Export limit exceeded: 29908 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29908 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-0755 | 1 Poppler | 1 Poppler | 2026-04-23 | N/A |
| The FormWidgetChoice::loadDefaults function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file with an invalid Form Opt entry. | ||||
| CVE-2009-0756 | 1 Poppler | 1 Poppler | 2026-04-23 | N/A |
| The JBIG2Stream::readSymbolDictSeg function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file that triggers a parsing error, which is not properly handled by JBIG2SymbolDict::~JBIG2SymbolDict and triggers an invalid memory dereference. | ||||
| CVE-2006-6129 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Integer overflow in the fatfile_getarch2 in Apple Mac OS X allows local users to cause a denial of service and possibly execute arbitrary code via a crafted Mach-O Universal program that triggers memory corruption. | ||||
| CVE-2009-0778 | 4 Linux, Microsoft, Redhat and 1 more | 9 Linux Kernel, Windows, Enterprise Linux and 6 more | 2026-04-23 | N/A |
| The icmp_send function in net/ipv4/icmp.c in the Linux kernel before 2.6.25, when configured as a router with a REJECT route, does not properly manage the Protocol Independent Destination Cache (aka DST) in some situations involving transmission of an ICMP Host Unreachable message, which allows remote attackers to cause a denial of service (connectivity outage) by sending a large series of packets to many destination IP addresses within this REJECT route, related to an "rt_cache leak." | ||||
| CVE-2009-0780 | 1 Openbsd | 1 Openbsd | 2026-04-23 | N/A |
| The aspath_prepend function in rde_attr.c in bgpd in OpenBSD 4.3 and 4.4 allows remote attackers to cause a denial of service (application crash) via an Autonomous System (AS) advertisement containing a long AS path. | ||||
| CVE-2009-0819 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2026-04-23 | N/A |
| sql/item_xmlfunc.cc in MySQL 5.1 before 5.1.32 and 6.0 before 6.0.10 allows remote authenticated users to cause a denial of service (crash) via "an XPath expression employing a scalar expression as a FilterExpr with ExtractValue() or UpdateXML()," which triggers an assertion failure. | ||||
| CVE-2006-6130 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| Apple Mac OS X AppleTalk allows local users to cause a denial of service (kernel panic) by calling the AIOCREGLOCALZN ioctl command with a crafted data structure on an AppleTalk socket. | ||||
| CVE-2006-6135 | 1 Ibm | 1 Websphere Application Server | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in IBM WebSphere Application Server 6.1.0 before Fix Pack 3 (6.1.0.3) have unknown impact and attack vectors, related to (1) a "Potential security vulnerability" (PK29725) and (2) "Potential security exposure" (PK30831). | ||||
| CVE-2006-6137 | 1 Sisfo Kampus | 1 Sisfo Kampus | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Sisfo Kampus 0.8 allow remote attackers to execute arbitrary PHP code via a URL in the (1) exec parameter to index.php or (2) print parameter to print.php, which is also accessible via the print command to index.php. | ||||
| CVE-2009-0897 | 1 Ibm | 1 Websphere Partner Gateway | 2026-04-23 | N/A |
| IBM WebSphere Partner Gateway (WPG) 6.1.0 before 6.1.0.1 and 6.1.1 before 6.1.1.1 allows remote authenticated users to obtain sensitive information via vectors related to the "schema DB2 instance id" and the bcgarchive (aka the archiver script). | ||||
| CVE-2009-0903 | 1 Ibm | 1 Websphere Application Server | 2026-04-23 | N/A |
| IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.3, and the Feature Pack for Web Services for WAS 6.1 before 6.1.0.25, when a WS-Security policy is established at the operation level, does not properly handle inbound requests that lack a SOAPAction or WS-Addressing Action, which allows remote attackers to bypass intended access restrictions via a crafted request to a JAX-WS application. | ||||
| CVE-2009-1440 | 1 Amule | 1 Amule | 2026-04-23 | N/A |
| Incomplete blacklist vulnerability in DownloadListCtrl.cpp in amule 2.2.4 allows remote attackers to conduct argument injection attacks into a command for mplayer via a crafted filename. | ||||
| CVE-2006-6138 | 1 Sisfo Kampus | 1 Sisfo Kampus | 2026-04-23 | N/A |
| Directory traversal vulnerability in download.php in Sisfo Kampus 0.8 allows remote attackers to list arbitrary directories via an absolute pathname in the dir parameter. | ||||
| CVE-2007-1188 | 1 Web-app.org | 1 Webapp | 2026-04-23 | N/A |
| WebAPP before 0.9.9.5 allows remote attackers to submit Search form input that is not checked for (1) composition or (2) length, which has unknown impact, possibly related to "search form hijacking". | ||||
| CVE-2006-6140 | 1 Sisfo Kampus | 1 Sisfo Kampus | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in Sisfo Kampus 2006 (Semarang 3) allows remote attackers to execute arbitrary PHP code via a URL in the slnt parameter to (1) index.php and (2) print.php. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-6141 | 1 Philippe Jounin | 1 Tftpd32 | 2026-04-23 | N/A |
| Buffer overflow in Tftpd32 3.01 allows remote attackers to cause a denial of service via a long GET or PUT request, which is not properly handled when the request is displayed in the title of the gauge window. | ||||
| CVE-2006-6145 | 1 Cryptocard | 1 Crypto-server | 2026-04-23 | N/A |
| CRYPTOCard CRYPTO-Server before 6.4.56 stores LDAP credentials in plaintext in UninstallerData\installvariables.properties, which has insecure permissions and allows local users to obtain the credentials. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-6146 | 1 Takeshi Kanno | 1 Haru Free Pdf Library | 2026-04-23 | N/A |
| Buffer overflow in the HPDF_Page_Circle function in hpdf_page_operator.c in Takeshi Kanno Haru Free PDF Library (libharu2, aka libharu) 2.0.7 and earlier allows context-dependent attackers to cause a denial of service (application crash) via certain arguments that yield a large amount of PDF data, as demonstrated by a filled circle. | ||||
| CVE-2009-1634 | 1 Novell | 1 Groupwise | 2026-04-23 | N/A |
| The WebAccess component in Novell GroupWise 7.x before 7.03 HP3 and 8.x before 8.0 HP2 does not properly implement session management mechanisms, which allows remote attackers to gain access to user accounts via unspecified vectors. | ||||
| CVE-2009-1683 | 1 Apple | 2 Iphone Os, Ipod Touch | 2026-04-23 | N/A |
| The Telephony component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to cause a denial of service (device reset) via a crafted ICMP echo request, which triggers an assertion error related to a "logic issue." | ||||