascript to be executed via the HTML STYLE tag, allowing remote attackers to execute commands on the user's Hotmail account.
CVE-2006-4432 1 Zend 1 Zend Platform 2026-04-16 N/A
Directory traversal vulnerability in Zend Platform 2.2.1 and earlier allows remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in the final component of the PHP session identifier (PHPSESSID). NOTE: in some cases, this issue can be leveraged to perform direct static code injection.
CVE-2006-4437 1 Venture Nine 1 Tagger Le 2026-04-16 N/A
Eval injection vulnerability in Tagger LE allows remote attackers to execute arbitrary PHP code via the query string in (1) tags.php, (2) sign.php, and (3) admin/index.php.
CVE-2006-4439 1 Sun 1 Solaris 2026-04-16 N/A
pkgadd in Sun Solaris 10 before 20060825 installs files with insecure file and directory permissions (755 or 777) if the pkgmap file contains a "?" (question mark) in the mode field, which allows local users to modify arbitrary files or directories, a different vulnerability than CVE-2002-1871.
CVE-2005-0010 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2026-04-16 N/A
Unknown vulnerability in the MMSE dissector in Ethereal 0.10.4 through 0.10.8 allows remote attackers to cause a denial of service by triggering a free of statically allocated memory.
CVE-2006-4446 1 Microsoft 1 Ie 2026-04-16 N/A
Heap-based buffer overflow in DirectAnimation.PathControl COM object (daxctle.ocx) in Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a Spline function call whose first argument specifies a large number of points.
CVE-2000-1096 1 Paul Vixie 1 Vixie Cron 2026-04-16 N/A
crontab by Paul Vixie uses predictable file names for a temporary file and does not properly ensure that the file is owned by the user executing the crontab -e command, which allows local users with write access to the crontab spool directory to execute arbitrary commands by creating world-writeable temporary files and modifying them while the victim is editing the file.
CVE-2005-0019 1 Yongguang Zhang 1 Hztty 2026-04-16 N/A
Unknown vulnerability in hztty 2.0 and earlier allows local users to execute arbitrary commands.