Export limit exceeded: 357290 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (357290 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-3768 | 1 Netwin | 1 Surgeftp | 2026-04-23 | N/A |
| The mirror mechanism in SurgeFTP 2.3a1 allows user-assisted, remote FTP servers to cause a denial of service (restart) via a malformed response to a PASV command. | ||||
| CVE-2007-6512 | 1 Php | 1 Mysql Banner Exchange | 2026-04-23 | N/A |
| PHP MySQL Banner Exchange 2.2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database information via a direct request to inc/lib.inc. | ||||
| CVE-2009-2483 | 1 Netbsd | 1 Netbsd | 2026-04-23 | N/A |
| libprop/prop_object.c in proplib in NetBSD 4.0 and 4.0.1 allows local users to cause a denial of service (NULL pointer dereference and kernel panic) via a malformed externalized plist (XML form) containing an undefined element. | ||||
| CVE-2007-5250 | 1 Americasarmy | 2 America\'s Army, America\'s Army Special Forces | 2026-04-23 | N/A |
| The Windows dedicated server for the Unreal engine, as used by America's Army and America's Army Special Forces 2.8.2 and earlier, when Punkbuster (PB) is enabled, allows remote attackers to cause a denial of service (server hang) via packets containing 0x07 characters or other unspecified invalid characters. NOTE: this issue may overlap CVE-2007-4443. NOTE: this issue might be in Punkbuster itself, but there are insufficient details to be certain. | ||||
| CVE-2007-3776 | 1 Cisco | 2 Unified Communications Manager, Unified Presence Server | 2026-04-23 | N/A |
| Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allow remote attackers to obtain sensitive information via unspecified vectors that reveal the SNMP community strings and configuration settings, aka (1) CSCsj20668 and (2) CSCsj25962. | ||||
| CVE-2009-2490 | 1 Sun | 1 Ray Server Software | 2026-04-23 | N/A |
| Unspecified vulnerability in the utaudiod daemon in Sun Ray Server Software (SRSS) 4.0, when Solaris Trusted Extensions is enabled, allows local users to cause a denial of service (audio outage) or possibly gain privileges via unknown vectors related to "resource leaks." | ||||
| CVE-2007-3783 | 1 Envivosoft | 1 Envivo Cms | 2026-04-23 | N/A |
| SQL injection vulnerability in default.asp in enVivo!CMS allows remote attackers to execute arbitrary SQL commands via the ID parameter in an article action. NOTE: this is probably different from CVE-2005-1413.4. | ||||
| CVE-2007-3786 | 1 Esoft | 1 Instagate Ex2 Utm | 2026-04-23 | N/A |
| Cross-site request forgery (CSRF) vulnerability on the eSoft InstaGate EX2 UTM device before firmware 3.1.20070615 allows remote attackers to perform privileged actions as administrators. NOTE: the vendor disputes the distribution of the vulnerable software, stating that it was a custom build for a former customer | ||||
| CVE-2009-2491 | 1 Sun | 1 Ray Server Software | 2026-04-23 | N/A |
| The utaudiod daemon in Sun Ray Server Software (SRSS) 4.0, when Solaris Trusted Extensions is enabled, allows local users to access the sessions of arbitrary users via unknown vectors related to "resource leaks." | ||||
| CVE-2007-5258 | 1 Phpfreelog | 1 Phpfreelog | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in log.php in phpFreeLog alpha 0.2.0 allows remote attackers to include and execute arbitrary files via unspecified vectors. NOTE: the original disclosure is likely erroneous. | ||||
| CVE-2007-3804 | 1 Clavister | 1 Clavister Coreplus | 2026-04-23 | N/A |
| The AntiVirus engine in the HTTP-ALG in Clavister CorePlus before 8.81.00 and 8.80.03 might allow remote attackers to bypass scanning via small files. | ||||
| CVE-2007-3805 | 1 Clavister | 1 Clavister Coreplus | 2026-04-23 | N/A |
| The IKE implementation in Clavister CorePlus before 8.80.03, and 8.80.00, does not properly validate certificates during IKE negotiation, which allows remote attackers to cause a denial of service (gateway stop) via certain certificates. | ||||
| CVE-2007-3810 | 1 It747 | 1 Realtor 747 | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Realtor 747 allows remote attackers to execute arbitrary SQL commands via the categoryid parameter. | ||||
| CVE-2007-3812 | 1 Cmscout | 1 Cmscout | 2026-04-23 | N/A |
| SQL injection vulnerability in forums.php in CMScout 1.23 and earlier allows remote attackers to execute arbitrary SQL commands via the f parameter in a forums action to index.php. | ||||
| CVE-2008-2894 | 1 Nch Software | 1 Nch Software Classic Ftp | 2026-04-23 | N/A |
| Directory traversal vulnerability in the FTP client in NCH Software Classic FTP 1.02 for Windows allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a response to a LIST command, a related issue to CVE-2002-1345. | ||||
| CVE-2008-5904 | 1 Xrdp | 1 Xrdp | 2026-04-23 | N/A |
| The rdp_rdp_process_color_pointer_pdu function in rdp/rdp_rdp.c in xrdp 0.4.1 and earlier allows remote RDP servers to have an unknown impact via input data that sets crafted values for certain length variables, leading to a buffer overflow. | ||||
| CVE-2008-6737 | 1 Ea | 1 Crysis | 2026-04-23 | N/A |
| Crysis 1.21 and earlier allows remote attackers to obtain sensitive player information such as real IP addresses by sending a keyexchange packet without a previous join packet, which causes Crysis to send a disconnect packet that includes unrelated log information. | ||||
| CVE-2007-5268 | 2 Canonical, Libpng | 2 Ubuntu Linux, Libpng | 2026-04-23 | N/A |
| pngrtran.c in libpng before 1.0.29 and 1.2.x before 1.2.21 use (1) logical instead of bitwise operations and (2) incorrect comparisons, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG image. | ||||
| CVE-2008-7184 | 1 Diigo | 2 Diigo Toolbar, Diigolet | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Diigo Toolbar and Diigolet allows remote attackers to inject arbitrary web script or HTML via a public comment. | ||||
| CVE-2007-3852 | 2 Redhat, Sysstat | 2 Enterprise Linux, Sysstat | 2026-04-23 | N/A |
| The init script (sysstat.in) in sysstat 5.1.2 up to 7.1.6 creates /tmp/sysstat.run insecurely, which allows local users to execute arbitrary code. | ||||