Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-5151 1 Hp 1 Hp-ux 2026-04-23 N/A
Unspecified vulnerability in HP Ignite-UX server before C.6.9.150 for HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to "gain root access" via unspecified vectors.
CVE-2006-5230 1 Freeforum 1 Freeforum 2026-04-23 N/A
PHP remote file inclusion vulnerability in forum.php in FreeForum 0.9.7 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the fpath parameter.
CVE-2007-0732 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Unspecified vulnerability in the CoreServices daemon in CarbonCore in Apple Mac OS X 10.4 through 10.4.9 allows local users to gain privileges via unspecified vectors involving "obtaining a send right to [the] Mach task port."
CVE-2008-7022 1 Chilkatsoft 1 Chilkat Imap Activex Control 2026-04-23 N/A
Insecure method vulnerability in ChilkatMail_v7_9.dll in the Chilkat Software IMAP ActiveX control (ChilkatMail2.ChilkatMailMan2.1) allows remote attackers to execute arbitrary programs via the LoadXmlEmail method.
CVE-2007-1188 1 Web-app.org 1 Webapp 2026-04-23 N/A
WebAPP before 0.9.9.5 allows remote attackers to submit Search form input that is not checked for (1) composition or (2) length, which has unknown impact, possibly related to "search form hijacking".
CVE-2006-5235 1 Dimension Of Phpbb 1 Dimension Of Phpbb 2026-04-23 N/A
PHP remote file inclusion vulnerability in includes/functions_kb.php in Dimension of phpBB 0.2.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
CVE-2006-5237 1 Blue Smiley Organizer 1 Blue Smiley Organizer 2026-04-23 N/A
SQL injection vulnerability in Blue Smiley Organizer before 4.46 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2007-0733 1 Apple 2 Imageio, Mac Os X 2026-04-23 N/A
Unspecified vulnerability in ImageIO in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted RAW image that triggers memory corruption.
CVE-2007-2644 1 Morovia 1 Barcode Activex Control 2026-04-23 N/A
A certain ActiveX control in Morovia Barcode ActiveX Professional 3.3.1304 allows remote attackers to overwrite arbitrary files by calling the Save method with an arbitrary filename.
CVE-2006-6409 1 F-secure 1 F-secure Anti-virus 2026-04-23 N/A
F-Secure Anti-Virus for Linux Gateways 4.65 allows remote attackers to cause a denial of service (possibly fatal scan error), and possibly bypass virus detection, by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file.
CVE-2006-5244 1 Opendock 1 Easy Blog 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in OpenDock Easy Blog 1.4 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the doc_directory parameter in (1) down_stat.php, (2) file.php, (3) find_file.php, (4) lib_read_file.php, and (5) lib_form_file.php in sw/lib_up_file; (6) find_comment.php, (7) comment.php, and (8) lib_comment.php in sw/lib_comment/; (9) sw/lib_find/find.php; and other unspecified vectors.
CVE-2006-5245 1 Eazy Cart 1 Eazy Cart 2026-04-23 N/A
Eazy Cart allows remote attackers to bypass authentication and gain administrative access via a direct request for admin/home/index.php, and possibly other PHP scripts under admin/.
CVE-2007-2646 1 Yenc32 1 Yenc32 2026-04-23 N/A
Heap-based buffer overflow in yEnc32 1.0.7.207 allows user-assisted remote attackers to execute arbitrary code via a long filename in an NTX file.
CVE-2007-4151 1 Visionsoft 1 Audit 2026-04-23 N/A
The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0 allows remote attackers to obtain sensitive information via (1) a LOG.ON command, which reveals the logging pathname in the server response; (2) a VER command, which reveals the version number in the server response; and (3) a connection, which reveals the version number in the banner.
CVE-2007-0736 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Integer overflow in the RPC library in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to execute arbitrary code via crafted requests to portmap.
CVE-2007-0737 1 Apple 1 Mac Os X 2026-04-23 N/A
The Login Window in Apple Mac OS X 10.3.9 through 10.4.9 does not properly check certain environment variables, which allows local users to gain privileges via unspecified vectors.
CVE-2007-2647 1 Monalbum 1 Monalbum 2026-04-23 N/A
Static code injection vulnerability in admin/admin_configuration.php in Monalbum 0.8.7 allows remote authenticated users to inject arbitrary PHP code into the conf/config.inc.php file via the (1) gadm_pass, (2) gadm_user, (3) gcfgHote, (4) gcfgPass, (5) gcfgUser, (6) gclassement_rep, (7) gcontour, (8) gfond, (9) ggd_version, (10) ghome, (11) ghor, (12) gimg_copyright, (13) glangage, (14) gmenu_visible, (15) gmini_hasard, (16) gordre_rep, (17) gpage, (18) gracine, (19) grech_inactive, (20) grep_mini, (21) grepertoire, (22) gsite, (23) gslide, (24) gtitre, (25) guse_copyright, (26) gversion, (27) gvert, or (28) gcfgBase parameter.
CVE-2007-4163 1 Index Script 1 Index Script 2026-04-23 N/A
Multiple SQL injection vulnerabilities in IndexScript 2.7 and 2.8 before 20070726 allow remote attackers to execute arbitrary SQL commands via the (1) cat_id, (2) start_id, (3) row[parent_id], and (4) row[cat_id] parameters to unspecified components, related to use of these parameters within include/utils.php. NOTE: the show_cat.php cat_id vector is already covered by CVE-2007-4069.
CVE-2006-6938 1 Nitrotech 1 Nitrotech 2026-04-23 N/A
Directory traversal vulnerability in includes/common.php in NitroTech 0.0.3a, as distributed before 2006, allows remote attackers to include arbitrary files via ".." sequences in the root parameter.
CVE-2006-5276 2 Snort, Sourcefire 2 Snort, Intrusion Sensor 2026-04-23 N/A
Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 before beta 2; and Sourcefire Intrusion Sensor; allows remote attackers to execute arbitrary code via crafted SMB traffic.