Export limit exceeded: 364156 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364156 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-3391 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2026-04-23 | N/A |
| Wireshark 0.99.5 allows remote attackers to cause a denial of service (memory consumption) via a malformed DCP ETSI packet that triggers an infinite loop. | ||||
| CVE-2006-7080 | 1 Exv2 | 1 Content Management System | 2026-04-23 | N/A |
| Directory traversal vulnerability in the avatar upload feature in exV2 2.0.4.3 and earlier allows remote attackers to delete arbitrary files via ".." sequences in the old_avatar parameter. | ||||
| CVE-2007-3393 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2026-04-23 | N/A |
| Off-by-one error in the DHCP/BOOTP dissector in Wireshark before 0.99.6 allows remote attackers to cause a denial of service (crash) via crafted DHCP-over-DOCSIS packets. | ||||
| CVE-2006-6801 | 1 Sh-news | 1 Sh-news | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in misc.php in SH-News 0.93, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the news_cfg[path] parameter. | ||||
| CVE-2006-6800 | 1 Limbo Cms | 1 Event Module | 2026-04-23 | N/A |
| PHP remote file inclusion in eventcal/mod_eventcal.php in the event module 1.0 for Limbo CMS allows remote attackers to execute arbitrary PHP code via a URL in the lm_absolute_path parameter. | ||||
| CVE-2006-6788 | 1 Luckybot | 1 Luckybot | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in LuckyBot 3 allow remote attackers to execute arbitrary PHP code via a URL in the dir parameter to (1) run.php or (2) ircbot.class.php. | ||||
| CVE-2006-6779 | 1 Jelsoft | 1 Vbulletin | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin allows remote attackers to inject arbitrary web script or HTML via an SWF file that uses ActionScript to trigger execution of JavaScript. | ||||
| CVE-2006-6778 | 1 Timberwolf | 1 Timberwolf | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in shownews.php in TimberWolf 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the nid parameter. | ||||
| CVE-2007-3331 | 1 Stphp | 1 Easynews | 2026-04-23 | N/A |
| Cross-site request forgery (CSRF) vulnerability in STphp EasyNews PRO 4.0 allows remote attackers to change the admin password via (1) a certain HTML form that is posted automatically by JavaScript or (2) a news post. | ||||
| CVE-2008-1856 | 1 Linpha | 1 Linpha | 2026-04-23 | N/A |
| plugins/maps/db_handler.php in LinPHA 1.3.3 and earlier does not require authentication for a settings action that modifies the configuration file, which allows remote attackers to conduct directory traversal attacks and execute arbitrary local files by placing directory traversal sequences into the maps_type configuration setting, and then sending a request to maps_view.php, which causes plugins/maps/map.main.class.php to use the modified configuration. | ||||
| CVE-2007-3329 | 1 Xvid | 1 Xvid | 2026-04-23 | N/A |
| Multiple array index errors in the (1) get_intra_block, (2) get_inter_block_h263, and (3) get_inter_block_mpeg functions in src/bitstream/mbcoding.c in Xvid 1.1.2 allow remote attackers to execute arbitrary code via a crafted (a) Avi, (b) H.263, or (c) MPEG file. | ||||
| CVE-2006-6757 | 1 Cwm-design | 1 Cwmexplorer | 2026-04-23 | N/A |
| Directory traversal vulnerability in index.php in cwmExplorer 1.0 allows remote attackers to read arbitrary files and source code, and obtain sensitive information via directory traversal sequences in the show_file parameter. | ||||
| CVE-2008-1387 | 1 Clam Anti-virus | 1 Clamav | 2026-04-23 | N/A |
| ClamAV before 0.93 allows remote attackers to cause a denial of service (CPU consumption) via a crafted ARJ archive, as demonstrated by the PROTOS GENOME test suite for Archive Formats. | ||||
| CVE-2008-5626 | 1 Dxmsoft | 1 Xm Easy Personal Ftp Server | 2026-04-23 | N/A |
| XM Easy Personal FTP Server 5.6.0 allows remote authenticated users to cause a denial of service via a crafted argument to the NLST command, as demonstrated by a -1 argument. | ||||
| CVE-2008-5883 | 1 Mini-pub | 1 Mini-pub | 2026-04-23 | N/A |
| Absolute path traversal vulnerability in front-end/dir.php in mini-pub 0.3 and earlier allows remote attackers to list arbitrary directories via a full pathname in the sDir parameter. | ||||
| CVE-2007-3271 | 1 Yourfreescreamer | 1 Yourfreescreamer | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in templates/2blue/bodyTemplate.php in YourFreeScreamer 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the serverPath parameter. | ||||
| CVE-2006-5072 | 1 Mono | 1 Mono | 2026-04-23 | N/A |
| The System.CodeDom.Compiler classes in Novell Mono create temporary files with insecure permissions, which allows local users to overwrite arbitrary files or execute arbitrary code via a symlink attack. | ||||
| CVE-2006-6462 | 1 Cm68 News | 1 Cm68 News | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in engine/oldnews.inc.php in CM68 News 12.02.06 allows remote attackers to execute arbitrary PHP code via a URL in the addpath parameter. | ||||
| CVE-2007-3285 | 2 Microsoft, Mozilla | 2 Windows, Firefox | 2026-04-23 | N/A |
| Mozilla Firefox before 2.0.0.5, when run on Windows, allows remote attackers to bypass file type checks and possibly execute programs via a (1) file:/// or (2) resource: URI with a dangerous extension, followed by a NULL byte (%00) and a safer extension, which causes Firefox to treat the requested file differently than Windows would. | ||||
| CVE-2009-2614 | 1 Datachecknh | 1 Linkpal | 2026-04-23 | N/A |
| SQL injection vulnerability in z_admin_login.asp in DataCheck Solutions LinkPal 1.x allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||