Export limit exceeded: 14413 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 346136 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346136 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-2317 | 1 Apple | 4 Iphone, Iphone Os, Ipod Touch and 1 more | 2026-04-23 | N/A |
| WebCore in Apple Safari does not properly perform garbage collection of JavaScript document elements, which allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via a reference to the ownerNode property of a copied CSSStyleSheet object of a STYLE element, as originally demonstrated on Apple iPhone before 2.0 and iPod touch before 2.0, a different vulnerability than CVE-2008-1590. | ||||
| CVE-2008-1623 | 1 Lotus Web Studios Inc | 1 Smoothflash | 2026-04-23 | N/A |
| SQL injection vulnerability in admin_view_image.php in Smoothflash allows remote attackers to execute arbitrary SQL commands via the cid parameter. | ||||
| CVE-2008-2320 | 1 Apple | 3 Carboncore, Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Stack-based buffer overflow in CarbonCore in Apple Mac OS X 10.4.11 and 10.5.4, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a long filename to the file management API. | ||||
| CVE-2008-4795 | 1 Opera | 1 Opera | 2026-04-23 | N/A |
| The links panel in Opera before 9.62 processes Javascript within the context of the "outermost page" of a frame, which allows remote attackers to inject arbitrary web script or HTML via cross-site scripting (XSS) attacks. | ||||
| CVE-2006-5493 | 1 Digitalhive | 1 Digitalhive | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in template/purpletech/base_include.php in DigitalHive 2.0 RC2 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. | ||||
| CVE-2007-4736 | 1 Cartkeeper | 1 Ckgold Shopping Cart | 2026-04-23 | N/A |
| SQL injection vulnerability in category.php in CartKeeper CKGold Shopping Cart 2.0 allows remote attackers to execute arbitrary SQL commands via the category_id parameter. | ||||
| CVE-2008-2322 | 1 Apple | 3 Coregraphics, Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11, 10.5.2, and 10.5.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF file with a long Type 1 font, which triggers a heap-based buffer overflow. | ||||
| CVE-2006-6109 | 1 Candypress | 1 Candypress Store | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in CandyPress Store 3.5.2.14 allow remote attackers to execute arbitrary SQL commands via the (1) policy parameter in openPolicy.asp or the (2) brand parameter in prodList.asp. | ||||
| CVE-2008-2327 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2026-04-23 | N/A |
| Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code. | ||||
| CVE-2006-5767 | 1 Drake Team | 1 Drake Cms | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in includes/xhtml.php in Drake CMS 0.2.2 alpha rev.846 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the d_root parameter. | ||||
| CVE-2008-2329 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Directory Services in Apple Mac OS X 10.5 through 10.5.4, when Active Directory is used, allows attackers to enumerate user names via wildcard characters in the Login Window. | ||||
| CVE-2008-2333 | 1 Barracuda Networks | 1 Barracuda Spam Firewall | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in ldap_test.cgi in Barracuda Spam Firewall (BSF) before 3.5.11.025 allows remote attackers to inject arbitrary web script or HTML via the email parameter. | ||||
| CVE-2006-5771 | 1 Arkoon | 1 Ssl360 | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Arkoon SSL360 1.0 and 2.0 before 2.0/2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2006-7131 | 1 Jinzora | 1 Jinzora | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in extras/mt.php in Jinzora 2.6 allows remote attackers to execute arbitrary PHP code via the web_root parameter. | ||||
| CVE-2008-1721 | 4 Canonical, Debian, Python and 1 more | 4 Ubuntu Linux, Debian Linux, Python and 1 more | 2026-04-23 | N/A |
| Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow. | ||||
| CVE-2008-1729 | 1 Drupal | 1 Drupal | 2026-04-23 | N/A |
| The menu system in Drupal 6 before 6.2 has incorrect menu settings, which allows remote attackers to (1) edit the profile pages of arbitrary users, and obtain sensitive information from (2) tracker and (3) blog pages, related to a missing check for the "access content" permission; and (4) allows remote authenticated users, with administration page view access, to edit content types. | ||||
| CVE-2007-0301 | 1 Fdweb | 1 Espace Membre | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in _admin/admin_menu.php in FdWeB Espace Membre 2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. | ||||
| CVE-2008-2337 | 1 Imgallery | 1 Imgallery | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in IMGallery 2.5, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) kategoria parameter to (a) galeria.php and the (2) id_phot parameter to (b) popup/koment.php and (c) popup/opis.php in, different vectors than CVE-2006-3163. | ||||
| CVE-2008-2340 | 1 News Manager | 1 News Manager | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in News Manager 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) lang parameter to (a) advsearch.php, (b) archive.php, and (c) index.php, and the (2) pid parameter to (d) list_tagitems.php. | ||||
| CVE-2008-2341 | 1 Avalonnet | 1 News Manager | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in ch_readalso.php in News Manager 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the read_xml_include parameter. | ||||