Export limit exceeded: 11957 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 12044 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347785 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347785 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-5640 | 1 Activewebsoftwares | 1 Active Bids | 2026-04-23 | N/A |
| SQL injection vulnerability in bidhistory.asp in Active Bids 3.5 allows remote attackers to execute arbitrary SQL commands via the ItemID parameter. | ||||
| CVE-2006-6810 | 1 Db Hub | 1 Db Hub | 2026-04-23 | N/A |
| Unspecified vulnerability in the clear_user_list function in src/main.c in DB Hub 0.3 allows remote attackers to cause a denial of service (application crash) via crafted network traffic, which triggers memory corruption. | ||||
| CVE-2008-5641 | 1 Activewebsoftwares | 1 Active Photo Gallery | 2026-04-23 | N/A |
| SQL injection vulnerability in account.asp in Active Photo Gallery 6.2 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | ||||
| CVE-2009-1679 | 1 Apple | 2 Iphone Os, Ipod Touch | 2026-04-23 | N/A |
| The Profiles component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1, when installing a configuration profile, can replace the password policy from Exchange ActiveSync with a weaker password policy, which allows physically proximate attackers to bypass the intended policy. | ||||
| CVE-2006-7177 | 1 Madwifi | 1 Madwifi | 2026-04-23 | N/A |
| MadWifi, when Ad-Hoc mode is used, allows remote attackers to cause a denial of service (system crash) via unspecified vectors that lead to a kernel panic in the ieee80211_input function, related to "packets coming from a 'malicious' WinXP system." | ||||
| CVE-2008-5642 | 1 Cmsmadesimple | 1 Cms Made Simple | 2026-04-23 | N/A |
| Directory traversal vulnerability in admin/login.php in CMS Made Simple 1.4.1 allows remote attackers to read arbitrary files via a .. (dot dot) in a cms_language cookie. | ||||
| CVE-2006-7182 | 1 Mnews | 1 Mnews | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in noticias.php in MNews 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the inc parameter. | ||||
| CVE-2008-3142 | 4 Canonical, Debian, Python and 1 more | 4 Ubuntu Linux, Debian Linux, Python and 1 more | 2026-04-23 | N/A |
| Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicode_resize function and the PyMem_RESIZE macro. | ||||
| CVE-2008-5643 | 2 Joomla, Mambo | 3 Com Books, Joomla, Mambo | 2026-04-23 | N/A |
| SQL injection vulnerability in the Books (com_books) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter in a book_details action to index.php. | ||||
| CVE-2007-0430 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| The shared_region_map_file_np function in Apple Mac OS X 10.4.8 and earlier kernel allows local users to cause a denial of service (memory corruption) via a large mappingCount value. | ||||
| CVE-2008-5644 | 1 Typo3 | 1 Typo3 | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the file backend module in TYPO3 4.2.2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2008-5647 | 1 Trac | 1 Trac | 2026-04-23 | N/A |
| Unspecified vulnerability in the HTML sanitizer filter in Trac before 0.11.2 allows attackers to conduct phishing attacks via unknown attack vectors. | ||||
| CVE-2008-5658 | 1 Php | 1 Php | 2026-04-23 | N/A |
| Directory traversal vulnerability in the ZipArchive::extractTo function in PHP 5.2.6 and earlier allows context-dependent attackers to write arbitrary files via a ZIP file with a file whose name contains .. (dot dot) sequences. | ||||
| CVE-2008-5659 | 1 Gnu | 1 Classpath | 2026-04-23 | N/A |
| The gnu.java.security.util.PRNG class in GNU Classpath 0.97.2 and earlier uses a predictable seed based on the system time, which makes it easier for context-dependent attackers to conduct brute force attacks against cryptographic routines that use this class for randomness, as demonstrated against DSA private keys. | ||||
| CVE-2007-0812 | 1 Woltlab | 1 Burning Board Lite | 2026-04-23 | N/A |
| SQL injection vulnerability in pms.php in Woltlab Burning Board (wBB) Lite 1.0.2pl3e and earlier allows remote authenticated users to execute arbitrary SQL commands via the pmid[0] parameter. | ||||
| CVE-2008-5661 | 1 Sun | 2 Opensolaris, Solaris | 2026-04-23 | N/A |
| The IPv4 Forwarding feature in Sun Solaris 10 and OpenSolaris snv_47 through snv_82, with certain patches installed, allows remote attackers to cause a denial of service (panic) via unknown vectors that trigger a NULL pointer dereference. | ||||
| CVE-2008-5664 | 1 Realtek | 1 Realtek Media Player | 2026-04-23 | N/A |
| Stack-based buffer overflow in Realtek Media Player (aka Realtek Sound Manager, RtlRack, or rtlrack.exe) 1.15.0.0 allows remote attackers to execute arbitrary code via a crafted playlist (PLA) file. | ||||
| CVE-2007-1349 | 3 Apache, Canonical, Redhat | 12 Mod Perl, Ubuntu Linux, Certificate System and 9 more | 2026-04-23 | N/A |
| PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI. | ||||
| CVE-2008-5670 | 1 Textpattern | 1 Textpattern | 2026-04-23 | N/A |
| Textpattern (aka Txp CMS) 4.0.5 does not ask for the old password during a password reset, which makes it easier for remote attackers to change a password after hijacking a session. | ||||
| CVE-2008-5671 | 1 Joomla | 1 Joomla | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in index.php in Joomla! 1.0.11 through 1.0.14, when RG_EMULATION is enabled in configuration.php, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||