Export limit exceeded: 364951 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 24978 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (24978 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-4672 2 Apple, Microsoft 4 Mac Os X, Quicktime, Windows Vista and 1 more 2026-04-23 N/A
Stack-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via an invalid UncompressedQuickTimeData opcode length in a PICT image.
CVE-2007-4676 2 Apple, Microsoft 4 Mac Os X, Quicktime, Windows Vista and 1 more 2026-04-23 N/A
Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via malformed elements when parsing (1) Poly type (0x0070 through 0x0074) and (2) PackBitsRgn field (0x0099) opcodes in a PICT image.
CVE-2007-3891 1 Microsoft 1 Windows Vista 2026-04-23 N/A
Unspecified vulnerability in Windows Vista Weather Gadgets in Windows Vista allows remote attackers to execute arbitrary code via crafted HTML attributes.
CVE-2007-3893 1 Microsoft 1 Internet Explorer 2026-04-23 N/A
Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code via unspecified vectors involving memory corruption from an unhandled error.
CVE-2007-3899 1 Microsoft 2 Office, Word 2026-04-23 N/A
Unspecified vulnerability in Microsoft Word 2000 SP3, Word 2002 SP3, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a malformed string in a Word file, aka "Word Memory Corruption Vulnerability."
CVE-2007-4848 1 Microsoft 2 Ie, Internet Explorer 2026-04-23 N/A
Microsoft Internet Explorer 4.0 through 7 allows remote attackers to determine the existence of local files that have associated images via a res:// URI in the src property of a JavaScript Image object, as demonstrated by the URI for a bitmap image resource within a (1) .exe or (2) .dll file.
CVE-2007-4356 1 Microsoft 1 Internet Explorer 2026-04-23 N/A
Microsoft Internet Explorer 6 and 7 embeds FTP credentials in HTML files that are retrieved during an FTP session, which allows context-dependent attackers to obtain sensitive information by reading the HTML source, as demonstrated by a (1) .htm, (2) .html, or (3) .mht file.
CVE-2006-5913 1 Microsoft 1 Ie 2026-04-23 N/A
Microsoft Internet Explorer 7 allows remote attackers to (1) cause a security certificate from a secure web site to appear invalid via a link to res://ieframe.dll/sslnavcancel.htm with the target site in the anchor identifier, which displays the site's URL in the address bar but causes Internet Explorer to report that the certificate is invalid, or (2) trigger a "The webpage no longer exists" report via a link to res://ieframe.dll/http_410.htm, a variant of CVE-2006-5805.
CVE-2003-1566 1 Microsoft 1 Internet Information Services 2026-04-23 N/A
Microsoft Internet Information Services (IIS) 5.0 does not log requests that use the TRACK method, which allows remote attackers to obtain sensitive information without detection.
CVE-2003-1569 2 Goahead, Microsoft 4 Goahead Webserver, Windows 95, Windows 98 and 1 more 2026-04-23 N/A
GoAhead WebServer before 2.1.5 on Windows 95, 98, and ME allows remote attackers to cause a denial of service (daemon crash) via an HTTP request with a (1) con, (2) nul, (3) clock$, or (4) config$ device name in a path component, different vectors than CVE-2001-0385.
CVE-2009-3832 2 Microsoft, Opera 2 Windows, Opera Browser 2026-04-23 N/A
Opera before 10.01 on Windows does not prevent use of Web fonts in rendering the product's own user interface, which allows remote attackers to spoof the address field via a crafted web site.
CVE-2009-3831 2 Microsoft, Opera 2 Windows, Opera Browser 2026-04-23 N/A
Opera before 10.01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted domain name.
CVE-2009-2576 1 Microsoft 2 Ie, Internet Explorer 2026-04-23 N/A
Microsoft Internet Explorer 6.0.2900.2180 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a long Unicode string argument to the write method, a related issue to CVE-2009-2479. NOTE: it was later reported that 7.0.6000.16473 and earlier are also affected.
CVE-2009-3270 1 Microsoft 1 Internet Explorer 2026-04-23 N/A
Microsoft Internet Explorer 7 through 7.0.6000.16711 allows remote attackers to cause a denial of service (unusable browser) by calling the window.print function in a loop, aka a "printing DoS attack," possibly a related issue to CVE-2009-0821.
CVE-2009-0566 1 Microsoft 1 Office Publisher 2026-04-23 N/A
Microsoft Office Publisher 2007 SP1 does not properly calculate object handler data for Publisher files, which allows remote attackers to execute arbitrary code via a crafted file in a legacy format that triggers memory corruption, aka "Pointer Dereference Vulnerability."
CVE-2007-4814 1 Microsoft 1 Sql Server 2026-04-23 N/A
Buffer overflow in the SQLServer ActiveX control in the Distributed Management Objects OLE DLL (sqldmo.dll) 2000.085.2004.00 in Microsoft SQL Server Enterprise Manager 8.05.2004 allows remote attackers to execute arbitrary code via a long second argument to the Start method.
CVE-2007-5090 2 Ibm, Microsoft 3 Db2, Rational Clearquest, Sql Server 2026-04-23 N/A
Unspecified vulnerability in IBM Rational ClearQuest (CQ), when a Microsoft SQL Server or an IBM DB2 database is used, allows attackers to corrupt data via unspecified vectors.
CVE-2007-5133 2 3ware, Microsoft 5 3dm Disk Management Software, Windows 2003 Server, Windows Server 2003 and 2 more 2026-04-23 N/A
Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service (CPU consumption) via a certain PNG file with a large tEXt chunk that possibly triggers an integer overflow in PNG chunk size handling, as demonstrated by badlycrafted.png.
CVE-2007-5095 1 Microsoft 2 Windows Media Player, Windows Xp 2026-04-23 N/A
Microsoft Windows Media Player (WMP) 9 on Windows XP SP2 invokes Internet Explorer to render HTML documents contained inside some media files, regardless of what default web browser is configured, which might allow remote attackers to exploit vulnerabilities in software that the user does not expect to run, as demonstrated by the HTMLView parameter in an .asx file.
CVE-2008-5543 2 Microsoft, Symantec 2 Internet Explorer, Antivirus 2026-04-23 N/A
Symantec AntiVirus (SAV) 10, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit.