Export limit exceeded: 23281 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29908 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-2637 | 2 Moinmoin, Ubuntu | 2 Moinmoin, Ubuntu Linux | 2026-04-23 | N/A |
| MoinMoin before 20070507 does not properly enforce ACLs for calendars and includes, which allows remote attackers to read certain pages via unspecified vectors. | ||||
| CVE-2007-2638 | 1 Efilecabinet | 1 Efilecabinet | 2026-04-23 | N/A |
| eFileCabinet 3.3 allows remote attackers to bypass authentication and access restricted portions of the interface via an invalid filecabinetnumber, which can be leveraged to obtain sensitive information or create new data structures. | ||||
| CVE-2007-2639 | 1 Prosysinfo | 1 Tftp Server Tftpdwin | 2026-04-23 | N/A |
| Directory traversal vulnerability in TFTPdWin 0.4.2 allows remote attackers to read or modify arbitrary files outside the TFTP root via unspecified vectors. | ||||
| CVE-2008-4198 | 1 Opera | 1 Opera Browser | 2026-04-23 | N/A |
| Opera before 9.52, when rendering an http page that has loaded an https page into a frame, displays a padlock icon and offers a security information dialog reporting a secure connection, which might allow remote attackers to trick a user into performing unsafe actions on the http page. | ||||
| CVE-2008-4232 | 1 Apple | 3 Iphone Os, Ipod Touch, Safari | 2026-04-23 | N/A |
| Safari in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.1 through 2.1 does not restrict an IFRAME's content display to the boundaries of the IFRAME, which allows remote attackers to spoof a user interface via a crafted HTML document. | ||||
| CVE-2008-4233 | 1 Apple | 3 Iphone Os, Ipod Touch, Safari | 2026-04-23 | N/A |
| Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not isolate the call-approval dialog from the process of launching new applications, which allows remote attackers to make arbitrary phone calls via a crafted HTML document. | ||||
| CVE-2007-2640 | 1 Heiko Stamer | 1 Libtmcg | 2026-04-23 | N/A |
| LibTMCG before 1.1.1 does not perform a range check to avoid "trivial group generators," which allows attackers to obtain sensitive information about private cards. | ||||
| CVE-2007-2641 | 1 W1l3d4 | 1 Philboard | 2026-04-23 | N/A |
| SQL injection vulnerability in W1L3D4_bolum.asp in W1L3D4 Philboard 0.2 allows remote attackers to execute arbitrary SQL commands via the forumid parameter, a different vector than CVE-2007-0920. | ||||
| CVE-2007-2642 | 1 R2k | 1 R2k Gallery | 2026-04-23 | N/A |
| Directory traversal vulnerability in galeria.php in R2K Gallery 1.7 allows remote attackers to read arbitrary files via a .. (dot dot) in the lang2 parameter. | ||||
| CVE-2008-5029 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Enterprise Mrg and 1 more | 2026-04-23 | N/A |
| The __scm_destroy function in net/core/scm.c in the Linux kernel 2.6.27.4, 2.6.26, and earlier makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service (panic) via vectors related to sending an SCM_RIGHTS message through a UNIX domain socket and closing file descriptors. | ||||
| CVE-2007-2468 | 1 Hp | 1 Openvms | 2026-04-23 | N/A |
| Unspecified vulnerability in HP OpenVMS for Integrity Servers 8.2-1 and 8.3 allows local users to cause a denial of service (crash) via "Program actions relating to exceptions." | ||||
| CVE-2007-2646 | 1 Yenc32 | 1 Yenc32 | 2026-04-23 | N/A |
| Heap-based buffer overflow in yEnc32 1.0.7.207 allows user-assisted remote attackers to execute arbitrary code via a long filename in an NTX file. | ||||
| CVE-2007-2648 | 1 Clever Components | 1 Clever Database Comparer | 2026-04-23 | N/A |
| Stack-based buffer overflow in the Clever Database Comparer 2.2 ActiveX control (comparerax.ocx) allows remote attackers to execute arbitrary code via a long argument to the ConnectToDatabase function. | ||||
| CVE-2007-2649 | 1 T-com | 1 Speedport W 700v | 2026-04-23 | N/A |
| Deutsche Telekom (T-com) Speedport W 700v uses JavaScript delays for invalid authentication attempts to the CGI script, which allows remote attackers to bypass the delays and conduct brute-force attacks via direct calls to the authentication CGI script. | ||||
| CVE-2007-2651 | 1 Voodoo Circle | 1 Voodoo Circle | 2026-04-23 | N/A |
| Multiple off-by-one errors in VooDoo cIRCle before 1.1.beta27 allow remote attackers to cause a denial of service (connection loss) or possibly execute arbitrary code via a (1) DNS name response of the exact length as a buffer; or a long (2) channel name, (3) partyline channel name, or unspecified vectors in crafted BOTNET packets. | ||||
| CVE-2009-3007 | 2 Flock, Mozilla | 3 Flock, Firefox, Seamonkey | 2026-04-23 | N/A |
| Mozilla Firefox 3.5.1 and SeaMonkey 1.1.17, and Flock 2.5.1, allow context-dependent attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary file: URL after a victim has visited any file: URL, as demonstrated by a visit to a file: document written by the attacker. | ||||
| CVE-2007-2656 | 1 Hp | 1 Hpqvwocx.dll | 2026-04-23 | N/A |
| Stack-based buffer overflow in the Hewlett-Packard (HP) Magview ActiveX control in hpqvwocx.dll 1.0.0.309 allows remote attackers to cause a denial of service (application crash) and possibly have other impact via a long argument to the DeleteProfile method. | ||||
| CVE-2008-5697 | 2 Mozilla, Skype | 2 Firefox, Skype Extension For Firefox | 2026-04-23 | N/A |
| The skype_tool.copy_num method in the Skype extension BETA 2.2.0.95 for Firefox allows remote attackers to write arbitrary data to the clipboard via a string argument. | ||||
| CVE-2009-3864 | 2 Microsoft, Sun | 3 Windows, Jdk, Jre | 2026-04-23 | N/A |
| The Java Update functionality in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22 and JDK and JRE 6 before Update 17, when a non-English version of Windows is used, does not retrieve available new JRE versions, which allows remote attackers to leverage vulnerabilities in older releases of this software, aka Bug Id 6869694. | ||||
| CVE-2007-2539 | 1 Runcms | 1 Runcms | 2026-04-23 | N/A |
| The show_files function in RunCms 1.5.2 and earlier allows remote attackers to obtain sensitive information (file existence and file metadata) via unspecified vectors. | ||||