Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-3427 1 Zoneo-soft 1 Phptraffica 2026-04-23 N/A
SQL injection vulnerability in index.php in phpTrafficA 1.4.2 and earlier allows remote attackers to execute arbitrary SQL commands via the pageid parameter in a stats action.
CVE-2007-3661 1 Eltima Software 1 Virtual Serial Port 2026-04-23 N/A
Eltima Software Virtual Serial Port (VSPAX) ActiveX control (VSPort.DLL) allows remote attackers to cause a denial of service via certain function calls, as demonstrated via the (1) Attach, (2) Write, and (3) WriteStr functions.
CVE-2007-3664 1 Eltima Software 1 Runservice 2026-04-23 N/A
Multiple unspecified vulnerabilities in Eltima Software RunService ActiveX control (RunService.dll) allow remote attackers to cause a denial of service via certain functions when "improperly used", as demonstrated by the AcceptControls subroutine.
CVE-2007-3667 1 Activereportsexcelreport 1 Activereportsexcelreport 2026-04-23 N/A
Unspecified vulnerability in EXCLEXPT.DLL in ActiveReportsExcelReport allows remote attackers to cause a denial of service via the DDRow Height variable.
CVE-2010-0315 1 Google 1 Chrome 2026-04-23 N/A
WebKit before r53607, as used in Google Chrome before 4.0.249.89, allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets[0].href property value, related to an IFRAME element.
CVE-2006-5468 2 Redhat, Wireshark 2 Enterprise Linux, Wireshark 2026-04-23 N/A
Unspecified vulnerability in the HTTP dissector in Wireshark (formerly Ethereal) 0.99.3 allows remote attackers to cause a denial of service (crash) via unspecified vectors.
CVE-2007-3930 2 Microsoft, Wiki 2 Internet Explorer, Dokuwiki 2026-04-23 N/A
Interpretation conflict between Microsoft Internet Explorer and DocuWiki before 2007-06-26b allows remote attackers to inject arbitrary JavaScript and conduct cross-site scripting (XSS) attacks when spellchecking UTF-8 encoded messages via the spell_utf8test function in lib/exe/spellcheck.php, which triggers HTML document identification and script execution by Internet Explorer even though the Content-Type header is text/plain.
CVE-2009-4041 1 Usebb 1 Usebb 2026-04-23 N/A
UseBB 1.0.9 before 1.0.10 allows remote attackers to cause a denial of service (infinite loop) via crafted BBCode tags.
CVE-2007-3931 1 Samsung 1 Scx-4200 Driver 2026-04-23 N/A
The wrap_setuid_third_party_application function in the installation script for the Samsung SCX-4200 Driver 2.00.95 adds setuid permissions to third party applications such as xsane and xscanimage, which allows local users to gain privileges.
CVE-2008-6997 1 Google 1 Chrome 2026-04-23 N/A
Google Chrome 0.2.149.27 allows user-assisted remote attackers to cause a denial of service (browser crash) via an IMG tag with a long src attribute, which triggers the crash when the victim performs an "Inspect Element" action.
CVE-2006-5477 1 Drupal 1 Drupal 2026-04-23 N/A
Drupal 4.6.x before 4.6.10 and 4.7.x before 4.7.4 allows form submissions to be redirected, which allows remote attackers to obtain arbitrary form information via a crafted URL.
CVE-2007-3932 1 Joomla 1 Expose 2026-04-23 N/A
uploadimg.php in the Expose RC35 and earlier (com_expose) component for Joomla! sends an error message but does not exit when it detects an attempt to upload a non-JPEG file, which allows remote attackers to upload and execute arbitrary PHP code in the img/ folder.
CVE-2007-1397 1 Fish 1 Fish 2026-04-23 N/A
Multiple stack-based buffer overflows in the (1) ExtractRnick and (2) decrypt_topic_332 functions in FiSH allow remote attackers to execute arbitrary code via long strings.
CVE-2007-2411 1 Sphider 1 Sphider 2026-04-23 N/A
PHP remote file inclusion vulnerability in index.php in Sphider 1.2.x allows remote attackers to execute arbitrary PHP code via a URL in the include_dir parameter. NOTE: a third party disputes this vulnerability, stating that "the application is not vulnerable to this issue.
CVE-2007-2843 1 Apple 1 Safari 2026-04-23 N/A
Cross-domain vulnerability in Apple Safari 2.0.4 allows remote attackers to access restricted information from other domains via Javascript, as demonstrated by a js script that accesses the location information of cross-domain web pages, probably involving setTimeout and timed events.
CVE-2007-4357 1 Mozilla 1 Firefox 2026-04-23 N/A
Mozilla Firefox 2.0.0.6 and earlier allows remote attackers to spoof the contents of the status bar via a link to a data: URI containing an encoded URL. NOTE: the severity of this issue has been disputed by a reliable third party, since the intended functionality of the status bar allows it to be modified.
CVE-2008-5339 2 Redhat, Sun 4 Rhel Extras, Jdk, Jre and 1 more 2026-04-23 N/A
Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted JWS applications to perform network connections to unauthorized hosts via unknown vectors, aka CR 6727079.
CVE-2007-4026 1 Telaxus Llc 1 Epesi 2026-04-23 N/A
epesi framework before 0.8.6 does not properly verify file extensions, which allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors involving the gallery images upload feature. NOTE: some of these details are obtained from third party information.
CVE-2007-2829 1 Madwifi 1 Madwifi 2026-04-23 N/A
The 802.11 network stack in net80211/ieee80211_input.c in MadWifi before 0.9.3.1 allows remote attackers to cause a denial of service (system hang) via a crafted length field in nested 802.3 Ethernet frames in Fast Frame packets, which results in a NULL pointer dereference.
CVE-2007-1517 1 Paul Knierim 1 Wsn Guest 2026-04-23 N/A
SQL injection vulnerability in comments.php in WSN Guest 1.02 and 1.21 allows remote attackers to execute arbitrary SQL commands via the id parameter.