Export limit exceeded: 363719 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363719 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-0277 | 3 Adium, Pidgin, Redhat | 3 Adium, Pidgin, Enterprise Linux | 2026-04-23 | N/A |
| slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.6, including 2.6.4, and Adium 1.3.8 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed MSNSLP INVITE request in an SLP message, a different issue than CVE-2010-0013. | ||||
| CVE-2007-3930 | 2 Microsoft, Wiki | 2 Internet Explorer, Dokuwiki | 2026-04-23 | N/A |
| Interpretation conflict between Microsoft Internet Explorer and DocuWiki before 2007-06-26b allows remote attackers to inject arbitrary JavaScript and conduct cross-site scripting (XSS) attacks when spellchecking UTF-8 encoded messages via the spell_utf8test function in lib/exe/spellcheck.php, which triggers HTML document identification and script execution by Internet Explorer even though the Content-Type header is text/plain. | ||||
| CVE-2008-4954 | 1 Fumitoshi Ukai | 1 Fml | 2026-04-23 | N/A |
| mead.pl in fml 4.0.3 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/debugbuf temporary file. | ||||
| CVE-2009-2221 | 1 Php.s3 | 1 Php-i-board | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in PHP-I-BOARD 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2007-3959 | 1 Ipswitch | 2 Imserver, Ipswitch Collaboration Suite | 2026-04-23 | N/A |
| The IM Server (aka IMserve or IMserver) 2.0.5.30 and probably earlier in Ipswitch Instant Messaging before 2.07 in Ipswitch Collaboration Suite (ICS) allows remote attackers to cause a denial of service (daemon crash) via certain data to TCP port 5179 that overwrites a destructor, as reachable by the (1) DoAttachVideoSender, (2) DoAttachVideoReceiver, (3) DoAttachAudioSender, and (4) DoAttachAudioReceiver functions. | ||||
| CVE-2008-4955 | 1 Duncan Webb | 1 Freevo | 2026-04-23 | N/A |
| freevo.real in freevo 1.8.1 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/*-#####.pid, (2) /tmp/freevo-gdb, (3) /tmp/freevo-gdb.sh, and (4) /tmp/*.stats temporary files. NOTE: this issue is only a vulnerability when a verbose debug mode is activated by modifying source code. | ||||
| CVE-2009-2222 | 1 Php.s3 | 1 Php-i-board | 2026-04-23 | N/A |
| Directory traversal vulnerability in PHP-I-BOARD 1.2 and earlier allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors, probably related to mail. | ||||
| CVE-2007-3975 | 1 Elite Forum | 1 Elite Forum | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Elite Forum 1.0.0.0 allows remote attackers to inject arbitrary web script or HTML via the title parameter in a ptopic action, a different vulnerability than CVE-2005-3412. | ||||
| CVE-2008-4956 | 1 Firewallbuilder | 1 Fwbuilder | 2026-04-23 | N/A |
| fwb_install in fwbuilder 2.1.19 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/ssh-agent.##### temporary file. | ||||
| CVE-2009-2223 | 1 Teozkr | 1 Lightopencms | 2026-04-23 | N/A |
| Directory traversal vulnerability in locms/smarty.php in LightOpenCMS 0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cwd parameter. NOTE: remote file inclusion attacks may be possible. | ||||
| CVE-2007-3978 | 1 Bwired | 1 Bwired | 2026-04-23 | N/A |
| Session fixation vulnerability in bwired allows remote attackers to hijack web sessions by setting the PHPSESSID parameter. | ||||
| CVE-2008-4957 | 1 Gccxml | 1 Gccxml | 2026-04-23 | N/A |
| find_flags in Kitware GCC-XML (gccxml) 0.9.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/*.cxx temporary file. | ||||
| CVE-2007-3979 | 1 Netart Media | 1 Blog System | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in BlogSite Professional (aka Blog System) 1.x allows remote attackers to execute arbitrary SQL commands via the news_id parameter. | ||||
| CVE-2008-4965 | 1 Savonet | 1 Liguidsoap | 2026-04-23 | N/A |
| liguidsoap.py in liguidsoap 0.3.8.1+2 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/liguidsoap.liq, (2) /tmp/lig.#####.log, and (3) /tmp/emission.ogg temporary files. | ||||
| CVE-2007-3980 | 1 Rcms Pro | 1 Rgamescript Pro | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in page.php in RCMS Pro RGameScript Pro allows remote attackers to execute arbitrary PHP code via a URL in the id parameter. | ||||
| CVE-2007-3981 | 1 Wsn Links | 1 Wsn Links | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in WSN Links Basic Edition allows remote attackers to execute arbitrary SQL commands via the catid parameter in a displaycat action. | ||||
| CVE-2008-4969 | 1 Alastair Mckinstry | 1 Ltp-network-test | 2026-04-23 | N/A |
| ltp-network-test 20060918 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/vsftpd.conf, (b) /tmp/udp/2/*, (c) /tmp/tcp/2/*, (d) /tmp/udp/3/*, (e) /tmp/tcp/3/*, (f) /tmp/nfs_fsstress.udp.2.log, (g) /tmp/nfs_fsstress.udp.3.log, (h) /tmp/nfs_fsstress.tcp.2.log, (i) /tmp/nfs_fsstress.tcp.3.log, and (j) /tmp/nfs_fsstress.sardata temporary files, related to the (1) ftp_setup_vsftp_conf and (2) nfs_fsstress.sh scripts. | ||||
| CVE-2007-3982 | 1 Datadynamics | 1 Activereports | 2026-04-23 | N/A |
| Absolute path traversal vulnerability in the Data Dynamics ActiveReport (ActiveReports) ActiveX control in actrpt2.dll 2.5 and earlier allows remote attackers to create or overwrite arbitrary files via a full pathname in the first argument to the SaveLayout method. | ||||
| CVE-2008-4974 | 1 Netmrg | 1 Netmrg | 2026-04-23 | N/A |
| rrdedit in netmrg 0.20 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/*.xml and (2) /tmp/*.backup temporary files. | ||||
| CVE-2009-2224 | 1 An Guestbook | 1 An Guestbook | 2026-04-23 | N/A |
| Directory traversal vulnerability in ang/shared/flags.php in AN Guestbook 0.7.8, when register_globals is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the g_lang parameter. | ||||