Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-2622 1 Taskdriver 1 Taskdriver 2026-04-23 N/A
Multiple SQL injection vulnerabilities in TaskDriver 1.2 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the username parameter to login.php or (2) the taskid parameter to notes.php.
CVE-2007-1397 1 Fish 1 Fish 2026-04-23 N/A
Multiple stack-based buffer overflows in the (1) ExtractRnick and (2) decrypt_topic_332 functions in FiSH allow remote attackers to execute arbitrary code via long strings.
CVE-2007-4500 1 Sshkeychain 1 Sshkeychain 2026-04-23 N/A
Unspecified vulnerability in TunnelRunner in SSHKeychain before 0.8.2 beta, and possibly later versions, allows local users to gain privileges via unspecified vectors.
CVE-2006-5577 1 Microsoft 1 Ie 2026-04-23 N/A
Microsoft Internet Explorer 6 and earlier allows remote attackers to obtain sensitive information via unspecified uses of the OBJECT HTML tag, which discloses the absolute path of the corresponding TIF folder, aka "TIF Folder Information Disclosure Vulnerability," and a different issue than CVE-2006-5578.
CVE-2007-2300 1 Surat Kabar 1 Phpwebnews 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Endy Kristanto Surat kabar / News Management Online (aka phpwebnews) 0.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the m_txt parameter to (1) iklan.php, (2) index.php, or (3) bukutamu.php.
CVE-2009-3894 2 Dag.wieers, Redhat 2 Dstat, Enterprise Linux 2026-04-23 N/A
Multiple untrusted search path vulnerabilities in dstat before 0.7.0 allow local users to gain privileges via a Trojan horse Python module in (1) the current working directory or (2) a certain subdirectory of the current working directory.
CVE-2007-1807 1 Peak Xoops 1 Myalbum P 2026-04-23 N/A
SQL injection vulnerability in modules/myalbum/viewcat.php in the myAlbum-P 2.0 and earlier module for Xoops allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2006-5578 1 Microsoft 1 Ie 2026-04-23 N/A
Microsoft Internet Explorer 6 and earlier allows remote attackers to read Temporary Internet Files (TIF) and obtain sensitive information via unspecified vectors involving certain drag and drop operations, aka "TIF Folder Information Disclosure Vulnerability," and a different issue than CVE-2006-5577.
CVE-2007-4501 1 Sshkeychain 1 Sshkeychain 2026-04-23 N/A
Unspecified vulnerability in PassphraseRequester in SSHKeychain before 0.8.2 beta allows attackers to obtain sensitive information (passwords) via unknown vectors, related to "poor protection."
CVE-2007-4502 1 Joomla 1 Bibtex 2026-04-23 N/A
SQL injection vulnerability in index.php in the BibTeX component (com_jombib) 1.3 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the afilter parameter.
CVE-2007-4504 1 Joomla 1 Rsfiles 2026-04-23 N/A
Directory traversal vulnerability in index.php in the RSfiles component (com_rsfiles) 1.0.2 and earlier for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the path parameter in a files.display action.
CVE-2006-5583 1 Microsoft 1 Windows 2003 Server 2026-04-23 N/A
Buffer overflow in the SNMP Service in Microsoft Windows 2000 SP4, XP SP2, Server 2003, Server 2003 SP1, and possibly other versions allows remote attackers to execute arbitrary code via a crafted SNMP packet, aka "SNMP Memory Corruption Vulnerability."
CVE-2007-4505 2 Mambo, Mamboserver 2 Remository, Mambo 2026-04-23 N/A
SQL injection vulnerability in index.php in the RemoSitory component (com_remository) for Mambo allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat action.
CVE-2008-5404 1 Grid2000 1 Flexcell Grid Control 2026-04-23 N/A
Insecure method vulnerability in the FlexCell.Grid ActiveX control in FlexCell.ocx 5.7.0.1 in FlexCell Grid ActiveX Component allows remote attackers to create and overwrite arbitrary files via the HttpDownloadFile method. NOTE: this could be leveraged for code execution by creating executable files in Startup folders or by accessing files using hcp:// URLs. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-2136 1 Bmc 1 Patrol Perform Agent 2026-04-23 N/A
Stack-based buffer overflow in bgs_sdservice.exe in BMC Patrol PerformAgent allows remote attackers to execute arbitrary code by connecting to TCP port 10128 and sending certain XDR data, which is not properly parsed.
CVE-2006-5584 1 Microsoft 1 Windows 2000 2026-04-23 N/A
The Remote Installation Service (RIS) in Microsoft Windows 2000 SP4 uses a TFTP server that allows anonymous access, which allows remote attackers to upload and overwrite arbitrary files to gain privileges on systems that use RIS.
CVE-2006-3888 1 Aol 1 Ygp Pic Downloader Activex Control 2026-04-23 N/A
Buffer overflow in AOL You've Got Pictures (YGP) Pic Downloader YGPPDownload ActiveX control (AOL.PicDownloadCtrl.1, YGPPicDownload.dll), as used in America Online 9.0 Security Edition, allows remote attackers to execute arbitrary code via a long argument to the SetAlbumName method.
CVE-2008-0470 2 Comodo, Microsoft 2 Comodo Antivirus, Activex 2026-04-23 N/A
A certain ActiveX control in Comodo AntiVirus 2.0 allows remote attackers to execute arbitrary commands via the ExecuteStr method.
CVE-2006-3892 1 Emc 1 Networker 2026-04-23 N/A
The Management Console server in EMC NetWorker (formerly Legato NetWorker) 7.3.2 before Jumbo Update 1 uses weak authentication, which allows remote attackers to execute arbitrary commands.
CVE-2006-3894 1 Dell 2 Bsafe Cert-c, Bsafe Crypto-c 2026-04-23 N/A
The RSA Crypto-C before 6.3.1 and Cert-C before 2.8 libraries, as used by RSA BSAFE, multiple Cisco products, and other products, allows remote attackers to cause a denial of service via malformed ASN.1 objects.