Export limit exceeded: 346069 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346069 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-1154 | 1 Cisco | 1 Ios Xr | 2026-04-23 | N/A |
| Cisco IOS XR 3.8.1 and earlier allows remote attackers to cause a denial of service (process crash) via a long BGP UPDATE message, as demonstrated by a message with many AS numbers in the AS Path Attribute. | ||||
| CVE-2007-3679 | 1 Citrix | 1 Access Gateway | 2026-04-23 | N/A |
| The Citrix EPA ActiveX control (aka the "endpoint checking control" or CCAOControl Object) before 4.5.0.0 in npCtxCAO.dll in Citrix Access Gateway Standard Edition before 4.5.5 and Advanced Edition before 4.5 HF1 allows remote attackers to download and execute arbitrary programs onto a client system. | ||||
| CVE-2006-5494 | 1 Phpnuke | 1 Php-nuke | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in modules/My_eGallery/public/displayCategory.php in the pandaBB module for PHP-Nuke allow remote attackers to execute arbitrary PHP code via a URL in the (1) adminpath or (2) basepath parameters. NOTE: this issue might overlap CVE-2006-6795. | ||||
| CVE-2009-1156 | 1 Cisco | 2 Adaptive Security Appliance 5500, Pix | 2026-04-23 | N/A |
| Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 8.0 before 8.0(4)25 and 8.1 before 8.1(2)15, when an SSL VPN or ASDM access is configured, allows remote attackers to cause a denial of service (device reload) via a crafted (1) SSL or (2) HTTP packet. | ||||
| CVE-2010-0007 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Mrg | 2026-04-23 | N/A |
| net/bridge/netfilter/ebtables.c in the ebtables module in the netfilter framework in the Linux kernel before 2.6.33-rc4 does not require the CAP_NET_ADMIN capability for setting or modifying rules, which allows local users to bypass intended access restrictions and configure arbitrary network-traffic filtering via a modified ebtables application. | ||||
| CVE-2006-5555 | 1 Epnadmin | 1 Epnadmin | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in constantes.inc.php in EPNadmin 0.7 and 0.7.1 allows remote attackers to execute arbitrary PHP code via the langage parameter. | ||||
| CVE-2009-1160 | 1 Cisco | 2 Adaptive Security Appliance 5500, Pix | 2026-04-23 | N/A |
| Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)1, 7.1 before 7.1(2)74, 7.2 before 7.2(4)9, and 8.0 before 8.0(4)5 do not properly implement the implicit deny statement, which might allow remote attackers to successfully send packets that bypass intended access restrictions, aka Bug ID CSCsq91277. | ||||
| CVE-2009-1135 | 1 Microsoft | 1 Isa Server | 2026-04-23 | N/A |
| Microsoft Internet Security and Acceleration (ISA) Server 2006 Gold and SP1, when Radius OTP is enabled, uses the HTTP-Basic authentication method, which allows remote attackers to gain the privileges of an arbitrary account, and access published web pages, via vectors involving attempted access to a network resource behind the ISA Server, aka "Radius OTP Bypass Vulnerability." | ||||
| CVE-2007-3624 | 1 Sap | 1 Sap Message Server | 2026-04-23 | N/A |
| Heap-based buffer overflow in the Message HTTP Server in SAP Message Server allows remote attackers to execute arbitrary code via a long string in the group parameter to /msgserver/html/group. | ||||
| CVE-2007-3620 | 1 Maia Mailguard | 1 Maia Mailguard | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in Maia Mailguard 1.0.2 and earlier might allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) prevlang and (2) super parameters to (a) php/login.php; the (3) charset parameter to (a) php/login.php, (b) php/internal-init.php, and (c) php/xlogin.php; the (4) lang parameter to (b) php/internal-init.php; and the (5) language parameter to (c) php/xlogin.php. | ||||
| CVE-2007-3619 | 1 Maia Mailguard | 1 Maia Mailguard | 2026-04-23 | N/A |
| Directory traversal vulnerability in login.php in Maia Mailguard 1.0.2 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter. | ||||
| CVE-2007-3615 | 2 Microsoft, Sap | 3 All Windows, Internet Communication Manager, Sap Web Application Server | 2026-04-23 | N/A |
| Internet Communication Manager (aka ICMAN.exe or ICM) in SAP NetWeaver Application Server 6.x and 7.x, possibly only on Windows, allows remote attackers to cause a denial of service (process crash) via a URI of a certain length that contains a sap-isc-key parameter, related to configuration of a web cache. | ||||
| CVE-2007-3614 | 1 Sap | 1 Sap Db | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in waHTTP.exe (aka the SAP DB Web Server) in SAP DB, possibly 7.3 through 7.5, allow remote attackers to execute arbitrary code via (1) a certain cookie value; (2) a certain additional parameter, related to sapdbwa_GetQueryString; and other unspecified vectors related to "numerous other fields." | ||||
| CVE-2007-3609 | 1 Emeeting | 1 Online Dating Software | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in eMeeting Online Dating Software 5.2 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) b.php and (2) account/gallery.php, and other unspecified vectors. | ||||
| CVE-2007-3608 | 1 Sap | 1 Enjoysap | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in ActiveX controls in the EnjoySAP SAP GUI allow remote attackers to create certain files via unspecified vectors. | ||||
| CVE-2007-3607 | 1 Sap | 1 Enjoysap | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in ActiveX controls in the EnjoySAP SAP GUI allow remote attackers to cause a denial of service (process crash) via unspecified vectors. | ||||
| CVE-2007-3604 | 1 Vtiger | 1 Vtiger Crm | 2026-04-23 | N/A |
| vtiger CRM before 5.0.3 allows remote authenticated users with access to the Analytics DashBoard menu to bypass data restrictions and read the pipeline of the entire organization, possibly involving modules/Potentials/Potentials.php. | ||||
| CVE-2007-3603 | 1 Vtiger | 1 Vtiger Crm | 2026-04-23 | N/A |
| SQL injection vulnerability in the dashboard (include/utils/SearchUtils.php) in vtiger CRM before 5.0.3 allows remote authenticated users to execute arbitrary SQL commands via the assigned_user_id parameter in a Potentials ListView action to index.php. | ||||
| CVE-2007-3601 | 1 Vtiger | 1 Vtiger Crm | 2026-04-23 | N/A |
| vtiger CRM before 5.0.3, when a migrated build is used, allows remote authenticated users to read certain other users' calendar activities via a (1) home page or (2) event list view. | ||||
| CVE-2007-3592 | 1 Elite Bulletin Board | 1 Elite Bulletin Board | 2026-04-23 | N/A |
| PM.php in Elite Bulletin Board before 1.0.10 allows remote authenticated users to delete arbitrary PM messages and conduct other attacks via modified id fields. | ||||