Export limit exceeded: 363617 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363617 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363617 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-3875 1 Microsoft 2 Excel, Excel Viewer 2026-04-23 N/A
Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 for Mac, v.X for Mac, and Excel Viewer 2003 allows user-assisted attackers to execute arbitrary code via a crafted COLINFO record in an XLS file, a different vulnerability than CVE-2006-2387 and CVE-2006-3867.
CVE-2006-6669 1 Webcalendar 1 Webcalendar 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in export_handler.php in WebCalendar 1.0.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the format parameter.
CVE-2007-2124 1 Oracle 1 Application Server 2026-04-23 N/A
Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.4.1.0 has unknown impact and remote attack vectors, aka AS05.
CVE-2006-5518 1 Christopher Fowler 1 Rssonate 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in Christopher Fowler (Rhode Island) RSSonate allow remote attackers to execute arbitrary PHP code via a URL in the PROJECT_ROOT parameter to (1) xml2rss.php, (2) config_local.php, (3) rssonate.php, and (4) sql2xml.php in Src/getFeed/inc/.
CVE-2007-2134 1 Oracle 1 Enterpriseone 2026-04-23 N/A
Unspecified vulnerability in the HTML Server in Oracle JD Edwards EnterpriseOne SP23_Q1 and 8.96.I1 has unknown impact and local attack vectors, aka JDE01.
CVE-2007-2189 1 Mx Smartor 1 Full Album Pack 2026-04-23 N/A
PHP remote file inclusion vulnerability in admin/admin_album_otf.php in the MX Smartor Full Album Pack (FAP) 2.0 RC1 module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2007-6198 1 Bea 1 Aqualogic Interaction 2026-04-23 N/A
portal/server.pt in the Plumtree portal in BEA AquaLogic Interaction 5.0.2 through 5.0.4 and 6.0.1.218452 allows wildcards in advanced searches for usernames, which allows remote attackers to enumerate valid usernames via the in_tx_fulltext parameter.
CVE-2006-3893 2 Casio, Newtone 2 Photo Loader, Imagekit 2026-04-23 N/A
Multiple buffer overflows in the ActiveX controls in Newtone ImageKit 5 before Fix 30 and 6 before Fix 40, as used in CASIO Photo Loader software before 3.01 and possibly other software, allow remote attackers to execute arbitrary code via a crafted HTML document.
CVE-2006-6692 1 Zabbix 1 Zabbix 2026-04-23 N/A
Multiple format string vulnerabilities in zabbix before 20061006 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in information that would be recorded in the system log using (1) zabbix_log or (2) zabbix_syslog.
CVE-2006-4402 1 Apple 1 Mac Os X 2026-04-23 N/A
Heap-based buffer overflow in the Finder in Apple Mac OS X 10.4.8 and earlier allows user-assisted remote attackers to execute arbitrary code by browsing directories containing crafted .DS_Store files.
CVE-2007-1941 1 Ibm 1 Lotus Notes 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the Active Content Filter feature in Domino Web Access (DWA) in IBM Lotus Notes before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to inject arbitrary web script or HTML via a multipart/related e-mail message, a different issue than CVE-2006-4843.
CVE-2006-4406 1 Apple 1 Mac Os X 2026-04-23 N/A
Buffer overflow in PPP on Apple Mac OS X 10.4.x up to 10.4.8 and 10.3.x up to 10.3.9, when PPPoE is enabled, allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2007-6389 1 Gnome 1 Screensaver 2026-04-23 N/A
The notify feature in GNOME screensaver (gnome-screensaver) 2.20.0 might allow local users to read the clipboard contents and X selection data for a locked session by using ctrl-V.
CVE-2006-5416 1 F5 1 Firepass 1000 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in my.acctab.php3 in F5 Networks FirePass 1000 SSL VPN 5.5, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the sid parameter.
CVE-2007-1281 3 Kaspersky Lab, Linux, Microsoft 3 Kaspersky Antivirus Engine, Linux Kernel, All Windows 2026-04-23 N/A
Kaspersky AntiVirus Engine 6.0.1.411 for Windows and 5.5-10 for Linux allows remote attackers to cause a denial of service (CPU consumption) via a crafted UPX compressed file with a negative offset, which triggers an infinite loop during decompression.
CVE-2006-7204 1 Php 1 Php 2026-04-23 N/A
The imap_body function in PHP before 4.4.4 does not implement safemode or open_basedir checks, which allows local users to read arbitrary files or list arbitrary directory contents.
CVE-2006-5410 1 Boonex 1 Dolphin 2026-04-23 N/A
PHP remote file inclusion vulnerability in templates/tmpl_dfl/scripts/index.php in BoonEx Dolphin 5.2 allows remote attackers to execute arbitrary PHP code via a URL in the dir[inc] parameter. NOTE: it is possible that this issue overlaps CVE-2006-4189.
CVE-2006-7207 1 Ageet 1 Agephone 2026-04-23 N/A
Buffer overflow in ageet AGEphone before 1.4.0 might allow remote attackers to have an unknown impact via unspecified vectors.
CVE-2007-2151 1 Mcafee 1 E-business Server 2026-04-23 N/A
The administration server in McAfee e-Business Server before 8.1.1 and 8.5.x before 8.5.2 allows remote attackers to cause a denial of service (service crash) via a large length value in a malformed authentication packet, which triggers a heap over-read.
CVE-2007-1299 1 Mani Stats Reader 1 Mani Stats Reader 2026-04-23 N/A
PHP remote file inclusion vulnerability in index.php in Mani Stats Reader 1.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the ipath parameter.