Export limit exceeded: 346208 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29899 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-2099 | 1 Openconcept | 1 Back-end Cms | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in htdocs/php.php in OpenConcept Back-End CMS 0.4.7 allows remote attackers to inject arbitrary web script or HTML via the page[] parameter. | ||||
| CVE-2008-5360 | 2 Redhat, Sun | 5 Network Satellite, Rhel Extras, Jdk and 2 more | 2026-04-23 | N/A |
| Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier creates temporary files with predictable file names, which allows attackers to write malicious JAR files via unknown vectors. | ||||
| CVE-2006-6449 | 1 Vt-forum | 1 Vt-forum Lite | 2026-04-23 | N/A |
| Vt-Forum Lite 1.3 and earlier store sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/forum.mdb. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-2103 | 1 My Little Homepage | 1 My Little Forum | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in my little forum 1.7 allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to (1) admin.php and (2) timedifference.php. | ||||
| CVE-2007-2104 | 1 Ixon Cms | 1 Ixon Cms | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in iXon CMS 0.30 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the theme_url parameter to (1) index.php, (2) page.php, (3) search.php, (4) single.php, and (5) archives.php. | ||||
| CVE-2007-2105 | 1 Monkey Cms | 1 Monkey Cms | 2026-04-23 | N/A |
| Directory traversal vulnerability in admin/index.php in Monkey CMS 0.0.3 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the admin_skin parameter. | ||||
| CVE-2007-2106 | 1 Kai Content Management System | 1 Kai Content Management System | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in Kai Content Management System (K-CMS) 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the current_theme parameter. | ||||
| CVE-2009-1364 | 3 Francis James Franklin, Opensuse, Redhat | 3 Libwmf, Opensuse, Enterprise Linux | 2026-04-23 | N/A |
| Use-after-free vulnerability in the embedded GD library in libwmf 0.2.8.4 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WMF file. | ||||
| CVE-2009-2194 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Apple Mac OS X 10.5 before 10.5.8 does not properly share file descriptors over local sockets, which allows local users to cause a denial of service (system crash) by placing file descriptors in messages sent to a socket that has no receiver, related to a "synchronization issue." | ||||
| CVE-2007-2119 | 1 Oracle | 2 Application Server, Database Server | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in boundary_rules.jsp in the Administration Front End for Oracle Enterprise (Ultra) Search, as used in Database Server 9.2.0.8, 10.1.0.5, and 10.2.0.2, and in Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2.0 allows remote attackers to inject arbitrary HTML or web script via the EXPTYPE parameter, aka SES01. | ||||
| CVE-2007-2121 | 1 Oracle | 1 Application Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the COREid Access component in Oracle Application Server 7.0.4.4 has unknown impact and attack vectors, aka AS02. | ||||
| CVE-2007-2122 | 1 Oracle | 1 Application Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the Wireless component in Oracle Application Server 9.0.4.3 has unknown impact and attack vectors, aka AS03. | ||||
| CVE-2007-2128 | 1 Oracle | 1 E-business Suite | 2026-04-23 | N/A |
| Unspecified vulnerability in the Sales Online component for Oracle E-Business Suite 11.5.10 has unknown impact and remote authenticated attack vectors, aka APPS08. | ||||
| CVE-2007-2129 | 1 Oracle | 1 Enterprise Manager | 2026-04-23 | N/A |
| Unspecified vulnerability in the Agent component in Oracle Enterprise Manager 9.2.0.8 has unknown impact and remote attack vectors, aka EM01. | ||||
| CVE-2007-2131 | 1 Oracle | 1 Peoplesoft Enterprise | 2026-04-23 | N/A |
| Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterprise 8.22.14, 8.47.12, and 8.48.08 has unknown impact and attack vectors, aka PSE01. | ||||
| CVE-2007-2132 | 1 Oracle | 1 Peoplesoft Enterprise | 2026-04-23 | N/A |
| Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise 8.47.12 and 8.48.08 has unknown impact and attack vectors, aka PSE02. | ||||
| CVE-2007-2133 | 1 Oracle | 1 Peoplesoft Enterprise | 2026-04-23 | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise Human Capital Management component in Oracle PeopleSoft Enterprise 8.9 has unknown impact and attack vectors, aka PSEHCM01. | ||||
| CVE-2007-2134 | 1 Oracle | 1 Enterpriseone | 2026-04-23 | N/A |
| Unspecified vulnerability in the HTML Server in Oracle JD Edwards EnterpriseOne SP23_Q1 and 8.96.I1 has unknown impact and local attack vectors, aka JDE01. | ||||
| CVE-2007-2135 | 1 Oracle | 1 E-business Suite | 2026-04-23 | N/A |
| The ADI_BINARY component in the Oracle E-Business Suite allows remote attackers to download arbitrary documents from the APPS.FND_DOCUMENTS table via the ADI_DISPLAY_REPORT function, when passed a certain parameter. NOTE: due to lack of details from Oracle, it is not clear whether this issue is related to other CVE identifiers such as CVE-2007-2126, CVE-2007-2127, or CVE-2007-2128. | ||||
| CVE-2007-2136 | 1 Bmc | 1 Patrol Perform Agent | 2026-04-23 | N/A |
| Stack-based buffer overflow in bgs_sdservice.exe in BMC Patrol PerformAgent allows remote attackers to execute arbitrary code by connecting to TCP port 10128 and sending certain XDR data, which is not properly parsed. | ||||