Export limit exceeded: 29840 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29840 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-0793 | 1 Globalmegacorp | 1 Dvddb | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in inc/common.php in GlobalMegaCorp dvddb 0.6 allows remote attackers to execute arbitrary PHP code via a URL in the config parameter. | ||||
| CVE-2008-6997 | 1 Google | 1 Chrome | 2025-04-09 | N/A |
| Google Chrome 0.2.149.27 allows user-assisted remote attackers to cause a denial of service (browser crash) via an IMG tag with a long src attribute, which triggers the crash when the victim performs an "Inspect Element" action. | ||||
| CVE-2006-6787 | 1 Mxmania | 1 Newsletter Mx | 2025-04-09 | N/A |
| SQL injection vulnerability in admin/admin_mail_adressee.asp in Newsletter MX 1.0.2 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter. | ||||
| CVE-2007-0226 | 1 Uniforum | 1 Uniforum | 2025-04-09 | N/A |
| SQL injection vulnerability in wbsearch.aspx in uniForum 4 and earlier allows remote attackers to execute arbitrary SQL commands via the "by User" field (aka the TXbyuser parameter). | ||||
| CVE-2007-0799 | 1 Uapplication | 1 Ublog | 2025-04-09 | N/A |
| SQL injection vulnerability in badword.asp in Ublog Reload 1.0.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2006-6780 | 1 Hlstats | 1 Hlstats | 2025-04-09 | N/A |
| SQL injection vulnerability in the login form in HLstats 1.20 through 1.34 allows remote attackers to execute arbitrary SQL commands via the killLimit parameter. | ||||
| CVE-2007-1337 | 1 Vmware | 1 Workstation | 2025-04-09 | N/A |
| The virtual machine process (VMX) in VMware Workstation before 5.5.4 does not properly read state information when moving from the ACPI sleep state to the run state, which allows attackers to cause a denial of service (virtual machine reboot) via unknown vectors. | ||||
| CVE-2007-2212 | 1 Mybb | 1 Mybb | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in calendar.php in MyBB (aka MyBulletinBoard) 1.2.5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) year or (2) month parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-3873 | 2 Adobe, Redhat | 2 Flash Player, Rhel Extras | 2025-04-09 | N/A |
| The System.setClipboard method in ActionScript in Adobe Flash Player 9.0.124.0 and earlier allows remote attackers to populate the clipboard with a URL that is difficult to delete and does not require user interaction to populate the clipboard, as exploited in the wild in August 2008. | ||||
| CVE-2007-1339 | 1 Monitor-line | 1 Links Management | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in Links Management Application 1.0 allows remote attackers to execute arbitrary SQL commands via the lcnt parameter. | ||||
| CVE-2007-2213 | 1 Ipswitch | 1 Ws Ftp | 2025-04-09 | N/A |
| Unspecified vulnerability in the Initialize function in NetscapeFTPHandler in WS_FTP Home and Professional 2007 allows remote attackers to cause a denial of service (NULL dereference and application crash) via unspecified vectors related to "improper arguments." | ||||
| CVE-2007-1340 | 1 Weltennetz | 1 News-letterman | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in eintrag.php in Weltennetz News-Letterman 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the sqllog parameter. | ||||
| CVE-2007-2938 | 2 Honeywell, Microsoft | 2 Ademco Atnbaseloader100 Module, Internet Explorer | 2025-04-09 | N/A |
| Buffer overflow in the BaseRunner ActiveX control in the Ademco ATNBaseLoader100 Module (ATNBaseLoader100.dll) 5.4.0.6, when Internet Explorer 6 is used, allows remote attackers to execute arbitrary code via a long argument to the (1) Send485CMD method, and possibly the (2) SetLoginID, (3) AddSite, (4) SetScreen, and (5) SetVideoServer methods. | ||||
| CVE-2007-1341 | 1 Simple Invoices | 1 Simple Invoices | 2025-04-09 | N/A |
| include/auth/auth.php in Simple Invoices before 2007 03 05 does not use the login system to protect print preview pages for invoices, which might allow attackers to obtain sensitive information. | ||||
| CVE-2007-3362 | 3 Ageet, Htc, Microsoft | 3 Agephone, Hytn, Windows Mobile | 2025-04-09 | N/A |
| ageet AGEphone before 1.6.2, running on Windows Mobile 5 on the HTC HyTN Pocket PC device, allows remote attackers to (1) cause a denial of service (call disruption and device hang) via a SIP message with a malformed header and (2) cause a denial of service (call disruption, false ring indication, and device outage) via a SIP message with a malformed SDP delimiter. | ||||
| CVE-2007-1343 | 1 Webcalendar | 1 Webcalendar | 2025-04-09 | N/A |
| includes/functions.php in Craig Knudsen WebCalendar before 1.0.5 does not protect the noSet variable from external modification, which allows remote attackers to set arbitrary global variables via a URL with modified values in the noSet parameter, which leads to resultant vulnerabilities that probably include remote file inclusion and other issues. | ||||
| CVE-2007-2939 | 1 Mazens Php Chat | 1 Mazens Php Chat | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Mazen's PHP Chat 3.0.0 allow remote attackers to execute arbitrary PHP code via a URL in the basepath parameter to (1) ITX.php, (2) IT_Error.php, or (3) IT.php in include/pear/. | ||||
| CVE-2009-0077 | 1 Microsoft | 2 Forefront Threat Management Gateway, Internet Security And Acceleration Server | 2025-04-09 | N/A |
| The firewall engine in Microsoft Forefront Threat Management Gateway, Medium Business Edition (TMG MBE); and Internet Security and Acceleration (ISA) Server 2004 SP3, 2006, 2006 Supportability Update, and 2006 SP1; does not properly manage the session state of web listeners, which allows remote attackers to cause a denial of service (many stale sessions) via crafted packets, aka "Web Proxy TCP State Limited Denial of Service Vulnerability." | ||||
| CVE-2006-5627 | 1 Qnecms | 1 Qnecms | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in QnECMS 2.5.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the adminfolderpath parameter to (1) headerscripts.php, (2) footerhome.php, and (3) footermain.php in admin/include/; (4) photogallery/headerscripts.php; and (5) footerhome.php, (6) footermain.php, (7) headermain.php, (8) sitemapfooter.php, and (9) sitemapheader.php in templates/. | ||||
| CVE-2007-1352 | 8 Mandrakesoft, Openbsd, Redhat and 5 more | 14 Mandrake Linux, Mandrake Linux Corporate Server, Mandrake Multi Network Firewall and 11 more | 2025-04-09 | N/A |
| Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow. | ||||