Export limit exceeded: 346615 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29902 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-1182 | 1 Web-app.org | 1 Webapp | 2026-04-23 | N/A |
| WebAPP before 0.9.9.5 allows remote Guest users to edit a Guest profile, which has unknown impact. | ||||
| CVE-2007-1350 | 1 Novell | 1 Netmail | 2026-04-23 | N/A |
| Stack-based buffer overflow in webadmin.exe in Novell NetMail 3.5.2 allows remote attackers to execute arbitrary code via a long username during HTTP Basic authentication. | ||||
| CVE-2007-2303 | 1 News Manager Deluxe | 1 News Manager Deluxe | 2026-04-23 | N/A |
| Directory traversal vulnerability in includes/footer.php in News Manager Deluxe (NMDeluxe) 1.0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the template parameter. | ||||
| CVE-2007-3141 | 1 Phpwebthings | 1 Phpwebthings | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in core/editor.php in phpWebThings 1.5.2 allows remote attackers to execute arbitrary PHP code via a URL in the editor_insert_top parameter. NOTE: the editor_insert_bottom vector is already covered by CVE-2006-6042. | ||||
| CVE-2007-1484 | 1 Php | 1 Php | 2026-04-23 | N/A |
| The array_user_key_compare function in PHP 4.4.6 and earlier, and 5.x up to 5.2.1, makes erroneous calls to zval_dtor, which triggers memory corruption and allows local users to bypass safe_mode and execute arbitrary code via a certain unset operation after array_user_key_compare has been called. | ||||
| CVE-2007-2457 | 1 Pixaria | 1 Pixaria Gallery | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in resources/includes/class.Smarty.php in Pixaria Gallery before 1.4.3 allows remote attackers to execute arbitrary PHP code via a URL in the cfg[sys][base_path] parameter. | ||||
| CVE-2007-3142 | 1 Opera | 1 Opera Browser | 2026-04-23 | N/A |
| Visual truncation vulnerability in Opera 9.21 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after 34 characters, as demonstrated by a phishing attack using HTTP Basic Authentication. | ||||
| CVE-2006-6139 | 1 Sisfo Kampus | 1 Sisfo Kampus | 2026-04-23 | N/A |
| Directory traversal vulnerability in downloadexcel.php in Sisfo Kampus 2006 (Semarang 3) allows remote attackers to read arbitrary files via the fn parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-7173 | 1 Php-stats | 1 Php-stats | 2026-04-23 | N/A |
| Direct static code injection vulnerability in admin.php in PHP-Stats 0.1.9.1b and earlier allows remote attackers to execute arbitrary PHP code via a crafted option_new[report_w_day] parameter in a preferenze action, which can be later accessed via option/php-stats-options.php. | ||||
| CVE-2006-4408 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| The Security Framework in Apple Mac OS X 10.4 through 10.4.8 allows remote attackers to cause a denial of service (resource consumption) via certain public key values in an X.509 certificate that requires extra resources during signature verification. NOTE: this issue may be similar to CVE-2006-2940. | ||||
| CVE-2008-6660 | 1 Ozerov | 1 Bigdump | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in bigdump.php in Alexey Ozerov BigDump 0.29b allows remote attackers to execute arbitrary code by uploading a file with an executable extension followed by a .sql extension, then accessing this file via a direct request. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2006-6298 | 1 Maxiasp | 1 Yonetimi | 2026-04-23 | N/A |
| SQL injection vulnerability in uye_giris_islem.asp in Metyus Okul Yonetim Sistemi 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) kullanici_ismi and (2) sifre parameters. | ||||
| CVE-2007-0694 | 1 Dian Gemilang | 1 Dgnews | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in footer.php in DGNews 2.1 allows remote attackers to inject arbitrary web script or HTML via the copyright parameter. | ||||
| CVE-2006-6980 | 1 Magnatune.com | 1 Album Browser | 2026-04-23 | N/A |
| The magnatune.com album browser in Amarok allows attackers to cause a denial of service (application crash) via unspecified vectors. | ||||
| CVE-2009-0618 | 1 Cisco | 1 Application Networking Manager | 2026-04-23 | N/A |
| Unspecified vulnerability in the Java agent in Cisco Application Networking Manager (ANM) before 2.0 Update A allows remote attackers to gain privileges, and cause a denial of service (service outage) by stopping processes, or obtain sensitive information by reading configuration files. | ||||
| CVE-2008-4699 | 1 Microsoft | 1 Peachtree Accounting | 2026-04-23 | N/A |
| Insecure method vulnerability in the ActiveX control (PAWWeb11.ocx) in Peachtree Accounting 2004 allows remote attackers to execute arbitrary programs via the ExecutePreferredApplication method. | ||||
| CVE-2007-0288 | 1 Oracle | 1 Application Server | 2026-04-23 | N/A |
| Unspecified vulnerability in Oracle Application Server 10.1.4.0 has unknown impact and attack vectors related to Oracle Internet Directory, aka OID01. | ||||
| CVE-2007-1619 | 1 Scriptmagix | 1 Scriptmagix Photo Rating | 2026-04-23 | N/A |
| SQL injection vulnerability in viewcomments.php in ScriptMagix Photo Rating 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the phid parameter. | ||||
| CVE-2010-0278 | 1 Microsoft | 3 Windows 7, Windows Live Messenger, Windows Vista | 2026-04-23 | N/A |
| A certain ActiveX control in msgsc.14.0.8089.726.dll in Microsoft Windows Live Messenger 2009 build 14.0.8089.726 on Windows Vista and Windows 7 allows remote attackers to cause a denial of service (msnmsgr.exe crash) by calling the ViewProfile method with a crafted argument during an MSN Messenger session. | ||||
| CVE-2006-7012 | 1 Scart | 1 Scart | 2026-04-23 | N/A |
| scart.cgi in SCart 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the page parameter of a show_text action. | ||||