Export limit exceeded: 29946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29946 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-2533 | 1 Trend Micro | 1 Serverprotect | 2026-04-23 | N/A |
| Multiple buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2- Build 1174 allow remote attackers to execute arbitrary code via a crafted RPC message processed by the (1) the RPCFN_ActiveRollback function in (a) stcommon.dll, or the (2) ENG_SetRealTimeScanConfigInfo or (3) ENG_SendEmail functions in (b) eng50.dll. | ||||
| CVE-2007-2538 | 1 Runcms | 1 Runcms | 2026-04-23 | N/A |
| SQL injection vulnerability in class/debug/debug_show.php in RunCms 1.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the executed_queries array parameter. | ||||
| CVE-2009-2194 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Apple Mac OS X 10.5 before 10.5.8 does not properly share file descriptors over local sockets, which allows local users to cause a denial of service (system crash) by placing file descriptors in messages sent to a socket that has no receiver, related to a "synchronization issue." | ||||
| CVE-2007-2620 | 1 Jakub Steiner | 1 Original | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in inc/config.inc.php in Jakub Steiner (aka jimmac) original 0.11 allows remote attackers to execute arbitrary PHP code via a URL in the x[1] parameter. | ||||
| CVE-2007-2646 | 1 Yenc32 | 1 Yenc32 | 2026-04-23 | N/A |
| Heap-based buffer overflow in yEnc32 1.0.7.207 allows user-assisted remote attackers to execute arbitrary code via a long filename in an NTX file. | ||||
| CVE-2007-2671 | 1 Mozilla | 1 Firefox | 2026-04-23 | N/A |
| Mozilla Firefox 2.0.0.3 allows remote attackers to cause a denial of service (application crash) via a long hostname in an HREF attribute in an A element, which triggers an out-of-bounds memory access. | ||||
| CVE-2007-2740 | 1 Xajax | 1 Xajax | 2026-04-23 | N/A |
| Unspecified vulnerability in xajax before 0.2.5 has unknown impact and attack vectors, not related to XSS. | ||||
| CVE-2007-3203 | 1 Software602 | 1 602pro Lan Suite | 2026-04-23 | N/A |
| Stack-based buffer overflow in smtpdll.dll in the SMTP service in 602Pro LAN SUITE 2003 2003.0.03.0828 allows remote attackers to execute arbitrary code via an e-mail message with a long address. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-3882 | 1 Popscript.com | 1 Expert Advisor | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Expert Advisor allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2007-3931 | 1 Samsung | 1 Scx-4200 Driver | 2026-04-23 | N/A |
| The wrap_setuid_third_party_application function in the installation script for the Samsung SCX-4200 Driver 2.00.95 adds setuid permissions to third party applications such as xsane and xscanimage, which allows local users to gain privileges. | ||||
| CVE-2007-4340 | 1 Phpdvd | 1 Phpdvd | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in index.php in phpDVD 1.0.4 allows remote attackers to execute arbitrary PHP code via a URL in the dvd_config_file parameter. | ||||
| CVE-2007-4371 | 1 Hotscripts | 1 Neuron Blog | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in admin/pages/blog-add.php in Neuron Blog 1.1 allows remote attackers to upload and execute arbitrary PHP files in uploads/. | ||||
| CVE-2007-1360 | 1 Drupal | 1 Nodefamily | 2026-04-23 | N/A |
| Unspecified vulnerability in the Nodefamily module for Drupal 5.x before 5.x-1.0 allows remote authenticated users to access and modify other users' profiles via unspecified URL parameters. | ||||
| CVE-2007-4506 | 1 Joomla | 1 Neorecruit | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the NeoRecruit component (com_neorecruit) 1.4 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an offer_view action. | ||||
| CVE-2009-2861 | 1 Cisco | 2 Aironet Ap1100, Aironet Ap1200 | 2026-04-23 | N/A |
| The Over-the-Air Provisioning (OTAP) functionality on Cisco Aironet Lightweight Access Point 1100 and 1200 devices does not properly implement access-point association, which allows remote attackers to spoof a controller and cause a denial of service (service outage) via crafted remote radio management (RRM) packets, aka "SkyJack" or Bug ID CSCtb56664. | ||||
| CVE-2009-2864 | 1 Cisco | 2 Unified Callmanager, Unified Communications Manager | 2026-04-23 | N/A |
| Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 5.x before 5.1(3g), 6.x before 6.1(4), 7.0.x before 7.0(2a)su1, and 7.1.x before 7.1(2) allows remote attackers to cause a denial of service (service restart) via malformed SIP messages, aka Bug ID CSCsz95423. | ||||
| CVE-2008-0294 | 1 Freeseat | 1 Freeseat | 2026-04-23 | N/A |
| Unspecified vulnerability in the seat-locking implementation in FreeSeat before 1.1.5d allows attackers to book a seat more than once via unspecified vectors. | ||||
| CVE-2008-0445 | 1 Elog | 1 Elog | 2026-04-23 | N/A |
| The replace_inline_img function in elogd in Electronic Logbook (ELOG) before 2.7.1 allows remote attackers to cause a denial of service (infinite loop) via crafted logbook entries. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-1057 | 1 Openbsd | 1 Openbsd | 2026-04-23 | N/A |
| The ip6_check_rh0hdr function in netinet6/ip6_input.c in OpenBSD 4.2 allows attackers to cause a denial of service (panic) via malformed IPv6 routing headers. | ||||
| CVE-2007-6052 | 4 Ibm, Linux, Microsoft and 1 more | 4 Db2 Universal Database, Linux Kernel, Windows and 1 more | 2026-04-23 | N/A |
| IBM DB2 UDB 9.1 before Fixpak 4 does not properly perform vector aggregation, which might allow attackers to cause a denial of service (divide-by-zero error and DBMS crash), related to an "overflow." NOTE: the vendor description of this issue is too vague to be certain that it is security-related. | ||||