Total
29916 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-2640 | 1 Omegasoft | 1 Interneserviceslosungen | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in OmegaMw7a.ASP in OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL) allows remote attackers to inject arbitrary web script or HTML via the WCE parameter. | ||||
| CVE-2006-2647 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Untrusted search path vulnerability in update_flash for IBM AIX 5.1, 5.2 and 5.3 allows local users to execute arbitrary commands via unknown vectors involving lsmcode and possibly other commands. | ||||
| CVE-2006-2653 | 1 D-link | 1 Dsa-3100 Airspot Gateway | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in login_error.shtml for D-Link DSA-3100 allows remote attackers to inject arbitrary HTML or web script via an encoded uname parameter. | ||||
| CVE-2000-0775 | 1 Robtex | 1 Viking Server | 2026-04-16 | N/A |
| Buffer overflow in RobTex Viking server earlier than 1.06-370 allows remote attackers to cause a denial of service or execute arbitrary commands via a long HTTP GET request, or long Unless-Modified-Since, If-Range, or If-Modified-Since headers. | ||||
| CVE-2006-2655 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| The build process for ypserv in FreeBSD 5.3 up to 6.1 accidentally disables access restrictions when using the /var/yp/securenets file, which allows remote attackers to bypass intended access restrictions. | ||||
| CVE-2006-2662 | 1 Vmware | 1 Server | 2026-04-16 | N/A |
| VMware Server before RC1 does not clear user credentials from memory after a console connection is made, which might allow local attackers to gain privileges. | ||||
| CVE-2000-0781 | 1 Ca | 1 Arcserve Backup | 2026-04-16 | N/A |
| uagentsetup in ARCServeIT Client Agent 6.62 does not properly check for the existence or ownership of a temporary file which is moved to the agent.cfg configuration file, which allows local users to execute arbitrary commands by modifying the temporary file before it is moved. | ||||
| CVE-2000-0783 | 1 Watchguard | 1 Firebox | 2026-04-16 | N/A |
| Watchguard Firebox II allows remote attackers to cause a denial of service by sending a malformed URL to the authentication service on port 4100. | ||||
| CVE-2006-2671 | 1 Calendarscripts.com | 1 Chatpat | 2026-04-16 | N/A |
| SQL injection vulnerability in ChatPat 1.0 allows remote attackers to execute arbitrary SQL commands via the nickname field. | ||||
| CVE-2000-0805 | 1 Checkpoint | 1 Firewall-1 | 2026-04-16 | N/A |
| Check Point VPN-1/FireWall-1 4.1 and earlier improperly retransmits encapsulated FWS packets, even if they do not come from a valid FWZ client, aka "Retransmission of Encapsulated Packets." | ||||
| CVE-2006-2680 | 1 Php4script | 1 Az Photo Album Script Pro | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in AZ Photo Album Script Pro allows remote attackers to inject arbitrary web script or HTML via the gazpart parameter. | ||||
| CVE-2000-0829 | 1 Redhat | 2 Linux, Tmpwatch | 2026-04-16 | N/A |
| The tmpwatch utility in Red Hat Linux forks a new process for each directory level, which allows local users to cause a denial of service by creating deeply nested directories in /tmp or /var/tmp/. | ||||
| CVE-2002-0452 | 1 Foundrynet | 1 Serveriron | 2026-04-16 | N/A |
| Foundry Networks ServerIron switches do not decode URIs when applying "url-map" rules, which could make it easier for attackers to cause the switch to forward traffic to a different server than intended and exploit vulnerabilities that would otherwise be inaccessible. | ||||
| CVE-2006-2689 | 1 Eva-web | 1 Eva-web | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in EVA-Web 2.1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) debut_image parameter in (a) article-album.php3, (2) date parameter in (b) rubrique.php3, and the (3) perso and (4) aide parameters to (c) an unknown script, probably index.php. | ||||
| CVE-2006-2691 | 1 Amule | 1 Amule | 2026-04-16 | N/A |
| Unspecified "information leakage" vulnerabilities in aMuleWeb for AMule before 2.1.2 allow remote attackers to access arbitrary images, including dynamically generated images, via unknown vectors. | ||||
| CVE-2006-2693 | 1 Nivisec | 1 Hacks List | 2026-04-16 | N/A |
| Directory traversal vulnerability in admin/admin_hacks_list.php in Nivisec Hacks List 1.20 and earlier for phpBB, when register_globals is enabled, allows remote attackers to read arbitrary files via a ".." in the phpEx parameter. | ||||
| CVE-2000-0843 | 2 Dave Airlie, Luke Kenneth Casson Leighton | 2 Pam Smb, Pam Ntdom | 2026-04-16 | N/A |
| Buffer overflow in pam_smb and pam_ntdom pluggable authentication modules (PAM) allow remote attackers to execute arbitrary commands via a login with a long user name. | ||||
| CVE-2006-2696 | 1 Easy-content Forums | 1 Easy-content Forums | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerabilities in Easy-Content Forums 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) startletter parameter in userview.asp and the (2) catid parameter in topics.asp. | ||||
| CVE-2000-0849 | 1 Microsoft | 1 Windows Media Services | 2026-04-16 | N/A |
| Race condition in Microsoft Windows Media server allows remote attackers to cause a denial of service in the Windows Media Unicast Service via a malformed request, aka the "Unicast Service Race Condition" vulnerability. | ||||
| CVE-2006-2710 | 1 Secure Elements | 1 Class 5 Enterprise Vulnerability Management | 2026-04-16 | N/A |
| Secure Elements Class 5 AVR (aka C5 EVM) before 2.8.1 uses the same invariant RSA key for all installations, which allows remote attackers with the key to decrypt communications. | ||||