Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-2727 1 Php 1 Php 2026-04-23 N/A
The mcrypt_create_iv function in ext/mcrypt/mcrypt.c in PHP before 4.4.7, 5.2.1, and possibly 5.0.x and other PHP 5 versions, calls php_rand_r with an uninitialized seed variable and therefore always generates the same initialization vector (IV), which might allow context-dependent attackers to decrypt certain data more easily because of the guessable encryption keys.
CVE-2007-2155 1 Phpfaber 1 Topsites 2026-04-23 N/A
Directory traversal vulnerability in template.php in in phpFaber TopSites 3 allows remote attackers to read arbitrary files via a .. (dot dot) in the modify parameter in a template action to admin/index.php.
CVE-2007-2729 1 Comodo 2 Comodo Firewall Pro, Comodo Personal Firewall 2026-04-23 N/A
Comodo Firewall Pro 2.4.18.184 and Comodo Personal Firewall 2.3.6.81, and probably older Comodo Firewall versions, do not properly test for equivalence of process identifiers for certain Microsoft Windows API functions in the NT kernel 5.0 and greater, which allows local users to call these functions, and bypass firewall rules or gain privileges, via a modified identifier that is one, two, or three greater than the canonical identifier.
CVE-2007-2730 3 Checkpoint, Comodo, Microsoft 6 Zonealarm, Comodo Firewall Pro, Comodo Personal Firewall and 3 more 2026-04-23 N/A
Check Point ZoneAlarm Pro before 6.5.737.000 does not properly test for equivalence of process identifiers for certain Microsoft Windows API functions in the NT kernel 5.0 and greater, which allows local users to call these functions, and bypass firewall rules or gain privileges, via a modified identifier that is one, two, or three greater than the canonical identifier.
CVE-2007-2152 1 Mcafee 1 Virusscan Enterprise 2026-04-23 N/A
Buffer overflow in the On-Access Scanner in McAfee VirusScan Enterprise before 8.0i Patch 12 allows user-assisted remote attackers to execute arbitrary code via a long filename containing multi-byte (Unicode) characters.
CVE-2007-2093 1 Limesoft 1 Limesoft Guestbook 2026-04-23 N/A
Direct static code injection vulnerability in index.php in Limesoft Guestbook (LS Simple Guestbook) 1.0 allows remote attackers to inject arbitrary PHP code into posts.txt via the message parameter.
CVE-2009-2090 1 Ibm 1 Websphere Application Server 2026-04-23 N/A
Unspecified vulnerability in wsadmin in the System Management/Repository component in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.5 allows remote attackers to bypass intended Java Management Extensions (JMX) Management Beans (aka MBeans) access restrictions, and cause a denial of service (daemon stop), via unknown vectors.
CVE-2007-2733 1 Jetbox 1 Jetbox Cms 2026-04-23 N/A
Unrestricted file upload vulnerability in Jetbox CMS allows remote authenticated users with author privileges to upload arbitrary scripts via unspecified vectors, which can be accessed in webfiles/. NOTE: this issue might be a duplicate of CVE-2004-1448.
CVE-2007-4944 1 Opera 1 Opera Browser 2026-04-23 N/A
The canvas.createPattern function in Opera 9.x before 9.22 for Linux, FreeBSD, and Solaris does not clear memory before using it to process a new pattern, which allows remote attackers to obtain sensitive information (memory contents) via JavaScript.
CVE-2007-2738 1 Xoops 1 Xoops Glossaire Module 2026-04-23 N/A
SQL injection vulnerability in glossaire-p-f.php in the Glossaire 1.7 and earlier module for Xoops allows remote attackers to execute arbitrary SQL commands via the sid parameter in an ImprDef action.
CVE-2007-2081 1 Myblog 1 Myblog 2026-04-23 N/A
MyBlog 0.9.8 and earlier allows remote attackers to bypass authentication requirements via the admin cookie parameter to certain admin files, as demonstrated by admin/settings.php.
CVE-2006-5007 1 Ibm 1 Aix 2026-04-23 N/A
Untrusted search path vulnerability in uucp in IBM AIX 5.2.0 and 5.3.0 allows local users to local users to gain privileges via a Trojan horse program involving uux.
CVE-2006-5010 1 Ibm 1 Aix 2026-04-23 N/A
Untrusted search path vulnerability in acctctl in IBM AIX 5.3.0 allows local users to execute arbitrary commands by modifying the path to point to a malicious mkdir program.
CVE-2006-5011 1 Ibm 1 Aix 2026-04-23 N/A
Untrusted search path vulnerability in snappd in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via a Trojan horse program, involving the "system subroutine".
CVE-2006-5013 1 Sun 1 Solaris 2026-04-23 N/A
Sun Solaris 10 before patch 118855-16 (20060925), when run on x64 systems using IPv6, allows remote attackers to cause a denial of service (kernel panic) via crafted IPv6 packets.
CVE-2006-5014 1 Cpanel 1 Cpanel 2026-04-23 8.8 High
Unspecified vulnerability in cPanel before 10.9.0 12 Tree allows remote authenticated users to gain privileges via unspecified vectors in (1) mysqladmin and (2) hooksadmin.
CVE-2007-1497 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-23 N/A
nf_conntrack in netfilter in the Linux kernel before 2.6.20.3 does not set nfctinfo during reassembly of fragmented packets, which leaves the default value as IP_CT_ESTABLISHED and might allow remote attackers to bypass certain rulesets using IPv6 fragments.
CVE-2006-5016 1 E-vision 1 E-vision Cms 2026-04-23 N/A
Unrestricted file upload vulnerability in admin/x_image.php in Szava Gyula and Csaba Tamas e-Vision CMS, probably 1.0, allows remote attackers to upload arbitrary files to the /imagebank directory.
CVE-2006-5018 1 Contentkeeper Technologies 1 Contentkeeper 2026-04-23 N/A
ContentKeeper 123.25 and earlier places passwords in cleartext in an INPUT element in cgi-bin/ck/changepw.cgi, which allows remote authenticated users to obtain passwords via this URI.
CVE-2007-4848 1 Microsoft 2 Ie, Internet Explorer 2026-04-23 N/A
Microsoft Internet Explorer 4.0 through 7 allows remote attackers to determine the existence of local files that have associated images via a res:// URI in the src property of a JavaScript Image object, as demonstrated by the URI for a bitmap image resource within a (1) .exe or (2) .dll file.