Export limit exceeded: 357105 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29942 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29942 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-1353 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-23 | N/A |
| The setsockopt function in the L2CAP and HCI Bluetooth support in the Linux kernel before 2.4.34.3 allows context-dependent attackers to read kernel memory and obtain sensitive information via unspecified vectors involving the copy_from_user function accessing an uninitialized stack buffer. | ||||
| CVE-2006-6823 | 1 Yrch | 1 Yrch | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in plugins/metasearch/plug.inc.php in Yrch! 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. | ||||
| CVE-2007-2953 | 2 Redhat, Vim Development Group | 2 Enterprise Linux, Vim | 2026-04-23 | N/A |
| Format string vulnerability in the helptags_one function in src/ex_cmds.c in Vim 6.4 and earlier, and 7.x up to 7.1, allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a help-tags tag in a help file, related to the helptags command. | ||||
| CVE-2006-5771 | 1 Arkoon | 1 Ssl360 | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Arkoon SSL360 1.0 and 2.0 before 2.0/2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2006-5505 | 1 Ben3w | 1 2bgal | 2026-04-23 | N/A |
| Multiple PHP file inclusion vulnerabilities in 2BGal 3.0 allow remote attackers to execute arbitrary PHP code via the lang parameter to (1) admin/configuration.inc.php, (2) admin/creer_album.inc.php, (3) admin/changepwd.php.inc, and unspecified other files. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | ||||
| CVE-2007-1294 | 1 Divx | 1 Divx Web Player | 2026-04-23 | N/A |
| A certain ActiveX control in the DivXBrowserPlugin (npdivx32.dll) in DivX Web Player, as distributed with DivX Player 1.3.0, allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via large values to DivxWP.Resize, related to resizing images. | ||||
| CVE-2007-4101 | 1 Global Centre | 1 Aplomb Poll | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Madoa Poll 1.1 allow remote attackers to execute arbitrary PHP code via the Madoa parameter to (1) index.php, (2) vote.php, and (3) admin.php. | ||||
| CVE-2006-6332 | 1 Madwifi | 1 Madwifi | 2026-04-23 | N/A |
| Stack-based buffer overflow in net80211/ieee80211_wireless.c in MadWifi before 0.9.2.1 allows remote attackers to execute arbitrary code via unspecified vectors, related to the encode_ie and giwscan_cb functions. | ||||
| CVE-2006-6330 | 1 Torrentflux | 1 Torrentflux | 2026-04-23 | N/A |
| index.php for TorrentFlux 2.2 allows remote registered users to execute arbitrary commands via shell metacharacters in the kill parameter. | ||||
| CVE-2007-2717 | 1 Igeneric | 1 Ig Shop | 2026-04-23 | N/A |
| SQL injection vulnerability in shop/page.php in iGeneric (iG) Shop 1.4 allows remote attackers to execute arbitrary SQL commands via the type_id[] parameter, a different vector than CVE-2005-0537. | ||||
| CVE-2006-6329 | 1 Torrentflux | 1 Torrentflux | 2026-04-23 | N/A |
| index.php for TorrentFlux 2.2 allows remote attackers to delete files by specifying the target filename in the delfile parameter. | ||||
| CVE-2007-1409 | 1 Wordpress | 1 Wordpress | 2026-04-23 | N/A |
| WordPress allows remote attackers to obtain sensitive information via a direct request for wp-admin/admin-functions.php, which reveals the path in an error message. | ||||
| CVE-2007-2574 | 1 Archangelmgt | 1 Weblog | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in Archangel Weblog 0.90.02 allows remote attackers to read arbitrary files via a .. (dot dot) in the index parameter. | ||||
| CVE-2007-3112 | 1 The Cacti Group | 1 Cacti | 2026-04-23 | N/A |
| graph_image.php in Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to cause a denial of service (CPU consumption) via a large value of the (1) graph_start or (2) graph_end parameter, different vectors than CVE-2007-3113. | ||||
| CVE-2007-3708 | 1 Codeigniter | 1 Codeigniter | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in CodeIgniter 1.5.3 before 20070626 allows remote attackers to inject arbitrary web script or HTML via (1) String.fromCharCode and (2) malformed nested tag manipulations in an unspecified component, related to insufficient sanitization by the xss_clean function. | ||||
| CVE-2007-3763 | 1 Asterisk | 4 Asterisk, Asterisk Appliance Developer Kit, Asterisknow and 1 more | 2026-04-23 | N/A |
| The IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a crafted (1) LAGRQ or (2) LAGRP frame that contains information elements of IAX frames, which results in a NULL pointer dereference when Asterisk does not properly set an associated variable. | ||||
| CVE-2006-5774 | 1 Hyper Nikki System | 1 Hyper Nikki System | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Hyper NIKKI System before 2.19.9 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2007-1411 | 1 Php | 1 Php | 2026-04-23 | N/A |
| Buffer overflow in PHP 4.4.6 and earlier, and unspecified PHP 5 versions, allows local and possibly remote attackers to execute arbitrary code via long server name arguments to the (1) mssql_connect and (2) mssql_pconnect functions. | ||||
| CVE-2007-3113 | 1 The Cacti Group | 1 Cacti | 2026-04-23 | N/A |
| Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to cause a denial of service (CPU consumption) via a large value of the (1) graph_height or (2) graph_width parameter, different vectors than CVE-2007-3112. | ||||
| CVE-2007-3569 | 1 Softlink Europe | 1 Oliver Library Management System | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Oliver Library Management System allow remote attackers to inject arbitrary web script or HTML via the (1) updateform and (2) displayform parameter to (a) gateway/gateway.exe; the (3) TERMS, (4) database, (5) srchad, (6) SuggestedSearch, and (7) searchform parameters to the (b) "Basic Search page"; and (8) username parameter when (c) logging on. | ||||