Export limit exceeded: 363397 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-6660 1 Kde 1 Libkhtml 2026-04-23 N/A
The nodeType function in KDE libkhtml 4.2.0 and earlier, as used by Konquerer, KMail, and other programs, allows remote attackers to cause a denial of service (crash) via malformed HTML tags, possibly involving a COL SPAN tag embedded in a RANGE tag.
CVE-2006-3867 1 Microsoft 2 Excel, Excel Viewer 2026-04-23 N/A
Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 for Mac, v.X for Mac, and Excel Viewer 2003 allows user-assisted attackers to execute arbitrary code via a crafted Lotus 1-2-3 file, a different vulnerability than CVE-2006-2387 and CVE-2006-3875.
CVE-2007-0535 1 Vote Pro 1 Vote Pro 2026-04-23 N/A
Multiple eval injection vulnerabilities in Vote! Pro 4.0, and possibly earlier, allow remote attackers to execute arbitrary code via requests to unspecified PHP scripts with the poll_id parameter, which is supplied to eval function calls, a different set of vectors than CVE-2007-0504. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-0522 2 Adobe, Microsoft 5 Air, Flash Player, Flash Player For Linux and 2 more 2026-04-23 N/A
Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 on Windows allows remote attackers to trick a user into visiting an arbitrary URL via an unspecified manipulation of the "mouse pointer display," related to a "Clickjacking attack."
CVE-2006-6666 1 Verliadmin 1 Verliadmin 2026-04-23 N/A
PHP remote file inclusion vulnerability in index.php in VerliAdmin 0.3 and earlier allows remote authenticated users to execute arbitrary PHP code via a URL in the q parameter.
CVE-2006-6777 1 Future Internet 1 Future Internet 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.cfm in Future Internet allows remote attackers to inject arbitrary web script or HTML via the categoryId parameter in a Portal.ShowPage action.
CVE-2006-5141 1 Kevin A. Gordon 1 Open Geo Targeting 2026-04-23 N/A
PHP remote file inclusion vulnerability in script.php in Kevin A. Gordon Open Geo Targeting (aka geotarget) allows remote attackers to execute arbitrary PHP code via a URL in the anp_path parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
CVE-2006-5154 1 Deluxebb 1 Deluxebb 2026-04-23 N/A
PHP remote file inclusion vulnerability in cp/sig.php in DeluxeBB 1.09 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the templatefolder parameter.
CVE-2006-4409 1 Apple 1 Mac Os X 2026-04-23 N/A
The Online Certificate Status Protocol (OCSP) service in the Security Framework in Apple Mac OS X 10.4 through 10.4.8 retrieve certificate revocation lists (CRL) when an HTTP proxy is in use, which could cause the system to accept certificates that have been revoked.
CVE-2007-0559 1 Rp World 1 Rp World 2026-04-23 N/A
PHP remote file inclusion vulnerability in config.php in RPW 1.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the sql_language parameter.
CVE-2006-5061 1 Advanced-clan-script 1 Advanced-clan-script 2026-04-23 N/A
PHP remote file inclusion vulnerability in mcf.php in Advanced-Clan-Script (AVCX) 3.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the content parameter.
CVE-2007-0565 1 Cgi-rescue 1 Shopping Basket Professional 2026-04-23 N/A
CGI-Rescue Shopping Basket Professional 7.50 and earlier allows remote attackers to inject arbitrary operating system commands via unspecified vectors.
CVE-2007-0568 1 Myphpcommander 1 Myphpcommander 2026-04-23 N/A
PHP remote file inclusion vulnerability in system/lib/package.php in MyPHPCommander 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the gl_root parameter.
CVE-2007-0569 1 X-dev 1 Xnews 2026-04-23 N/A
SQL injection vulnerability in xNews.php in xNews 1.3 allows remote attackers to execute arbitrary SQL commands via the id parameter in a shownews action.
CVE-2007-2683 2 Mutt, Redhat 2 Mutt, Enterprise Linux 2026-04-23 N/A
Buffer overflow in Mutt 1.4.2 might allow local users to execute arbitrary code via "&" characters in the GECOS field, which triggers the overflow during alias expansion.
CVE-2007-0578 1 Mpg123 1 Mpg123 2026-04-23 N/A
The http_open function in httpget.c in mpg123 before 0.64 allows remote attackers to cause a denial of service (infinite loop) by closing the HTTP connection early.
CVE-2006-5508 1 Woltlab 1 Burning Book 2026-04-23 N/A
Multiple SQL injection vulnerabilities in addentry.php in WoltLab Burning Book 1.1.2 allow remote attackers to execute arbitrary SQL commands via (1) the n parameter and (2) the User-Agent HTTP header.
CVE-2007-0580 1 Javier Suarez Sanz 1 Foro Domus 2026-04-23 N/A
PHP remote file inclusion vulnerability in menu.php in Foro Domus 2.10 allows remote attackers to execute arbitrary PHP code via a URL in the sesion_idioma parameter.
CVE-2007-0589 1 Forum Livre 1 Forum Livre 2026-04-23 N/A
SQL injection vulnerability in Forum Livre 1.0 allows remote attackers to execute arbitrary SQL commands via the user parameter to info_user.asp.
CVE-2007-0593 1 Siteman 1 Siteman 2026-04-23 N/A
Siteman 1.1.11 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing password hashes via a direct request for data/members.txt.