Export limit exceeded: 362192 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 362192 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (362192 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-4409 1 Universal Ircd 1 Ircu 2026-04-23 N/A
Race condition in ircu 2.10.12.01 through 2.10.12.05 allows remote attackers to set a new Apass during a netburst by arranging for ops privilege to be granted before the mode arrives.
CVE-2009-1572 1 Quagga 1 Quagga 2026-04-23 N/A
The BGP daemon (bgpd) in Quagga 0.99.11 and earlier allows remote attackers to cause a denial of service (crash) via an AS path containing ASN elements whose string representation is longer than expected, which triggers an assert error.
CVE-2007-4421 1 Olate 1 Olatedownload 2026-04-23 N/A
SQL injection vulnerability in Admin.php in Olate Download (od) 3.4.1 allows remote attackers to execute arbitrary SQL commands via an OD3_AutoLogin cookie.
CVE-2006-7083 1 Rigter Portal System 1 Rigter Portal System 2026-04-23 N/A
Directory traversal vulnerability in index.php in Rigter Portal System (RPS) 1.0, 2.0, and 3.0 allows remote attackers to read arbitrary files via ".." sequences in the id parameter.
CVE-2006-7086 1 Mrcgiguy 1 Hot Links 2026-04-23 N/A
The (1) dlback.php and (2) dlback.cgi scripts in Hot Links allow remote attackers to obtain sensitive information and download the database via a direct request with a modified dl parameter.
CVE-2007-4445 1 Rfactor 1 Rfactor 2026-04-23 N/A
Image Space rFactor 1.250 and earlier allows remote attackers to cause a denial of service (daemon crash) via (1) an ID 0x30 packet, (2) an ID 0x38 packet, and an invalid 13-bit integer in (3) an ID 0x60 packet and (4) an ID 0x68 packet; and a denial of service (UDP port block) via (5) an ID 0x20 packet and (6) an ID 0x28 packet.
CVE-2009-1582 1 Kalptarudemos 1 Million Dollar Text Links 2026-04-23 N/A
Million Dollar Text Links 1.0 does not properly restrict administrator access to admin.home.php, which allows remote attackers to bypass intended restrictions and gain privileges via a direct request to admin.home.php after visiting admin.php.
CVE-2006-7156 1 Minibb 1 Keyword Replacer 2026-04-23 N/A
PHP remote file inclusion vulnerability in addon_keywords.php in Keyword Replacer (keyword_replacer) 1.0 and earlier, a module for miniBB, allows remote attackers to execute arbitrary PHP code via a URL in the pathToFiles parameter.
CVE-2006-7165 1 Ibm 1 Websphere Application Server 2026-04-23 N/A
IBM WebSphere Application Server (WAS) 5.0 through 5.1.1.0 allows remote attackers to obtain JSP source code and other sensitive information via certain "special URIs."
CVE-2007-4470 1 Er Mapper 1 Image Web Server Ecw Jpeg 2000 Plug-in 2026-04-23 N/A
Multiple stack-based buffer overflows in the Earth Resource Mapping NCSView ActiveX control before 3.4.0.242 in NCSView.dll, as distributed in ER Mapper ECW JPEG 2000 Plug-in before 8.1, allow remote attackers to execute arbitrary code via unspecified vectors.
CVE-2006-7182 1 Mnews 1 Mnews 2026-04-23 N/A
PHP remote file inclusion vulnerability in noticias.php in MNews 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the inc parameter.
CVE-2007-4477 1 Planet Technology Corp 1 Vc-200m Vdsl2 2026-04-23 N/A
The administration interface in the Planet VC-200M VDSL2 router allows remote attackers to cause a denial of service (administration interface outage) via an HTTP request without a Host header.
CVE-2009-1604 1 Limesurvey 1 Limesurvey 2026-04-23 N/A
Unspecified vulnerability in LimeSurvey before 1.82 allows remote attackers to execute commands and obtain sensitive data via unknown attack vectors related to /admin/remotecontrol/.
CVE-2009-1606 1 Dafolo 1 Dafolocontrol 2026-04-23 N/A
Multiple stack-based and heap-based buffer overflows in Dafolo DafoloControl ActiveX control (DafoloFFControl.dll) 1.108.6.195 allow remote attackers to execute arbitrary code via long (1) baseurl, (2) kommune, (3) felter, (4) afdeling, (5) Flags, (6) HelpURL, (7) caburl, or (8) filename properties; or (9) a long argument to the Open method. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-7219 1 Ez 1 Ez Publish 2026-04-23 N/A
eZ publish before 3.8.5 does not properly enforce permissions for editing in a specific language, which allows remote authenticated users to create a draft in an unauthorized language by editing an archived version of an object, and then using Manage Versions to copy this version to a new draft.
CVE-2009-1612 1 Baofeng 1 Storm 2026-04-23 N/A
Stack-based buffer overflow in the MPS.StormPlayer.1 ActiveX control in mps.dll 3.9.4.27 in Baofeng Storm allows remote attackers to execute arbitrary code via a long argument to the OnBeforeVideoDownload method, as exploited in the wild in April and May 2009. NOTE: some of these details are obtained from third party information. NOTE: it was later reported that 3.09.04.17 and earlier are also affected.
CVE-2007-4504 1 Joomla 1 Rsfiles 2026-04-23 N/A
Directory traversal vulnerability in index.php in the RSfiles component (com_rsfiles) 1.0.2 and earlier for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the path parameter in a files.display action.
CVE-2010-0184 1 Tibco 1 Runtime Agent 2026-04-23 N/A
The (1) domainutility and (2) domainutilitycmd components in TIBCO Domain Utility in TIBCO Runtime Agent (TRA) before 5.6.2, as used in TIBCO ActiveMatrix BusinessWorks and other products, set weak permissions on domain properties files, which allows local users to obtain domain administrator credentials, and gain privileges on all domain systems, via unspecified vectors.
CVE-2009-1466 1 Klinzmann 1 Application Access Server 2026-04-23 5.5 Medium
Application Access Server (A-A-S) 2.0.48 stores (1) passwords and (2) the port keyword in cleartext in aas.ini, which allows local users to obtain sensitive information by reading this file.
CVE-2007-4222 1 Ibm 1 Lotus Notes 2026-04-23 N/A
Buffer overflow in the TagAttributeListCopy function in nnotes.dll in IBM Lotus Notes before 7.0.3 allows user-assisted remote attackers to execute arbitrary code via a crafted HTML email, related to duplicate RTF conversion when the recipient operates on this email.