Search Results (362376 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-0474 1 Smb4k 1 Smb4k 2026-04-23 N/A
Smb4K before 0.8.0 allow local users, when present on the Smb4K sudoers list, to kill arbitrary processes, related to a "design issue with smb4k_kill."
CVE-2010-0226 1 Sandisk 1 Cruzer Enterprise Usb 2026-04-23 N/A
SanDisk Cruzer Enterprise USB flash drives do not prevent password replay attacks, which allows physically proximate attackers to access the cleartext drive contents by providing a key that was captured in a USB data stream at an earlier time.
CVE-2007-0500 1 Bradabra 1 Bradabra 2026-04-23 N/A
PHP remote file inclusion vulnerability in include/includes.php in Bradabra 2.0.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter.
CVE-2007-4683 1 Apple 1 Mac Os X 2026-04-23 N/A
Directory traversal vulnerability in the kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to bypass the chroot mechanism via a relative path when changing the current working directory.
CVE-2007-0506 1 Drupal 2 Project, Project Issue Tracking Module 2026-04-23 N/A
The project_issue_access function in the Project issue tracking 4.7.0 through 5.x before 20070123 module for Drupal allows remote authenticated users to bypass other access control modules and obtain attached files by guessing the filename, and obtain issue information via direct requests.
CVE-2007-0508 1 Bbclone 1 Bbclone 2026-04-23 N/A
PHP remote file inclusion vulnerability in lib/selectlang.php in BBClone 0.31 allows remote attackers to execute arbitrary PHP code via a URL in the BBC_LANGUAGE_PATH parameter.
CVE-2010-0229 1 Verbatim 1 Corporate Secure 2026-04-23 N/A
Verbatim Corporate Secure and Corporate Secure FIPS Edition USB flash drives do not prevent password replay attacks, which allows physically proximate attackers to access the cleartext drive contents by providing a key that was captured in a USB data stream at an earlier time.
CVE-2007-4708 1 Apple 1 Mac Os X 2026-04-23 N/A
Format string vulnerability in Address Book in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via the URL handler.
CVE-2009-1731 1 Mlffat 1 Mlffat 2026-04-23 N/A
SQL injection vulnerability in panel/index.php in MLFFAT 2.1 allows remote attackers to execute arbitrary SQL commands via a base64-encoded supervisor cookie.
CVE-2009-1732 1 Richard Ellerbrock 1 Ipplan 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in admin/usermanager in IPplan 4.91a allows remote attackers to inject arbitrary web script or HTML via the grp parameter.
CVE-2007-4710 1 Apple 1 Mac Os X 2026-04-23 N/A
Unspecified vulnerability in ColorSync in Apple Mac OS X 10.4.11 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via an image with a crafted ColorSync profile, which triggers memory corruption.
CVE-2007-3582 1 Inforest Communications 1 Supercali 2026-04-23 N/A
SQL injection vulnerability in index.php in SuperCali PHP Event Calendar 0.4.0 allows remote attackers to execute arbitrary SQL commands via the o parameter.
CVE-2007-4726 1 Weboddity 1 Weboddity 2026-04-23 N/A
Directory traversal vulnerability in Web Oddity 0.09b allows remote attackers to read arbitrary files via a .. (dot dot) in the URI.
CVE-2009-1744 1 Pinnaclesys 1 Pinnacle Studio 2026-04-23 N/A
InstallHFZ.exe 6.5.201.0 in Pinnacle Hollywood Effects 6, a module in Pinnacle Systems Pinnacle Studio 12, allows remote attackers to cause a denial of service (application crash) via a crafted Hollywood FX Compressed Archive (.hfz) file.
CVE-2009-1745 1 Armorlogic 1 Profense Web Application Firewall 2026-04-23 N/A
Armorlogic Profense Web Application Firewall before 2.2.22, and 2.4.x before 2.4.4, has a default root password hash, and permits password-based root logins over SSH, which makes it easier for remote attackers to obtain access.
CVE-2007-4731 1 Trend Micro 1 Serverprotect 2026-04-23 N/A
Stack-based buffer overflow in the TMregChange function in TMReg.dll in Trend Micro ServerProtect before 5.58 Security Patch 4 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 5005.
CVE-2009-1750 1 Omnisoftsol 1 Vidsharepro 2026-04-23 N/A
Unrestricted file upload vulnerability in VidSharePro allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via unspecified vectors.
CVE-2007-0022 1 Apple 1 Mac Os X 2026-04-23 N/A
Untrusted search path vulnerability in writeconfig in Apple Mac OS X 10.4.8 allows local users to gain privileges via a modified PATH that points to a malicious launchctl program.
CVE-2009-1472 1 Aten 2 Kh1516i Ip Kvm Switch, Kn9116 Ip Kvm Switch 2026-04-23 N/A
The Java client program for the ATEN KH1516i IP KVM switch with firmware 1.0.063 and the KN9116 IP KVM switch with firmware 1.1.104 has a hardcoded AES encryption key, which makes it easier for man-in-the-middle attackers to (1) execute arbitrary Java code, or (2) gain access to machines connected to the switch, by hijacking a session.
CVE-2006-6442 1 Aol 1 Aol Client Software 2026-04-23 N/A
Stack-based buffer overflow in the SetClientInfo function in the CDDBControlAOL.CDDBAOLControl ActiveX control (cddbcontrol.dll), as used in America Online (AOL) 7.0 4114.563, 8.0 4129.230, and 9.0 Security Edition 4156.910, and possibly other products, allows remote attackers to execute arbitrary code via a long ClientId argument.