Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-5264 1 Mysqldumper 1 Mysqldumper 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in sql.php in MysqlDumper 1.21 b6 allows remote attackers to inject arbitrary web script or HTML via the db parameter.
CVE-2007-3891 1 Microsoft 1 Windows Vista 2026-04-23 N/A
Unspecified vulnerability in Windows Vista Weather Gadgets in Windows Vista allows remote attackers to execute arbitrary code via crafted HTML attributes.
CVE-2006-5649 1 Ubuntu 1 Ubuntu Linux 2026-04-23 5.5 Medium
Unspecified vulnerability in the "alignment check exception handling" in Ubuntu 5.10, 6.06 LTS, and 6.10 for the PowerPC (PPC) allows local users to cause a denial of service (kernel panic) via unspecified vectors.
CVE-2006-5991 1 Cactusoft 1 Cactushop 2026-04-23 N/A
Multiple SQL injection vulnerabilities in wwweb concepts CactuShop allow remote attackers to execute arbitrary SQL commands via the (1) prodtype parameter in prodtype.asp and the (2) product parameter in product.asp.
CVE-2007-6546 1 Runcms 1 Runcms 2026-04-23 N/A
RunCMS before 1.6.1 uses a predictable session id, which makes it easier for remote attackers to hijack sessions via a modified id.
CVE-2007-6547 1 Runcms 1 Runcms 2026-04-23 N/A
RunCMS before 1.6.1 does not require entry of the old password during a password change, which allows context-dependent attackers to change passwords upon obtaining temporary access to a session.
CVE-2009-2940 2 Pygresql, Python 2 Pygresql, Python 2026-04-23 N/A
The pygresql module 3.8.1 and 4.0 for Python does not properly support the PQescapeStringConn function, which might allow remote attackers to leverage escaping issues involving multibyte character encodings.
CVE-2007-2534 1 Phphoo3 1 Phphoo3 2026-04-23 9.8 Critical
Multiple SQL injection vulnerabilities in admin.php in phpHoo3 allow remote attackers to execute arbitrary SQL commands via the (1) ADMIN_USER (USER) and (2) ADMIN_PASS (PASS) parameters during a login. NOTE: CVE disputes this vulnerability, since ADMIN_USER/ADMIN_PASS are initialized before use
CVE-2007-4425 1 Live For Speed 1 Live For Speed 2026-04-23 N/A
Multiple buffer overflows in Live for Speed (LFS) demo, S1, and S2 allow remote authenticated users to (1) cause a denial of service (server crash) and probably execute arbitrary code via an ID 3 packet with a long nickname field, and (2) cause a denial of service (server crash) via an ID 10 packet containing a long string corresponding to an unavailable track.
CVE-2007-0427 1 Microsoft 1 Html Help Workshop 2026-04-23 N/A
Stack-based buffer overflow in Microsoft Help Workshop 4.03.0002 allows user-assisted remote attackers to execute arbitrary code via a help project (.HPJ) file with a long HLP field in the OPTIONS section.
CVE-2006-6121 1 Acer 1 Lunchapp.aplunch 2026-04-23 N/A
Acer Notebook LunchApp.APlunch ActiveX control allows remote attackers to execute arbitrary commands by calling the Run method.
CVE-2007-1456 1 Phpalbum.net 1 Phpalbum 2026-04-23 N/A
PHP remote file inclusion vulnerability in common.php in PHP Photo Album allows remote attackers to execute arbitrary PHP code via a URL in the db_file parameter. NOTE: CVE disputes this vulnerability, because versions 0.3.2.6 and 0.4.1beta do not contain this file. However, it is possible that the original researcher was referring to a different product
CVE-2008-0177 1 Kame 1 Ipcomp 2026-04-23 N/A
The ipcomp6_input function in sys/netinet6/ipcomp_input.c in the KAME project before 20071201 does not properly check the return value of the m_pulldown function, which allows remote attackers to cause a denial of service (system crash) via an IPv6 packet with an IPComp header.
CVE-2008-2714 1 Opera 1 Opera Browser 2026-04-23 N/A
Opera before 9.26 allows remote attackers to misrepresent web page addresses using "certain characters" that "cause the page address text to be misplaced."
CVE-2006-6713 1 Hitachi 1 Hitachi Directory Server 2 2026-04-23 N/A
Buffer overflow in Hitachi Directory Server 2 P-2444-A124 before 02-11-/K on Windows, and P-1B44-A121 before 02-10-/V on HP-UX, allows remote attackers to execute arbitrary code via crafted LDAP requests.
CVE-2007-1447 1 Broadcom 1 Brightstor Arcserve Backup 2026-04-23 N/A
The Tape Engine in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain RPC procedure arguments, which result in memory corruption, a different vulnerability than CVE-2006-6076.
CVE-2007-1437 2 Ledgersmb, Sql-ledger 2 Ledgersmb, Sql-ledger 2026-04-23 N/A
Unspecified vulnerability in LedgerSMB before 1.1.5 and SQL-Ledger before 2.6.25 allows remote attackers to overwrite files and possibly bypass authentication, and remote authenticated users to execute unauthorized code, by calling a custom error function that returns from execution.
CVE-2007-1863 3 Apache, Apple, Redhat 5 Http Server, Mac Os X Server, Certificate System and 2 more 2026-04-23 N/A
cache_util.c in the mod_cache module in Apache HTTP Server (httpd), when caching is enabled and a threaded Multi-Processing Module (MPM) is used, allows remote attackers to cause a denial of service (child processing handler crash) via a request with the (1) s-maxage, (2) max-age, (3) min-fresh, or (4) max-stale Cache-Control headers without a value.
CVE-2007-3372 1 Avahi 1 Avahi 2026-04-23 N/A
The Avahi daemon in Avahi before 0.6.20 allows attackers to cause a denial of service (exit) via empty TXT data over D-Bus, which triggers an assert error.
CVE-2007-2250 1 Phorum 1 Phorum 2026-04-23 N/A
admin.php in Phorum before 5.1.22 allows remote attackers to obtain the full path via the module[] parameter.