Search Results (35583 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-2932 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop 2026-04-16 N/A
A regression error in the restore_all code path of the 4/4GB split support for non-hugemem Linux kernels on Red Hat Linux Desktop and Enterprise Linux 4 allows local users to cause a denial of service (panic) via unspecified vectors.
CVE-2006-2218 1 Microsoft 2 Internet Explorer, Windows Xp 2026-04-16 N/A
Unspecified vulnerability in Internet Explorer 6.0 on Microsoft Windows XP SP2 allows remote attackers to execute arbitrary code via "exceptional conditions" that trigger memory corruption, as demonstrated using an exception handler and nested object tags, a variant of CVE-2006-1992.
CVE-2006-2201 1 Broadcom 1 Resource Initialization Manager 2026-04-16 N/A
Unspecified vulnerability in CA Resource Initialization Manager (CAIRIM) 1.x before 20060502, as used in z/OS Common Services and the LMP component in multiple products, allows attackers to violate integrity via a certain "problem state program" that uses SVC to gain access to supervisor state, key 0.
CVE-2006-2199 3 Openoffice, Redhat, Sun 3 Openoffice, Enterprise Linux, Staroffice 2026-04-16 N/A
Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x (aka StarOffice) up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice documents.
CVE-2006-1997 1 Sybase 1 Pylon Anywhere 2026-04-16 N/A
Unspecified vulnerability in Sybase Pylon Anywhere groupware synchronization server before 7.0 allows local users to obtain sensitive information such as email and PIM data of another user via unknown attack vectors.
CVE-2006-1308 1 Microsoft 2 Excel, Excel Viewer 2026-04-16 N/A
Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted FNGROUPCOUNT value.
CVE-2006-1254 1 Borderware 1 Mxtreme 2026-04-16 N/A
Unspecified vulnerability in BorderWare MXtreme 5.0 and 6.0 allows remote attackers to have an unknown impact via unknown attack vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-1246 1 Ibm 1 Aix 2026-04-16 N/A
Unspecified vulnerability in mklvcopy in BOS.RTE.LVM in IBM AIX 5.3 allows local users to execute arbitrary commands when mklvcopy calls external commands, possibly due to an untrusted search path vulnerability.
CVE-2006-0592 1 Lexmark 1 Printer Sharing 2026-04-16 N/A
Unspecified vulnerability in the Lexmark Printer Sharing LexBce Server Service (LexPPS), possibly 8.29 and 9.41, allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based on a vague initial disclosure; details will be updated after the grace period has ended.
CVE-2006-0585 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
jscript.dll in Microsoft Internet Explorer 6.0 SP1 and earlier allows remote attackers to cause a denial of service (application crash) via a Shockwave Flash object that contains ActionScript code that calls VBScript, which in turn calls the Javascript document.write function, which triggers a null dereference.
CVE-2006-0582 1 Kth 1 Heimdal 2026-04-16 N/A
Unspecified vulnerability in rshd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2, when storing forwarded credentials, allows attackers to overwrite arbitrary files and change file ownership via unknown vectors.
CVE-2006-0487 1 Tumbleweed 1 Mailgate Email Firewall 2026-04-16 N/A
Multiple unspecified vulnerabilities in Tumbleweed MailGate Email Firewall (EMF) 6.x allow remote attackers to (1) trigger temporarily incorrect processing of an e-mail message under "extremely heavy loads" and (2) cause an "increased number of missed spam" during "spam outbreaks."
CVE-2006-0467 1 Pioneers 1 Pioneers 2026-04-16 N/A
Unspecified vulnerability in Pioneers (formerly gnocatan) before 0.9.49 allows remote attackers to cause a denial of service (application crash) via long chat messages.
CVE-2006-0435 1 Oracle 2 Application Server, Http Server 2026-04-16 N/A
Unspecified vulnerability in Oracle PL/SQL (PLSQL), as used in Database Server DS 9.2.0.7 and 10.1.0.5, Application Server 1.0.2.2, 9.0.4.2, 10.1.2.0.2, 10.1.2.1.0, and 10.1.3.0.0, E-Business Suite and Applications 11.5.10, and Collaboration Suite 10.1.1, 10.1.2.0, 10.1.2.1, and 9.0.4.2, allows attackers to bypass the PLSQLExclusion list and access excluded packages and procedures, aka Vuln# PLSQL01.
CVE-2005-3627 2 Redhat, Xpdf 2 Enterprise Linux, Xpdf 2026-04-16 N/A
Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via a DCTDecode stream with (1) a large "number of components" value that is not checked by DCTStream::readBaselineSOF or DCTStream::readProgressiveSOF, (2) a large "Huffman table index" value that is not checked by DCTStream::readHuffmanTables, and (3) certain uses of the scanInfo.numComps value by DCTStream::readScanInfo.
CVE-2005-3463 1 Oracle 1 Peoplesoft Enterprise 2026-04-16 N/A
Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterprise 8.44 up to 8.46.03 has unknown impact and attack vectors, as identified by Oracle Vuln# PSE03.
CVE-2005-2700 4 Apache, Canonical, Debian and 1 more 6 Http Server, Ubuntu Linux, Debian Linux and 3 more 2026-04-16 N/A
ssl_engine_kernel.c in mod_ssl before 2.8.24, when using "SSLVerifyClient optional" in the global virtual host configuration, does not properly enforce "SSLVerifyClient require" in a per-location context, which allows remote attackers to bypass intended access restrictions.
CVE-2005-2654 1 Phpldapadmin Project 1 Phpldapadmin 2026-04-16 N/A
phpldapadmin before 0.9.6c allows remote attackers to gain anonymous access to the LDAP server, even when disable_anon_bind is set, via an HTTP request to login.php with the anonymous_bind parameter set.
CVE-2005-0989 3 Mozilla, Netscape, Redhat 4 Firefox, Mozilla, Navigator and 1 more 2026-04-16 N/A
The find_replen function in jsstr.c in the Javascript engine for Mozilla Suite 1.7.6, Firefox 1.0.1 and 1.0.2, and Netscape 7.2 allows remote attackers to read portions of heap memory in a Javascript string via the lambda replace method.
CVE-2005-0235 1 Opera 1 Opera Browser 2026-04-16 N/A
The International Domain Name (IDN) support in Opera 7.54 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.