Export limit exceeded: 364271 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 364271 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 364271 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-0175 1 Ge Fanuc 1 Proficy Real-time Information Portal 2026-04-23 N/A
Unrestricted file upload vulnerability in GE Fanuc Proficy Real-Time Information Portal 2.6 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension to the main virtual directory.
CVE-2007-1730 1 Linux 1 Linux Kernel 2026-04-23 N/A
Integer signedness error in the DCCP support in the do_dccp_getsockopt function in net/dccp/proto.c in Linux kernel 2.6.20 and later allows local users to read kernel memory or cause a denial of service (oops) via a negative optlen value.
CVE-2007-1885 1 Php 1 Php 2026-04-23 N/A
Integer overflow in the str_replace function in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via a single character search string in conjunction with a long replacement string, which overflows a 32 bit length counter. NOTE: this is probably the same issue as CVE-2007-0906.6.
CVE-2007-1884 4 Apple, Linux, Microsoft and 1 more 6 Mac Os X, Mac Os X Server, Linux Kernel and 3 more 2026-04-23 N/A
Multiple integer signedness errors in the printf function family in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 on 64 bit machines allow context-dependent attackers to execute arbitrary code via (1) certain negative argument numbers that arise in the php_formatted_print function because of 64 to 32 bit truncation, and bypass a check for the maximum allowable value; and (2) a width and precision of -1, which make it possible for the php_sprintf_appendstring function to place an internal buffer at an arbitrary memory location.
CVE-2007-1883 1 Php 1 Php 2026-04-23 N/A
PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent attackers to read arbitrary memory locations via an interruption that triggers a user space error handler that changes a parameter to an arbitrary pointer, as demonstrated via the iptcembed function, which calls certain convert_to_* functions with its input parameters.
CVE-2007-1881 1 Kaspersky Lab 2 Kaspersky Anti-virus, Kaspersky Internet Security 2026-04-23 N/A
Unspecified vulnerability in KLIF (klif.sys) in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows local users to gain Ring-0 privileges via unspecified vectors.
CVE-2007-3224 1 Sun 2 Java System Directory Server, One Directory Server 2026-04-23 N/A
Unspecified vulnerability in Sun ONE/Java System Directory Server (slapd) 6.0, and 5.x before 5.2 Patch 5, allows remote attackers to determine the existence of attributes of an entry via unspecified vectors.
CVE-2008-1256 1 Zyxel 1 P-660hw 2026-04-23 N/A
The ZyXEL P-660HW series router has "admin" as its default password, which allows remote attackers to gain administrative access.
CVE-2007-3189 1 Jffnms 1 Just For Fun Network Management System 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in auth.php in Just For Fun Network Management System (JFFNMS) 0.8.3 allows remote attackers to inject arbitrary web script or HTML via the user parameter.
CVE-2008-4586 1 Acresso 1 Flexnet Connect 2026-04-23 N/A
Insecure method vulnerability in the MVSNCLientWebAgent61.WebAgent.1 ActiveX control (isusweb.dll 6.1.100.61372) in Macrovision FLEXnet Connect 6.1 allows remote attackers to force the download and execution of arbitrary files via the DownloadAndExecute method.
CVE-2006-6445 1 Envolution 1 Envolution 2026-04-23 N/A
Directory traversal vulnerability in error.php in Envolution 1.1.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the PNSVlang (PNSV lang) parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by error.php.
CVE-2007-3179 1 Particle Blogger 1 Particle Blogger 2026-04-23 N/A
Multiple SQL injection vulnerabilities in archives.php in Particle Blogger 1.2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the month parameter and other unspecified vectors.
CVE-2007-0661 1 Intel 9 Enterprise Southbridge 2 Bmc, Enterprise Southbridge Bmc, Server Board S5000pal and 6 more 2026-04-23 N/A
Intel Enterprise Southbridge 2 Baseboard Management Controller (BMC), Intel Server Boards 5000XAL, S5000PAL, S5000PSL, S5000XVN, S5000VCL, S5000VSA, SC5400RA, and OEM Firmware for Intel Enterprise Southbridge Baseboard Management Controller before 20070119, when Intelligent Platform Management Interface (IPMI) is enabled, allow remote attackers to connect and issue arbitrary IPMI commands, possibly triggering a denial of service.
CVE-2007-1187 1 Web-app.org 1 Webapp 2026-04-23 N/A
WebAPP before 0.9.9.5 allows remote authenticated users, without admin privileges, to obtain sensitive information via (1) the Forum Archive feature and (2) Recent Searches.
CVE-2008-4584 1 Chilkat Software 1 Mail 2026-04-23 N/A
Insecure method vulnerability in Chilkat Mail 7.8 ActiveX control (ChilkatCert.dll) allows remote attackers to overwrite arbitrary files via a full pathname to the SaveLastError method.
CVE-2007-0665 1 Ipswitch 1 Ws Ftp Pro 2026-04-23 N/A
Format string vulnerability in the SCP module in Ipswitch WS_FTP 2007 Professional might allow remote attackers to execute arbitrary commands via format string specifiers in the filename, related to the SHELL WS_FTP script command.
CVE-2007-3178 1 Zindizayn Okul Web Sistemi 1 Zindizayn Okul Web Sistemi 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Zindizayn Okul Web Sistemi 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id or (2) pass parameter to (a) mezungiris.asp or (b) ogretmenkontrol.asp.
CVE-2007-3175 1 W2b 1 Online Banking 2026-04-23 N/A
Multiple SQL injection vulnerabilities in W2B Online Banking allow remote attackers to execute arbitrary SQL commands via (1) the draft parameter to mailer.w2b or (2) the listDocPay parameter to DocPay.w2b.
CVE-2007-0666 1 Ipswitch 1 Ws Ftp Server 2026-04-23 N/A
Ipswitch WS_FTP Server 5.04 allows FTP site administrators to execute arbitrary code on the system via a long input string to the (1) iFTPAddU or (2) iFTPAddH file, or to a (3) edition module.
CVE-2007-1178 1 Web-app.org 1 Webapp 2026-04-23 N/A
WebAPP before 0.9.9.5 does not check access in certain contexts related to (1) Calendar Administration, (2) Instant Messages Administration, and (3) the Image Uploader, which has unknown impact and attack vectors.