Export limit exceeded: 364625 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 364625 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (26329 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-6684 1 Videolan 1 Vlc 2026-04-23 N/A
The RTSP module in VideoLAN VLC 0.8.6d allows remote attackers to cause a denial of service (crash) via a request without a Transport parameter, which triggers a NULL pointer dereference.
CVE-2007-5066 1 Webmin 1 Webmin 2026-04-23 N/A
Unspecified vulnerability in Webmin before 1.370 on Windows allows remote authenticated users to execute arbitrary commands via a crafted URL.
CVE-2006-6943 1 Phpmyadmin 1 Phpmyadmin 2026-04-23 N/A
PhpMyAdmin before 2.9.1.1 allows remote attackers to obtain the full server path via direct requests to (a) scripts/check_lang.php and (b) themes/darkblue_orange/layout.inc.php; and via the (1) lang[], (2) target[], (3) db[], (4) goto[], (5) table[], and (6) tbl_group[] array arguments to (c) index.php, and the (7) back[] argument to (d) sql.php; and an invalid (8) sort_by parameter to (e) server_databases.php and (9) db parameter to (f) db_printview.php.
CVE-2007-4467 1 Oracle 1 Jinitiator 2026-04-23 N/A
Multiple stack-based buffer overflows in the Oracle JInitiator ActiveX control (beans.ocx) 1.1.8.16 and earlier, as used by Oracle Forms applications from Oracle and third parties, allow remote attackers to execute arbitrary code via unspecified "initialization parameters." NOTE: it was later reported that 1.1.8.3 through 1.1.8.25, and probably 1.1.5.x and 1.1.7.x, are affected.
CVE-2007-4732 1 Sun 1 Solaris 2026-04-23 N/A
Unspecified vulnerability in the strfreectty function in the Special File System (SPECFS) in Sun Solaris 8 through 10 allows local users to cause a denial of service (system panic), related to passing a NULL pointer to the pgsignal function.
CVE-2007-0104 2 Kde, Xpdf 2 Kde, Xpdf 2026-04-23 N/A
The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node.
CVE-2007-0103 1 Adobe 1 Acrobat Reader 2026-04-23 N/A
The Adobe PDF specification 1.3, as implemented by Adobe Acrobat before 8.0.0, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node.
CVE-2007-0102 1 Apple 1 Preview 2026-04-23 N/A
The Adobe PDF specification 1.3, as implemented by Apple Mac OS X Preview, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node.
CVE-2006-6954 1 Flock 1 Flock 2026-04-23 N/A
Flock beta 1 0.7 allows remote attackers to cause a denial of service (application crash) via a web page that contains a large number of nested marquee tags, a related issue to CVE-2006-2723.
CVE-2007-0035 1 Microsoft 2 Office, Works 2026-04-23 N/A
Word (or Word Viewer) in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, 2004 for Mac, and Works Suite 2004, 2005, and 2006 does not properly handle data in a certain array, which allows user-assisted remote attackers to execute arbitrary code, aka the "Word Array Overflow Vulnerability."
CVE-2006-6956 1 Microsoft 1 Internet Explorer 2026-04-23 N/A
Microsoft Internet Explorer allows remote attackers to cause a denial of service (crash) via a web page that contains a large number of nested marquee tags, a related issue to CVE-2006-2723.
CVE-2007-4664 1 Firebirdsql 1 Firebird 2026-04-23 N/A
Unspecified vulnerability in the (1) attach database and (2) create database functionality in Firebird before 2.0.2, when a filename exceeds MAX_PATH_LEN, has unknown impact and attack vectors, aka CORE-1405.
CVE-2006-7235 1 5e5 1 Teamtek Universal Ftp Server 2026-04-23 N/A
Teamtek Universal FTP Server 1.0.50 allows remote attackers to cause a denial of service (daemon crash or hang) via (1) multiple STOR (aka PUT) commands, or an MKD command followed by (2) a '*' argument, (3) a '|' argument, (4) spaces, or (5) a long string. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-7113 1 Planerd.net 1 P-news 2026-04-23 N/A
Unrestricted file upload vulnerability in P-News 2.0 allows remote attackers to upload and execute arbitrary files via an avatar file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-3115 1 Solarwinds 1 Tftp Server 2026-04-23 N/A
SolarWinds TFTP Server 9.2.0.111 and earlier allows remote attackers to cause a denial of service (service stop) via a crafted Option Acknowledgement (OACK) request. NOTE: some of these details are obtained from third party information.
CVE-2008-3479 1 Microsoft 1 Windows 2000 2026-04-23 N/A
Heap-based buffer overflow in the Microsoft Message Queuing (MSMQ) service (mqsvc.exe) in Microsoft Windows 2000 SP4 allows remote attackers to read memory contents and execute arbitrary code via a crafted RPC call, related to improper processing of parameters to string APIs, aka "Message Queuing Service Remote Code Execution Vulnerability."
CVE-2008-0052 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
CoreServices in Apple Mac OS X 10.4.11 treats .ief as a safe file type, which allows remote attackers to force Safari users into opening an .ief file in AppleWorks, even when the "Open 'Safe' files" preference is set.
CVE-2009-2305 1 Armassa 2 Ard-9808, Ard-9808 Software 2026-04-23 N/A
The ARD-9808 DVR card security camera allows remote attackers to cause a denial of service via a long URI composed of //.\ (slash slash dot backslash) sequences.
CVE-2009-2445 1 Sun 1 Java System Web Server 2026-04-23 N/A
Oracle iPlanet Web Server (formerly Sun Java System Web Server or Sun ONE Web Server) 6.1 before SP12, and 7.0 through Update 6, when running on Windows, allows remote attackers to read arbitrary JSP files via an alternate data stream syntax, as demonstrated by a .jsp::$DATA URI.
CVE-2006-6383 1 Php 1 Php 2026-04-23 N/A
PHP 5.2.0 and 4.4 allows local users to bypass safe_mode and open_basedir restrictions via a malicious path and a null byte before a ";" in a session_save_path argument, followed by an allowed path, which causes a parsing inconsistency in which PHP validates the allowed path but sets session.save_path to the malicious path.