Export limit exceeded: 364097 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364097 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-0464 | 1 Absofort | 1 Aconon Mail Enterprise Sql | 2026-04-23 | N/A |
| Directory traversal vulnerability in archiv.cgi in absofort aconon Mail 2007 Enterprise SQL 11.7.0 and Mail 2004 Enterprise SQL 11.5.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the template parameter. | ||||
| CVE-2008-0465 | 1 Seagullproject.org | 1 Seagull | 2026-04-23 | N/A |
| Directory traversal vulnerability in optimizer.php in Seagull 0.6.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the files parameter. | ||||
| CVE-2008-0503 | 1 Netwerk | 1 Smart Publisher | 2026-04-23 | N/A |
| Eval injection vulnerability in admin/op/disp.php in Netwerk Smart Publisher 1.0.1 allows remote attackers to execute arbitrary PHP code via the filedata parameter. | ||||
| CVE-2008-0480 | 1 Web Wiz | 1 Web Wiz Forums | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in Web Wiz Forums 9.07 and earlier allow remote attackers to list arbitrary directories, and .txt and .zip files, via a .....\\\ in the sub parameter to (1) RTE_file_browser.asp or (2) file_browser.asp. | ||||
| CVE-2008-0481 | 1 Web Wiz | 1 Rich Text Editor | 2026-04-23 | N/A |
| Directory traversal vulnerability in RTE_file_browser.asp in Web Wiz Rich Text Editor 4.0 allows remote attackers to list arbitrary directories, and .txt and .zip files, via a .....\\\ in the sub parameter in a save action. | ||||
| CVE-2008-0485 | 1 Mplayer | 1 Mplayer | 2026-04-23 | N/A |
| Array index error in libmpdemux/demux_mov.c in MPlayer 1.0 rc2 and earlier might allow remote attackers to execute arbitrary code via a QuickTime MOV file with a crafted stsc atom tag. | ||||
| CVE-2007-1189 | 1 Bell Labs | 1 Plan 9 | 2026-04-23 | N/A |
| Integer overflow in the envwrite function in the Alcatel-Lucent Bell Labs Plan 9 kernel allows local users to overwrite certain memory addresses with kernel memory via a large n argument, as demonstrated by (1) modifying the iseve function to gain privileges and (2) making the devpermcheck function grant unrestricted device permissions. | ||||
| CVE-2008-0488 | 1 Vb Marketing | 1 Vb Marketing | 2026-04-23 | N/A |
| Directory traversal vulnerability in tseekdir.cgi in VB Marketing allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the location parameter. | ||||
| CVE-2008-0489 | 1 Clansphere | 1 Clansphere | 2026-04-23 | N/A |
| Directory traversal vulnerability in install.php in Clansphere 2007.4.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter. | ||||
| CVE-2008-0512 | 1 Joomla | 1 Com Fq | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the fq (com_fq) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter. | ||||
| CVE-2007-2465 | 1 Sun | 2 Solaris, Sunos | 2026-04-23 | N/A |
| Unspecified vulnerability in Sun Solaris 9, when Solaris Auditing (BSM) is enabled for file read, write, attribute modify, create, or delete audit classes, allows local users to cause a denial of service (panic) via unknown vectors, possibly related to the audit_savepath function. | ||||
| CVE-2009-1222 | 1 Webedition | 1 Webedition | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in webEdition 6.0.0.4 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the WE_LANGUAGE parameter. | ||||
| CVE-2008-0279 | 1 Xforum | 1 Xforum | 2026-04-23 | N/A |
| SQL injection vulnerability in liretopic.php in Xforum 1.4 and possibly others allows remote attackers to execute arbitrary SQL commands via the topic parameter. NOTE: the categorie parameter might also be affected. | ||||
| CVE-2008-0277 | 1 Drupal | 1 Fileshare Module | 2026-04-23 | N/A |
| Unspecified vulnerability in the Fileshare module for Drupal allows remote authenticated users with node-creation privileges to execute arbitrary code via unspecified vectors. | ||||
| CVE-2008-0276 | 1 Drupal | 1 Drupal | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Devel module before 5.x-0.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via a site variable, related to lack of escaping of the variable table. | ||||
| CVE-2008-0275 | 1 Drupal | 1 Atom Module | 2026-04-23 | N/A |
| The Atom 4.7 before 4.7.x-1.0 and 5.x before 5.x-1.0 module for Drupal does not properly manage permissions for node (1) titles, (2) teasers, and (3) bodies, which might allow remote attackers to gain access to syndicated content. | ||||
| CVE-2006-5321 | 1 Tincan | 1 Phplist | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phplist before 2.10.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2007-6716 | 7 Canonical, Debian, Linux and 4 more | 8 Ubuntu Linux, Debian Linux, Linux Kernel and 5 more | 2026-04-23 | 5.5 Medium |
| fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 does not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test. | ||||
| CVE-2007-6717 | 1 Ibm | 1 Aix | 2026-04-23 | N/A |
| Buffer overflow in tftp in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to gain privileges via unspecified vectors. | ||||
| CVE-2007-6725 | 2 Ghostscript, Redhat | 2 Ghostscript, Enterprise Linux | 2026-04-23 | N/A |
| The CCITTFax decoding filter in Ghostscript 8.60, 8.61, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF file that triggers a buffer underflow in the cf_decode_2d function. | ||||