Export limit exceeded: 347828 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347828 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347828 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-2748 | 1 Php | 1 Php | 2026-04-23 | N/A |
| The substr_count function in PHP 5.2.1 and earlier allows context-dependent attackers to obtain sensitive information via unspecified vectors, a different affected function than CVE-2007-1375. | ||||
| CVE-2006-6561 | 1 Microsoft | 4 Office, Word, Word Viewer and 1 more | 2026-04-23 | N/A |
| Unspecified vulnerability in Microsoft Word 2000, 2002, and Word Viewer 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted DOC file that triggers memory corruption, as demonstrated via the 12122006-djtest.doc file, a different issue than CVE-2006-5994 and CVE-2006-6456. | ||||
| CVE-2006-6563 | 1 Proftpd Project | 1 Proftpd | 2026-04-23 | N/A |
| Stack-based buffer overflow in the pr_ctrls_recv_request function in ctrls.c in the mod_ctrls module in ProFTPD before 1.3.1rc1 allows local users to execute arbitrary code via a large reqarglen length value. | ||||
| CVE-2007-1673 | 9 Amavis, Avast, Avira and 6 more | 13 Amavis, Avast Antivirus, Avast Antivirus Home and 10 more | 2026-04-23 | N/A |
| unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file. | ||||
| CVE-2006-6564 | 1 Filezilla | 1 Filezilla | 2026-04-23 | N/A |
| FileZilla Server before 0.9.22 allows remote attackers to cause a denial of service (crash) via a malformed argument to the STOR command, which results in a NULL pointer dereference. NOTE: CVE analysis suggests that the problem might be due to a malformed PORT command. | ||||
| CVE-2007-1674 | 1 Landesk | 1 Landesk Management Suite | 2026-04-23 | N/A |
| Stack-based buffer overflow in the Alert Service (aolnsrvr.exe) in LANDesk Management Suite 8.7 allows remote attackers to execute arbitrary code via a crafted packet to port 65535/UDP. | ||||
| CVE-2006-6565 | 1 Filezilla-project | 1 Filezilla Server | 2026-04-23 | N/A |
| FileZilla Server before 0.9.22 allows remote attackers to cause a denial of service (crash) via a wildcard argument to the (1) LIST or (2) NLST commands, which results in a NULL pointer dereference, a different set of vectors than CVE-2006-6564. NOTE: CVE analysis suggests that the problem might be due to a malformed PORT command. | ||||
| CVE-2006-6566 | 1 Mxbb | 1 Mxbb | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in includes/profilcp_constants.php in the Profile Control Panel (CPanel) module for mxBB 0.91c allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | ||||
| CVE-2007-1675 | 1 Ibm | 1 Lotus Domino | 2026-04-23 | N/A |
| Buffer overflow in the CRAM-MD5 authentication mechanism in the IMAP server (nimap.exe) in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to cause a denial of service via a long username. | ||||
| CVE-2007-2749 | 1 Faqengine | 1 Faqengine | 2026-04-23 | N/A |
| SQL injection vulnerability in question.php in FAQEngine 4.16.03 and earlier allows remote attackers to execute arbitrary SQL commands via the questionref parameter in a display action. | ||||
| CVE-2007-1677 | 2 Navision Software, Netbsd | 2 Navision Financials Server, Netbsd | 2026-04-23 | N/A |
| Multiple buffer overflows in the ISO network protocol support in the NetBSD kernel 2.0 through 4.0_BETA2, and NetBSD-current before 20070329, allow local users to execute arbitrary code via long parameters to certain functions, as demonstrated by a long sockaddr structure argument to the clnp_route function. | ||||
| CVE-2006-6569 | 1 Genesistrader | 1 Genesistrader | 2026-04-23 | N/A |
| form.php in GenesisTrader 1.0 allows remote attackers to read source code for arbitrary files and obtain sensitive information via the (1) do and (2) chem parameters with a "modfich" floap parameter. | ||||
| CVE-2006-6570 | 1 Genesistrader | 1 Genesistrader | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in upload.php in GenesisTrader 1.0 allows remote authenticated users to upload arbitrary files via unspecified vectors, possibly involving form.php and the ajoutfich "foap" action. | ||||
| CVE-2006-6571 | 1 Genesistrader | 1 Genesistrader | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in form.php in GenesisTrader 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) cuve, (2) chem, (3) do, and possibly other parameters. | ||||
| CVE-2007-1678 | 1 Fizzle | 1 Fizzle | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Fizzle 0.5 extension for Firefox allows remote attackers to inject arbitrary web script or HTML via RSS feeds, which are executed by the chrome: URI handler. | ||||
| CVE-2007-2750 | 1 Simpnews | 1 Simpnews | 2026-04-23 | N/A |
| SQL injection vulnerability in print.php in SimpNews 2.40.01 and earlier allows remote attackers to execute arbitrary SQL commands via the newsnr parameter. | ||||
| CVE-2006-6579 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2026-04-23 | N/A |
| Microsoft Windows XP has weak permissions (FILE_WRITE_DATA and FILE_READ_DATA for Everyone) for %WINDIR%\pchealth\ERRORREP\QHEADLES, which allows local users to write and read files in this folder, as demonstrated by an ASP shell that has write access by IWAM_machine and read access by IUSR_Machine. | ||||
| CVE-2006-6584 | 1 Italkplus | 1 Italkplus | 2026-04-23 | N/A |
| Multiple buffer overflows in italkplus (Italk+) before 0.92.1 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unspecified vectors. | ||||
| CVE-2006-6587 | 1 Apache | 1 Ofbiz | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the forum implementation in the ecommerce component in the Apache Open For Business Project (OFBiz) allows remote attackers to inject arbitrary web script or HTML by posting a message. | ||||
| CVE-2006-6588 | 1 Apache | 1 Ofbiz | 2026-04-23 | N/A |
| The forum implementation in the ecommerce component in the Apache Open For Business Project (OFBiz) trusts the (1) dataResourceTypeId, (2) contentTypeId, and certain other hidden form fields, which allows remote attackers to create unauthorized types of content, modify content, or have other unknown impact. | ||||