Export limit exceeded: 365307 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (365307 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-2037 1 Cisco 1 Wireless Lan Controller Software 2026-04-23 N/A
Cisco Wireless LAN Controller (WLC) before 3.2.116.21, and 4.0.x before 4.0.155.0, allows remote attackers on a local network to cause a denial of service (device crash) via malformed Ethernet traffic.
CVE-2008-1069 1 Quantum Game Library 1 Quantum Game Library 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in Quantum Game Library 0.7.2c allow remote attackers to execute arbitrary PHP code via a URL in the CONFIG[gameroot] parameter to (1) server_request.php and (2) qlib/smarty.inc.php.
CVE-2007-2036 1 Cisco 1 Wireless Lan Controller Software 2026-04-23 N/A
The SNMP implementation in the Cisco Wireless LAN Controller (WLC) before 20070419 uses the default read-only community public, and the default read-write community private, which allows remote attackers to read and modify SNMP variables, aka Bug ID CSCse02384.
CVE-2008-3142 4 Canonical, Debian, Python and 1 more 4 Ubuntu Linux, Debian Linux, Python and 1 more 2026-04-23 N/A
Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicode_resize function and the PyMem_RESIZE macro.
CVE-2007-2034 1 Cisco 1 Wireless Control System 2026-04-23 N/A
Unspecified vulnerability in Cisco Wireless Control System (WCS) before 4.0.87.0 allows remote authenticated users to gain the privileges of the SuperUsers group, and manage the application and its networks, related to the group membership of user accounts, aka Bug ID CSCsg05190.
CVE-2007-2033 1 Cisco 1 Wireless Control System 2026-04-23 N/A
Unspecified vulnerability in Cisco Wireless Control System (WCS) before 4.0.81.0 allows remote authenticated users to read any configuration page by changing the group membership of user accounts, aka Bug ID CSCse78596.
CVE-2007-2032 1 Cisco 1 Wireless Control System 2026-04-23 N/A
Cisco Wireless Control System (WCS) before 4.0.96.0 has a hard-coded FTP username and password for backup operations, which allows remote attackers to read and modify arbitrary files via unspecified vectors related to "properties of the FTP server," aka Bug ID CSCse93014.
CVE-2007-1745 2 Clam Anti-virus, Ifenslave 2 Clamav, Ifenslave 2026-04-23 N/A
The chm_decompress_stream function in libclamav/chmunpack.c in Clam AntiVirus (ClamAV) before 0.90.2 leaks file descriptors, which has unknown impact and attack vectors involving a crafted CHM file, a different vulnerability than CVE-2007-0897. NOTE: some of these details are obtained from third party information.
CVE-2007-0063 3 Canonical, Redhat, Vmware 7 Ubuntu Linux, Enterprise Linux, Ace and 4 more 2026-04-23 N/A
Integer underflow in the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows remote attackers to execute arbitrary code via a malformed DHCP packet that triggers a stack-based buffer overflow.
CVE-2007-0061 2 Canonical, Vmware 6 Ubuntu Linux, Ace, Esx and 3 more 2026-04-23 N/A
The DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows remote attackers to execute arbitrary code via a malformed packet that triggers "corrupt stack memory."
CVE-2006-6807 1 Softwebs Nepal 1 Ananda Real Estate 2026-04-23 N/A
SQL injection vulnerability in list.asp in Softwebs Nepal (aka Ananda Raj Pandey) Ananda Real Estate 3.4 and earlier allows remote attackers to execute arbitrary SQL commands via the agent parameter.
CVE-2006-6806 1 Enthrallweb 1 Emates 2026-04-23 N/A
SQL injection vulnerability in newsdetail.asp in Enthrallweb eMates 1.0 allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2006-6805 1 Enthrallweb 1 Ejobs 2026-04-23 N/A
SQL injection vulnerability in newsdetail.asp in Enthrallweb eJobs allows remote attackers to execute arbitrary SQL commands via the ID parameter.
CVE-2006-6803 1 Enthrallweb 1 Ecars 2026-04-23 N/A
SQL injection vulnerability in Types.asp in Enthrallweb eCars 1.0 allows remote attackers to execute arbitrary SQL commands via the Type_id parameter.
CVE-2006-6801 1 Sh-news 1 Sh-news 2026-04-23 N/A
PHP remote file inclusion vulnerability in misc.php in SH-News 0.93, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the news_cfg[path] parameter.
CVE-2006-6800 1 Limbo Cms 1 Event Module 2026-04-23 N/A
PHP remote file inclusion in eventcal/mod_eventcal.php in the event module 1.0 for Limbo CMS allows remote attackers to execute arbitrary PHP code via a URL in the lm_absolute_path parameter.
CVE-2006-6797 1 Microsoft 1 Windows Xp 2026-04-23 N/A
The Client Server Run-Time Subsystem (CSRSS) in Microsoft Windows allows local users to cause a denial of service (crash) or read arbitrary memory from csrss.exe via crafted arguments to the NtRaiseHardError function with status 0x50000018, a different vulnerability than CVE-2006-6696.
CVE-2006-6796 1 Mtcms 1 Mtcms 2026-04-23 N/A
PHP remote file inclusion vulnerability in admin/admin_settings.php in MTCMS 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the ins_file parameter.
CVE-2008-2399 2 Fireftp, Mozilla 2 Fireftp, Firefox 2026-04-23 N/A
Directory traversal vulnerability in the FireFTP add-on before 0.98.20080518 for Firefox allows remote FTP servers to create or overwrite arbitrary files via ..\ (dot dot backslash) sequences in responses to (1) MLSD and (2) LIST commands, a related issue to CVE-2002-1345. NOTE: this can be leveraged for code execution by writing to a Startup folder.
CVE-2009-3663 1 Jasper 1 Httpdx 2026-04-23 N/A
Format string vulnerability in the h_readrequest function in http.c in httpdx Web Server 1.4 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via format string specifiers in the Host header.