Export limit exceeded: 359550 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359550 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-2105 | 1 Kasper Skrhj | 1 References Database | 2026-04-23 | N/A |
| SQL injection vulnerability in the References database (t3references) extension 0.1.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2007-3805 | 1 Clavister | 1 Clavister Coreplus | 2026-04-23 | N/A |
| The IKE implementation in Clavister CorePlus before 8.80.03, and 8.80.00, does not properly validate certificates during IKE negotiation, which allows remote attackers to cause a denial of service (gateway stop) via certain certificates. | ||||
| CVE-2008-4869 | 2 Ffmpeg, Mplayer | 2 Ffmpeg, Mplayer | 2026-04-23 | N/A |
| FFmpeg 0.4.9, as used by MPlayer, allows context-dependent attackers to cause a denial of service (memory consumption) via unknown vectors, aka a "Tcp/udp memory leak." | ||||
| CVE-2009-2106 | 2 Projektseminar Proservice Wwu, Typo3 | 2 Virtual Civil Services, Typo3 | 2026-04-23 | N/A |
| SQL injection vulnerability in the Virtual Civil Services (civserv) extension 4.3.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2007-3806 | 1 Php | 1 Php | 2026-04-23 | N/A |
| The glob function in PHP 5.2.3 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an invalid value of the flags parameter, probably related to memory corruption or an invalid read on win32 platforms, and possibly related to lack of initialization for a glob structure. | ||||
| CVE-2008-4870 | 2 Dovecot, Redhat | 2 Dovecot, Enterprise Linux | 2026-04-23 | N/A |
| dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value. | ||||
| CVE-2009-2107 | 1 Webmediaexplorer | 1 Webmedia Explorer | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in Webmedia Explorer (webmex) 5.09 and 5.10 allow remote attackers to inject arbitrary web script or HTML via event handlers such as onmouseover in the (1) search or (2) tag parameters; (3) arbitrary invalid parameter names that are not properly handled when triggered on a column; (4) bookmark parameter in an edit action; or (5) email parameter in a remember action. | ||||
| CVE-2009-2110 | 1 Jnmsolutions | 1 Db Top Sites | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in DB Top Sites 1.0, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the u parameter to (1) full.php, (2) index.php, and (3) contact.php. | ||||
| CVE-2009-2112 | 1 Frank-karau | 1 Phpfk | 2026-04-23 | N/A |
| Directory traversal vulnerability in include/page_bottom.php in phpFK 7.03 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the _FORUM[settings_design_style] parameter. | ||||
| CVE-2009-2114 | 1 Skybluecanvas | 1 Skybluecanvas | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in admin.php in SkyBlueCanvas 1.1 r237 allow remote attackers to inject arbitrary web script or HTML via the (1) mgroup, (2) mgr, (3) objtype, (4) id, and (5) dir parameters. | ||||
| CVE-2009-2116 | 1 Skybluecanvas | 1 Skybluecanvas | 2026-04-23 | N/A |
| Directory traversal vulnerability in admin.php in SkyBlueCanvas 1.1 r237 allows remote authenticated administrators to list directory contents via a .. (dot dot) in the dir parameter. | ||||
| CVE-2009-2139 | 1 Sun | 1 Openoffice.org | 2026-04-23 | N/A |
| Heap-based buffer overflow in svtools/source/filter.vcl/wmf/enhwmf.cxx in Go-oo 2.x and 3.x before 3.0.1, previously named ooo-build and related to OpenOffice.org (OOo), allows remote attackers to execute arbitrary code via a crafted EMF file, a similar issue to CVE-2008-2238. | ||||
| CVE-2007-3807 | 1 Sitescape | 1 Sitescape Forum | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in SiteScape Forum before 7.3 allow remote attackers to inject arbitrary web script or HTML via the user name field in the login procedure, and other unspecified vectors. | ||||
| CVE-2008-4871 | 1 My Little Forum | 1 My Little Forum | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in My Little Forum 1.75 and 2.0 Beta 23 allows remote attackers to inject arbitrary web script or HTML via BBcode IMG tags. | ||||
| CVE-2009-2108 | 1 Git | 1 Git | 2026-04-23 | N/A |
| git-daemon in git 1.4.4.5 through 1.6.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a request containing extra unrecognized arguments. | ||||
| CVE-2009-2111 | 1 Jnmsolutions | 1 Db Top Sites | 2026-04-23 | N/A |
| Static code injection vulnerability in add_reg.php in DB Top Sites 1.0 allows remote attackers to inject arbitrary PHP code via a crafted (1) url and (2) location parameter. | ||||
| CVE-2009-2113 | 1 Fretsweb Project | 1 Fretsweb | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in FretsWeb 1.2 allow remote attackers to execute arbitrary SQL commands via the (1) name parameter to player.php and the (2) hash parameter to song.php. | ||||
| CVE-2009-2115 | 1 Skybluecanvas | 1 Skybluecanvas | 2026-04-23 | N/A |
| admin.php in SkyBlueCanvas 1.1 r237 allows remote authenticated administrators to obtain sensitive information via an invalid id parameter, which reveals the installation path in an error message. | ||||
| CVE-2009-2117 | 1 Phportal | 1 Phportal | 2026-04-23 | N/A |
| uye_paneli.php in phPortal 1.0 allows remote attackers to bypass authentication and obtain administrative access by setting the kulladi cookie to a valid username. | ||||
| CVE-2009-2140 | 1 Go-oo | 1 Go-oo | 2026-04-23 | N/A |
| Multiple heap-based buffer overflows in cppcanvas/source/mtfrenderer/emfplus.cxx in Go-oo 2.x and 3.x before 3.0.1, previously named ooo-build and related to OpenOffice.org (OOo), allow remote attackers to execute arbitrary code via a crafted EMF+ file, a similar issue to CVE-2008-2238. | ||||