Export limit exceeded: 362846 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (362846 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-3792 1 Adobe 1 Flash Media Server 2026-04-23 N/A
Directory traversal vulnerability in Adobe Flash Media Server (FMS) before 3.5.3 allows attackers to load arbitrary DLL files via unspecified vectors.
CVE-2008-4942 1 Audiolink 1 Audiolink 2026-04-23 N/A
audiolink in audiolink 0.05 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/audiolink.db.tmp and (2) /tmp/audiolink.tb.tmp temporary files.
CVE-2009-3797 2 Adobe, Redhat 3 Adobe Air, Flash Player, Rhel Extras 2026-04-23 N/A
Adobe Flash Player 10.x before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors that trigger memory corruption.
CVE-2008-4943 1 Iglues 1 Bulmages-servers 2026-04-23 N/A
bulmages-servers 0.11.1 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/error.txt, (b) /tmp/errores.txt, and possibly other temporary files, related to the (1) creabulmafact, (2) creabulmacont, and possibly (3) actualizabulmacont, (4) installbulmages-db, and (5) actualizabulmafact scripts.
CVE-2008-4947 1 Guus Sliepen 1 Dhis-server 2026-04-23 N/A
dhis-dummy-log-engine in dhis-server 5.3 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/dhis-dummy-log-engine.log temporary file.
CVE-2009-3799 2 Adobe, Redhat 3 Adobe Air, Flash Player, Rhel Extras 2026-04-23 N/A
Integer overflow in the Verifier::parseExceptionHandlers function in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via an SWF file with a large exception_count value that triggers memory corruption, related to "generation of ActionScript exception handlers."
CVE-2008-4957 1 Gccxml 1 Gccxml 2026-04-23 N/A
find_flags in Kitware GCC-XML (gccxml) 0.9.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/*.cxx temporary file.
CVE-2009-3800 2 Adobe, Redhat 3 Adobe Air, Flash Player, Rhel Extras 2026-04-23 N/A
Multiple unspecified vulnerabilities in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allow attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2008-4963 1 Cisco 2 Catos, Ios 2026-04-23 N/A
Unspecified vulnerability in the VLAN Trunking Protocol (VTP) implementation on Cisco IOS and CatOS, when the VTP operating mode is not transparent, allows remote attackers to cause a denial of service (device reload or hang) via a crafted VTP packet sent to a switch interface configured as a trunk port.
CVE-2009-3804 1 Runcms 1 Runcms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in modules/forum/post.php in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via (1) the pid parameter, which is not properly handled by the store function in modules/forum/class/class.forumposts.php, or (2) the topic_id parameter.
CVE-2008-4967 1 Linuxtrade 1 Linuxtrade 2026-04-23 N/A
linuxtrade 3.65 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/bwk, (b) /tmp/zzz, and (c) /tmp/ggg temporary files, related to the (1) linuxtrade.bwkvol, (2) linuxtrade.wn, and (3) moneyam.helper scripts.
CVE-2009-3805 2 Gpg4win, Kde-apps 2 Gpg4win, Kleopatra 2026-04-23 N/A
gpg2.exe in Gpg4win 2.0.1, as used in KDE Kleopatra 2.0.11, allows remote attackers to cause a denial of service (application crash) via a long certificate signature.
CVE-2008-4969 1 Alastair Mckinstry 1 Ltp-network-test 2026-04-23 N/A
ltp-network-test 20060918 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/vsftpd.conf, (b) /tmp/udp/2/*, (c) /tmp/tcp/2/*, (d) /tmp/udp/3/*, (e) /tmp/tcp/3/*, (f) /tmp/nfs_fsstress.udp.2.log, (g) /tmp/nfs_fsstress.udp.3.log, (h) /tmp/nfs_fsstress.tcp.2.log, (i) /tmp/nfs_fsstress.tcp.3.log, and (j) /tmp/nfs_fsstress.sardata temporary files, related to the (1) ftp_setup_vsftp_conf and (2) nfs_fsstress.sh scripts.
CVE-2009-3806 1 Dedecms 1 Dedecms 2026-04-23 N/A
SQL injection vulnerability in feedback_js.php in DedeCMS 5.1 allows remote attackers to execute arbitrary SQL commands via the arcurl parameter.
CVE-2008-4971 1 Align.bmr.kyushu-u.ac 1 Mafft 2026-04-23 N/A
mafft-homologs in mafft 6.240 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/_vf#?????, (2) /tmp/_if#?????, (3) /tmp/_pf#?????, (4) /tmp/_af#?????, (5) /tmp/_rid#?????, (6) /tmp/_res#?????, (7) /tmp/_q#?????, and (8) /tmp/_bf#????? temporary files.
CVE-2009-3807 1 Mixvibes 1 Mixvibes 2026-04-23 N/A
Stack-based buffer overflow in MixVibes 7.043 Pro allows remote attackers to cause a denial of service (crash) via a long string in a .vib file.
CVE-2008-4977 1 Postfix 1 Postfix 2026-04-23 N/A
postfix_groups.pl in Postfix 2.5.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/postfix_groups.stdout, (2) /tmp/postfix_groups.stderr, and (3) /tmp/postfix_groups.message temporary files. NOTE: the vendor disputes this vulnerability, stating "This is not a real issue ... users would have to edit a script under /usr/lib to enable it.
CVE-2009-3808 1 Kramware 1 Mixsense Dj Studio 2026-04-23 N/A
MixSense DJ Studio 1.0.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string in an .mp3 playlist file.
CVE-2009-3813 1 Runcms 1 Runcms 2026-04-23 N/A
Multiple SQL injection vulnerabilities in RunCMS 2M1 allow remote authenticated users to execute arbitrary SQL commands via the (1) forum parameter to modules/forum/post.php and possibly (2) forum_id variable to modules/forum/class/class.permissions.php.
CVE-2009-3814 1 Runcms 1 Runcms 2026-04-23 N/A
Static code injection vulnerability in RunCMS 2M1 allows remote authenticated administrators to execute arbitrary PHP code via the "Filter/Banning" feature, as demonstrated by modifying modules/system/cache/bademails.php using the "Prohibited: Emails" action, and other unspecified filters.