Export limit exceeded: 363016 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363016 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-1005 1 Oracle 1 Bea Product Suite 2026-04-23 N/A
Unspecified vulnerability in the Oracle Data Service Integrator (AquaLogic Data Services Platform) component in BEA Product Suite 10.3.0, 3.2, 3.0.1, and 3.0 allows local users to affect confidentiality, integrity, and availability via unknown vectors.
CVE-2009-4470 1 Dvbbs 1 Dvbbs 2026-04-23 N/A
SQL injection vulnerability in boardrule.php in DVBBS 2.0 allows remote attackers to execute arbitrary SQL commands via the groupboardid parameter.
CVE-2007-2443 4 Canonical, Debian, Mit and 1 more 4 Ubuntu Linux, Debian Linux, Kerberos 5 and 1 more 2026-04-23 N/A
Integer signedness error in the gssrpc__svcauth_unix function in svc_auth_unix.c in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a negative length value.
CVE-2007-2444 3 Canonical, Debian, Samba 3 Ubuntu Linux, Debian Linux, Samba 2026-04-23 N/A
Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user.
CVE-2007-2448 2 Redhat, Subversion 2 Enterprise Linux, Subversion 2026-04-23 N/A
Subversion 1.4.3 and earlier does not properly implement the "partial access" privilege for users who have access to changed paths but not copied paths, which allows remote authenticated users to obtain sensitive information (revision properties) via svn (1) propget, (2) proplist, or (3) propedit.
CVE-2007-2449 2 Apache, Redhat 4 Tomcat, Enterprise Linux, Network Satellite and 1 more 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote attackers to inject arbitrary web script or HTML via the portion of the URI after the ';' character, as demonstrated by a URI containing a "snp/snoop.jsp;" sequence.
CVE-2008-3053 1 Typo3 1 Sql Frontend Extension 2026-04-23 N/A
SQL injection vulnerability in the SQL Frontend (mh_omsqlio) extension 1.0.11 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2007-2457 1 Pixaria 1 Pixaria Gallery 2026-04-23 N/A
PHP remote file inclusion vulnerability in resources/includes/class.Smarty.php in Pixaria Gallery before 1.4.3 allows remote attackers to execute arbitrary PHP code via a URL in the cfg[sys][base_path] parameter.
CVE-2007-2458 1 Pixaria 1 Pixaria Gallery 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in Pixaria Gallery before 1.4.3 allow remote attackers to execute arbitrary PHP code via a URL in the cfg[sys][base_path] parameter to psg.smarty.lib.php and certain include and library scripts, a different vector than CVE-2007-2457.
CVE-2007-2459 1 Tony Cook 1 Imager 2026-04-23 N/A
Heap-based buffer overflow in the BMP reader (bmp.c) in Imager perl module (libimager-perl) 0.45 through 0.56 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted 8-bit/pixel compressed BMP files.
CVE-2007-2461 1 Cisco 2 Adaptive Security Appliance Software, Pix 2026-04-23 N/A
The DHCP relay agent in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 allows remote attackers to cause a denial of service (dropped packets) via a DHCPREQUEST or DHCPINFORM message that causes multiple DHCPACK messages to be sent from DHCP servers to the agent, which consumes the memory allocated for a local buffer. NOTE: this issue only occurs when multiple DHCP servers are used.
CVE-2007-2462 1 Cisco 2 Adaptive Security Appliance Software, Pix 2026-04-23 N/A
Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 before 7.2(2)8, when using Layer 2 Tunneling Protocol (L2TP) or Remote Management Access, allows remote attackers to bypass LDAP authentication and gain privileges via unknown vectors.
CVE-2007-2463 1 Cisco 2 Adaptive Security Appliance Software, Pix 2026-04-23 N/A
Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)17 allows remote attackers to cause a denial of service (device reload) via unknown vectors related to VPN connection termination and password expiry.
CVE-2007-2464 1 Cisco 2 Adaptive Security Appliance Software, Pix 2026-04-23 N/A
Race condition in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)19, when using "clientless SSL VPNs," allows remote attackers to cause a denial of service (device reload) via "non-standard SSL sessions."
CVE-2007-2465 1 Sun 2 Solaris, Sunos 2026-04-23 N/A
Unspecified vulnerability in Sun Solaris 9, when Solaris Auditing (BSM) is enabled for file read, write, attribute modify, create, or delete audit classes, allows local users to cause a denial of service (panic) via unknown vectors, possibly related to the audit_savepath function.
CVE-2008-3054 1 Typo3 1 Branchenbuch Extension 2026-04-23 N/A
SQL injection vulnerability in the Branchenbuch (aka Yellow Pages o (mh_branchenbuch) extension 0.8.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2007-2467 1 Zonelabs 1 Zonealarm 2026-04-23 N/A
ZoneAlarm Pro 6.5.737.000, 6.1.744.001, and possibly earlier versions and other products, allows local users to cause a denial of service (system crash) by sending malformed data to the vsdatant device driver, which causes an invalid memory access.
CVE-2007-2468 1 Hp 1 Openvms 2026-04-23 N/A
Unspecified vulnerability in HP OpenVMS for Integrity Servers 8.2-1 and 8.3 allows local users to cause a denial of service (crash) via "Program actions relating to exceptions."
CVE-2007-2469 1 Filerun 1 Filerun 2026-04-23 N/A
SQL injection vulnerability in index.php in FileRun 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the fid parameter.
CVE-2007-2470 1 Filerun 1 Filerun 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php in FileRun 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) page, (2) module, or (3) section parameter.