Export limit exceeded: 362865 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (362865 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-0253 1 Grsecurity 1 Grsecurity Kernel Patch 2026-04-23 N/A
Unspecified vulnerability in the grsecurity patch has unspecified impact and remote attack vectors, a different vulnerability than the expand_stack vulnerability from the Digital Armaments 20070110 pre-advisory. NOTE: the grsecurity developer has disputed this issue, stating that "the function they claim the vulnerability to be in is a trivial function, which can, and has been, easily checked for any supposed vulnerabilities." The developer also cites a past disclosure that was not proven
CVE-2006-6419 1 Ryan Demmer 1 Joomla Content Editor 2026-04-23 N/A
jce.php in the JCE Admin Component in Ryan Demmer Joomla Content Editor (JCE) 1.1.0 beta 2 and earlier for Joomla! (com_jce) allows remote attackers to include and possibly execute arbitrary local files via the (1) plugin or (2) file parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-0252 1 Easy-content Filemanager 1 Easy-content Filemanager 2026-04-23 N/A
Unspecified vulnerability in easy-content filemanager allows remote attackers to upload or modify arbitrary files via unspecified vectors.
CVE-2006-6397 3 Freebsd, Netbsd, Openbsd 3 Freebsd, Netbsd, Openbsd 2026-04-23 N/A
Integer overflow in banner/banner.c in FreeBSD, NetBSD, and OpenBSD might allow local users to modify memory via a long banner. NOTE: CVE and multiple third parties dispute this issue. Since banner is not setuid, an exploit would not cross privilege boundaries in normal operations. This issue is not a vulnerability
CVE-2007-1904 1 Aol 2 Icq, Instant Messenger 2026-04-23 N/A
Directory traversal vulnerability in AOL Instant Messenger (AIM) 5.9 and earlier, and ICQ 5.1 and probably earlier, allows user-assisted remote attackers to write files to arbitrary locations via a .. (dot dot) in a filename in a file transfer operation.
CVE-2007-1248 1 Built2go 1 News Manager Blog 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in built2go News Manager Blog 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) cid, (2) uid, and (3) nid parameters to (a) news.php, and the nid parameter to (b) rating.php.
CVE-2007-0251 1 Snort 1 Snort 2026-04-23 N/A
Integer underflow in the DecodeGRE function in src/decode.c in Snort 2.6.1.2 allows remote attackers to trigger dereferencing of certain memory locations via crafted GRE packets, which may cause corruption of log files or writing of sensitive information into log files.
CVE-2006-6390 1 Open Solution 1 Quick.cart 2026-04-23 N/A
Multiple directory traversal vulnerabilities in Open Solution Quick.Cart 2.0, when register_globals is enabled and magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the config[db_type] parameter to (1) categories.php, (2) couriers.php, (3) orders.php, and (4) products.php in actions_admin/; and (5) orders.php and (6) products.php in actions_client/; as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by one of these PHP scripts.
CVE-2007-1247 1 Aweb Labs 1 Awebnews 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in aWeb Labs aWebNews 1.5 allow remote attackers to execute arbitrary PHP code via a URL in the path_to_news parameter to (1) listing.php or (2) visview.php.
CVE-2007-0250 1 Nwom 1 Nwom Topsites 2026-04-23 N/A
index.php in Nwom topsites 3.0 allows remote attackers to obtain potentially sensitive information via a ' (quote) character in the o parameter, which forces a SQL error.
CVE-2006-6385 1 Intel 4 Pro 1000 Adapters, Pro 1000 Pcie Adapters, Pro 10 100 Adapters and 1 more 2026-04-23 N/A
Stack-based buffer overflow in Intel PRO 10/100, PRO/1000, and PRO/10GbE PCI, PCI-X, and PCIe network adapter drivers (aka NDIS miniport drivers) before 20061205 allows local users to execute arbitrary code with "kernel-level" privileges via an incorrect function call in certain OID handlers.
CVE-2007-1243 1 Audins Audiens 1 Audins Audiens 2026-04-23 N/A
Audins Audiens 3.3 allows remote attackers to bypass authentication and perform certain privileged actions, possibly an uninstall of the product, by calling unistall.php with the values cnf=disinstalla and status=on. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-0246 1 Gforge 1 Gforge 2026-04-23 N/A
plugins/scmcvs/www/cvsweb.php in the CVSWeb CGI in GForge 4.5.16 before 20070524, aka gforge-plugin-scmcvs, allows remote attackers to execute arbitrary commands via shell metacharacters in the PATH_INFO.
CVE-2006-6379 1 Broadcom 3 Brightstor Arcserve Backup, Brightstor Enterprise Backup, Server Protection Suite 2026-04-23 N/A
Buffer overflow in the BrightStor Backup Discovery Service in multiple CA products, including ARCserve Backup r11.5 SP1 and earlier, ARCserve Backup 9.01 up to 11.1, Enterprise Backup 10.5, and CA Server Protection Suite r2, allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2007-0245 2 Openoffice, Redhat 2 Openoffice, Enterprise Linux 2026-04-23 N/A
Heap-based buffer overflow in OpenOffice.org (OOo) 2.2.1 and earlier allows remote attackers to execute arbitrary code via a RTF file with a crafted prtdata tag with a length parameter inconsistency, which causes vtable entries to be overwritten.
CVE-2006-6378 1 Widcomm 1 Btsavemysql 2026-04-23 N/A
BTSaveMySql 1.2 stores sensitive data under the web root with insufficient access control, which allows remote attackers to obtain configuration and save files via direct requests.
CVE-2007-1242 1 Audins Audiens 1 Audins Audiens 2026-04-23 N/A
SQL injection vulnerability in system/index.php in Audins Audiens 3.3 allows remote attackers to execute arbitrary SQL commands via the PHPSESSID cookie. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-0243 2 Redhat, Sun 6 Enterprise Linux, Network Satellite, Rhel Extras and 3 more 2026-04-23 N/A
Buffer overflow in Sun JDK and Java Runtime Environment (JRE) 5.0 Update 9 and earlier, SDK and JRE 1.4.2_12 and earlier, and SDK and JRE 1.3.1_18 and earlier allows applets to gain privileges via a GIF image with a block with a 0 width field, which triggers memory corruption.
CVE-2006-6377 1 Uploadscript 1 Uploadscript 2026-04-23 N/A
Uploadscript 1.2 and earlier stores sensitive data under the web root with insufficient access control, which allows remote attackers to obtain the admin password hash via a direct request for /password.txt.
CVE-2007-1241 1 Audins Audiens 1 Audins Audiens 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in setup.php in Audins Audiens 3.3 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.