Export limit exceeded: 360580 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (360580 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-4747 | 1 Cisco | 3 Video Surveillance Ip Gateway Encoder Decoder, Video Surveillance Sp Isp, Video Surveillance Sp Isp Decoder Software | 2026-04-23 | N/A |
| The telnet service in Cisco Video Surveillance IP Gateway Encoder/Decoder (Standalone and Module) firmware 1.8.1 and earlier, Video Surveillance SP/ISP Decoder Software firmware 1.11.0 and earlier, and the Video Surveillance SP/ISP firmware 1.23.7 and earlier does not require authentication, which allows remote attackers to perform administrative actions, aka CSCsj31729. | ||||
| CVE-2007-4748 | 1 Ppstream | 1 Ppstream | 2026-04-23 | N/A |
| Buffer overflow in the PowerPlayer.dll ActiveX control in PPStream 2.0.1.3829 allows remote attackers to execute arbitrary code via a long Logo parameter. | ||||
| CVE-2007-4749 | 1 Autodesk | 1 Backburner | 2026-04-23 | N/A |
| The cmdjob utility in Autodesk Backburner 3.0.2 allows remote attackers to execute arbitrary commands on render servers by queueing jobs that contain these commands. NOTE: this is only a vulnerability in environments in which the administrator has not followed documentation that outlines the security risks of operating Backburner on untrusted networks. | ||||
| CVE-2007-4751 | 1 Data-vision | 1 Remotedocs R-viewer | 2026-04-23 | N/A |
| RemoteDocs R-Viewer before 1.6.3768 stores encrypted RDZ file data in unencrypted temporary files, which allows local users to obtain sensitive information by reading the temporary files. | ||||
| CVE-2007-0838 | 1 Freeproxy | 1 Freeproxy | 2026-04-23 | N/A |
| FreeProxy before 3.92 Build 1626 allows malicious users to cause a denial of service (infinite loop) via a HOST: header with a hostname and port number that refers to the server itself. | ||||
| CVE-2006-6784 | 1 Netbula | 1 Anyboard | 2026-04-23 | N/A |
| SQL injection vulnerability in Netbula Anyboard allows remote attackers to execute arbitrary SQL commands via the user name in the login form. | ||||
| CVE-2006-6781 | 1 Hlstats | 1 Hlstats | 2026-04-23 | N/A |
| HLstats 1.20 through 1.34 allows remote attackers to obtain sensitive information via playinfo mode, with certain values of the player and playerdata[lastName][] parameters, which reveals the path in an error message. | ||||
| CVE-2006-6778 | 1 Timberwolf | 1 Timberwolf | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in shownews.php in TimberWolf 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the nid parameter. | ||||
| CVE-2006-6777 | 1 Future Internet | 1 Future Internet | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.cfm in Future Internet allows remote attackers to inject arbitrary web script or HTML via the categoryId parameter in a Portal.ShowPage action. | ||||
| CVE-2006-6775 | 1 Acftp | 1 Acftp | 2026-04-23 | N/A |
| acFTP 1.5 allows remote authenticated users to cause a denial of service via a crafted argument to the (1) REST or (2) PBSZ command. | ||||
| CVE-2006-6774 | 1 Ciberia | 1 Content Federator | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in socios/maquetacion_socio.php (members/maquetacion_member.php) in Ciberia Content Federator 1.0 allows remote attackers to execute arbitrary PHP code via the path parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2006-6771 | 1 Irokez | 1 Irokez Cms | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Irokez CMS 0.7.1 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) GLOBALS[PTH][func] parameter in (a) scripts/gallery.scr.php; the (2) GLOBALS[PTH][spaw] parameter in (b) scripts/xtextarea.scr.php; and the (3) GLOBALS[PTH][classes] parameter in (c) sitemap.scr.php, (d) news.scr.php, (e) polls.scr.php, (f) rss.scr.php, (g) search.scr.php in scripts/, and (h) form.fun.php, (i) general.func.php, (j) groups.func.php, (k) js.func.php, (l) sections.func.php, and (m) users.func.php in functions/. | ||||
| CVE-2006-6770 | 1 Jinzora | 1 Jinzora | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Jinzora Media Jukebox 2.7 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the include_path parameter in (1) popup.php, (2) rss.php, (3) ajax_request.php, and (4) mediabroadcast.php. | ||||
| CVE-2007-1149 | 1 Lovecms | 1 Lovecms | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in LoveCMS 1.4 allow remote attackers to read arbitrary files via a .. (dot dot) in (1) the step parameter to install/index.php or (2) the load parameter to the top-level URI. | ||||
| CVE-2008-5303 | 2 Perl, Redhat | 3 File\, Perl, Enterprise Linux | 2026-04-23 | N/A |
| Race condition in the rmtree function in File::Path 1.08 (lib/File/Path.pm) in Perl 5.8.8 allows local users to to delete arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5302 due to affected versions. | ||||
| CVE-2006-6468 | 1 Xerox | 1 Workcentre | 2026-04-23 | N/A |
| Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 do not check the Fully Qualified Domain Name (FQDN) during a "Validate Repository SSL Certificate" scan, which has unknown impact and attack vectors, possibly related to spoofed certificates. | ||||
| CVE-2006-6470 | 1 Xerox | 1 Workcentre | 2026-04-23 | N/A |
| The SNMP Agent in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 returns no error for a non-writable object, which has unknown impact and attack vectors. NOTE: due to the vagueness of the advisory, it is not clear whether this is a vulnerability, or a bug in a security feature. | ||||
| CVE-2009-1747 | 1 26thavenue | 1 Bspeak | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in 26th Avenue bSpeak 1.10 allows remote attackers to execute arbitrary SQL commands via the forumid parameter in a post action. | ||||
| CVE-2009-1748 | 1 Joost Horward | 1 Catviz | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in index.php in Catviz 0.4.0 Beta 1 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) webpages_form or (2) userman_form parameter. | ||||
| CVE-2009-1752 | 1 Exjune | 1 Office Message System | 2026-04-23 | N/A |
| exJune Office Message System 1 does not properly restrict access to (1) configure.asp and (2) addmessage2.asp, which allows remote attackers to gain privileges a direct request. NOTE: some of these details are obtained from third party information. | ||||