Export limit exceeded: 12042 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347776 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-0430 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| The shared_region_map_file_np function in Apple Mac OS X 10.4.8 and earlier kernel allows local users to cause a denial of service (memory corruption) via a large mappingCount value. | ||||
| CVE-2008-5644 | 1 Typo3 | 1 Typo3 | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the file backend module in TYPO3 4.2.2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2008-5647 | 1 Trac | 1 Trac | 2026-04-23 | N/A |
| Unspecified vulnerability in the HTML sanitizer filter in Trac before 0.11.2 allows attackers to conduct phishing attacks via unknown attack vectors. | ||||
| CVE-2008-5658 | 1 Php | 1 Php | 2026-04-23 | N/A |
| Directory traversal vulnerability in the ZipArchive::extractTo function in PHP 5.2.6 and earlier allows context-dependent attackers to write arbitrary files via a ZIP file with a file whose name contains .. (dot dot) sequences. | ||||
| CVE-2008-5659 | 1 Gnu | 1 Classpath | 2026-04-23 | N/A |
| The gnu.java.security.util.PRNG class in GNU Classpath 0.97.2 and earlier uses a predictable seed based on the system time, which makes it easier for context-dependent attackers to conduct brute force attacks against cryptographic routines that use this class for randomness, as demonstrated against DSA private keys. | ||||
| CVE-2007-0812 | 1 Woltlab | 1 Burning Board Lite | 2026-04-23 | N/A |
| SQL injection vulnerability in pms.php in Woltlab Burning Board (wBB) Lite 1.0.2pl3e and earlier allows remote authenticated users to execute arbitrary SQL commands via the pmid[0] parameter. | ||||
| CVE-2008-5661 | 1 Sun | 2 Opensolaris, Solaris | 2026-04-23 | N/A |
| The IPv4 Forwarding feature in Sun Solaris 10 and OpenSolaris snv_47 through snv_82, with certain patches installed, allows remote attackers to cause a denial of service (panic) via unknown vectors that trigger a NULL pointer dereference. | ||||
| CVE-2008-5664 | 1 Realtek | 1 Realtek Media Player | 2026-04-23 | N/A |
| Stack-based buffer overflow in Realtek Media Player (aka Realtek Sound Manager, RtlRack, or rtlrack.exe) 1.15.0.0 allows remote attackers to execute arbitrary code via a crafted playlist (PLA) file. | ||||
| CVE-2007-1349 | 3 Apache, Canonical, Redhat | 12 Mod Perl, Ubuntu Linux, Certificate System and 9 more | 2026-04-23 | N/A |
| PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI. | ||||
| CVE-2008-5670 | 1 Textpattern | 1 Textpattern | 2026-04-23 | N/A |
| Textpattern (aka Txp CMS) 4.0.5 does not ask for the old password during a password reset, which makes it easier for remote attackers to change a password after hijacking a session. | ||||
| CVE-2008-5671 | 1 Joomla | 1 Joomla | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in index.php in Joomla! 1.0.11 through 1.0.14, when RG_EMULATION is enabled in configuration.php, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| CVE-2007-1355 | 2 Apache, Redhat | 2 Tomcat, Network Satellite | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the appdev/sample/web/hello.jsp example application in Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.23, and 6.0.0 through 6.0.10 allow remote attackers to inject arbitrary web script or HTML via the test parameter and unspecified vectors. | ||||
| CVE-2008-5672 | 1 Phparanoid | 1 Phparanoid | 2026-04-23 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in PHParanoid before 0.4 allow remote attackers to hijack the authentication of arbitrary users for requests that use (1) admin.php or (2) private messages. | ||||
| CVE-2007-1775 | 1 Jbrowser | 1 Jbrowser | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in upload.php3 in JBrowser 2.4 and earlier allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-5673 | 1 Phparanoid | 1 Phparanoid | 2026-04-23 | N/A |
| PHParanoid before 0.4 does not properly restrict access to the members area by unauthenticated users, which has unknown impact and remote attack vectors. | ||||
| CVE-2008-5674 | 1 Darkwet | 1 Webcam Xp | 2026-04-23 | N/A |
| Multiple array index errors in the HTTP server in Darkwet Network webcamXP 3.72.440.0 and earlier and beta 4.05.280 and earlier allow remote attackers to cause a denial of service (device crash) and read portions of memory via (1) an invalid camnum parameter to the pocketpc component and (2) an invalid id parameter to the show_gallery_pic component. | ||||
| CVE-2008-5675 | 1 Ibm | 1 Websphere Portal | 2026-04-23 | N/A |
| Unspecified vulnerability in IBM WebSphere Portal 6.0 before 6.0.1.5 has unknown impact and attack vectors related to "Access problems with BasicAuthTAI." | ||||
| CVE-2007-1776 | 1 Design For Joomla | 1 D4j Ezine | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the DesignForJoomla.com D4J eZine (com_ezine) 2.8 and earlier component for Joomla! allows remote attackers to execute arbitrary SQL commands via the article parameter in a read action. | ||||
| CVE-2008-5676 | 1 Breach | 1 Modsecurity | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in the ModSecurity (aka mod_security) module 2.5.0 through 2.5.5 for the Apache HTTP Server, when SecCacheTransformations is enabled, allow remote attackers to cause a denial of service (daemon crash) or bypass the product's functionality via unknown vectors related to "transformation caching." | ||||
| CVE-2008-5677 | 1 Kwalbum | 1 Kwalbum | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in Kwalbum 2.0.4, 2.0.2, and earlier, when PICS_PATH is located in the web root, allows remote authenticated users with upload capability to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file under items/, related to the ReplaceBadFilenameChars function in include/ItemAdder.php. NOTE: some of these details are obtained from third party information. | ||||