Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-2648 1 Clever Components 1 Clever Database Comparer 2026-04-23 N/A
Stack-based buffer overflow in the Clever Database Comparer 2.2 ActiveX control (comparerax.ocx) allows remote attackers to execute arbitrary code via a long argument to the ConnectToDatabase function.
CVE-2006-6717 1 Alliedtelesyn 1 At-9000 24 Ethernetswitch 2026-04-23 N/A
The Allied Telesis AT-9000/24 Ethernet switch accepts management packets from arbitrary VLANs, contrary to the documentation, which allows remote attackers to conduct attacks against the switch from unexpected locations.
CVE-2006-6728 1 Lan Messenger 1 Lan Messenger 2026-04-23 N/A
Unspecified vulnerability in the info request mechanism in LAN Messenger before 1.5.1.2 allows remote attackers to cause a denial of service (application crash) or transmit spam via unspecified vectors.
CVE-2007-0307 1 Poplar Gedcom Viewer 1 Poplar Gedcom Viewer 2026-04-23 N/A
PHP remote file inclusion vulnerability in include/common.php in Poplar Gedcom Viewer 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the env[rootPath] parameter.
CVE-2007-2439 1 Caucho Technology 1 Resin 2026-04-23 N/A
Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and earlier for Windows allows remote attackers to cause a denial of service (device hang) and read data from a COM or LPT device via a DOS device name with an arbitrary extension.
CVE-2007-2289 1 Alexscriptengine 1 Download-engine 2026-04-23 N/A
PHP remote file inclusion vulnerability in admin/includes/spaw/dialogs/insert_link.php in download engine (Download-Engine) 1.4.1 allows remote authenticated users to execute arbitrary PHP code via a URL in the spaw_root parameter, a different vector than CVE-2007-2255. NOTE: this may be an issue in SPAW.
CVE-2007-2440 1 Caucho Technology 1 Resin 2026-04-23 N/A
Directory traversal vulnerability in Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and earlier for Windows allows remote attackers to read certain files via a .. (dot dot) in a URI containing a "\web-inf" sequence.
CVE-2007-1756 1 Microsoft 3 Excel, Excel Viewer, Office 2026-04-23 N/A
Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, and Office Excel 2007 does not properly validate version information, which allows user-assisted remote attackers to execute arbitrary code via a crafted Excel file, aka "Calculation Error Vulnerability".
CVE-2006-6809 1 Vladimir Menshakov 1 Buratinable Templator 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in process.php in Vladimir Menshakov buratinable templator (aka bubla) 1.0.0rc2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) bu_dir or (2) bu_config[dir] parameter.
CVE-2006-5102 1 Baumedia 1 Newswriter 2026-04-23 N/A
PHP remote file inclusion vulnerability in include/editfunc.inc.php in Sebastian Baumann and Philipp Wolfer Newswriter SW 1.42 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the NWCONF_SYSTEM[server_path] parameter.
CVE-2006-5100 1 Netwin 1 Webnews 2026-04-23 N/A
PHP remote file inclusion vulnerability in parse/parser.php in WEB//NEWS (aka webnews) 1.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the WN_BASEDIR parameter.
CVE-2006-4509 1 Novell 1 Edirectory 2026-04-23 N/A
Integer overflow in the evtFilteredMonitorEventsRequest function in the LDAP service in Novell eDirectory before 8.8.1 FTF1 allows remote attackers to execute arbitrary code via a crafted request.
CVE-2007-1903 1 Sonicbb 1 Sonicbb 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in search.php in SonicBB 1.0 allows remote attackers to inject arbitrary web script or HTML via the part parameter.
CVE-2008-5089 1 Datadynamics 1 Activereports 2026-04-23 N/A
Multiple insecure method vulnerabilities in the DDActiveReportsViewer2.ARViewer2 ActiveX control (arview2.ocx) in Data Dynamics ActiveReports 2.5.0.1314 allow remote attackers to overwrite arbitrary files via a call to the (1) Pages.Save, (2) PrintReport, or (3) Canvas.Save method.
CVE-2007-3702 1 Mail Machine 1 Mail Machine 2026-04-23 N/A
Directory traversal vulnerability in the load function in cgi-bin/mail/mailmachine.cgi in Mail Machine 3.989 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the archives parameter in a Load action.
CVE-2006-5472 1 Softerra 1 Php Developer Library 2026-04-23 N/A
PHP remote file inclusion vulnerability in Softerra PHP Developer Library 1.5.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the lib_dir parameter in (1) lib/registry.lib.php, (2) lib/sqlcompose.lib.php, and (3) lib/sqlsearch.lib.php.
CVE-2007-4355 1 Ibm 1 Aix 2026-04-23 N/A
Buffer overflow in the at program on IBM AIX 5.3 allows local users to gain privileges via unspecified vectors.
CVE-2007-2568 1 Vcdgear 1 Vcdgear 2026-04-23 N/A
Multiple stack-based buffer overflows in VCDGear 3.55 allow user-assisted remote attackers to execute arbitrary code via a long (1) tag or (2) track type in a CUE file.
CVE-2006-5146 1 Yblog 1 Yblog 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Yblog allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter in (a) funk.php, or the (2) action parameter in (b) tem.php and (c) uss.php.
CVE-2006-4177 1 Novell 1 Edirectory 2026-04-23 N/A
Heap-based buffer overflow in the NCP engine in Novell eDirectory before 8.8.1 FTF1 allows remote attackers to execute arbitrary code via a crafted NCP over IP packet that causes NCP to read more data than intended.