Export limit exceeded: 363761 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363761 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-0278 | 1 Microsoft | 3 Windows 7, Windows Live Messenger, Windows Vista | 2026-04-23 | N/A |
| A certain ActiveX control in msgsc.14.0.8089.726.dll in Microsoft Windows Live Messenger 2009 build 14.0.8089.726 on Windows Vista and Windows 7 allows remote attackers to cause a denial of service (msnmsgr.exe crash) by calling the ViewProfile method with a crafted argument during an MSN Messenger session. | ||||
| CVE-2009-2292 | 1 Appleple | 1 A-news | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Appleple a-News 2.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2008-5151 | 1 Abottoms | 1 Mayavi | 2026-04-23 | N/A |
| test_parser.py in mayavi 1.5 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/err.log temporary file. | ||||
| CVE-2007-4309 | 1 Ibm | 1 Lotus Notes | 2026-04-23 | N/A |
| IBM Lotus Notes 5.x through 7.0.2 allows user-assisted remote authenticated administrators to obtain a cleartext notes.id password by setting the notes.ini (1) KFM_ShowEntropy and (2) Debug_Outfile debug variables, a different vulnerability than CVE-2005-2696. | ||||
| CVE-2010-0277 | 3 Adium, Pidgin, Redhat | 3 Adium, Pidgin, Enterprise Linux | 2026-04-23 | N/A |
| slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.6, including 2.6.4, and Adium 1.3.8 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed MSNSLP INVITE request in an SLP message, a different issue than CVE-2010-0013. | ||||
| CVE-2007-3930 | 2 Microsoft, Wiki | 2 Internet Explorer, Dokuwiki | 2026-04-23 | N/A |
| Interpretation conflict between Microsoft Internet Explorer and DocuWiki before 2007-06-26b allows remote attackers to inject arbitrary JavaScript and conduct cross-site scripting (XSS) attacks when spellchecking UTF-8 encoded messages via the spell_utf8test function in lib/exe/spellcheck.php, which triggers HTML document identification and script execution by Internet Explorer even though the Content-Type header is text/plain. | ||||
| CVE-2008-4954 | 1 Fumitoshi Ukai | 1 Fml | 2026-04-23 | N/A |
| mead.pl in fml 4.0.3 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/debugbuf temporary file. | ||||
| CVE-2009-2221 | 1 Php.s3 | 1 Php-i-board | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in PHP-I-BOARD 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2007-3959 | 1 Ipswitch | 2 Imserver, Ipswitch Collaboration Suite | 2026-04-23 | N/A |
| The IM Server (aka IMserve or IMserver) 2.0.5.30 and probably earlier in Ipswitch Instant Messaging before 2.07 in Ipswitch Collaboration Suite (ICS) allows remote attackers to cause a denial of service (daemon crash) via certain data to TCP port 5179 that overwrites a destructor, as reachable by the (1) DoAttachVideoSender, (2) DoAttachVideoReceiver, (3) DoAttachAudioSender, and (4) DoAttachAudioReceiver functions. | ||||
| CVE-2008-4955 | 1 Duncan Webb | 1 Freevo | 2026-04-23 | N/A |
| freevo.real in freevo 1.8.1 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/*-#####.pid, (2) /tmp/freevo-gdb, (3) /tmp/freevo-gdb.sh, and (4) /tmp/*.stats temporary files. NOTE: this issue is only a vulnerability when a verbose debug mode is activated by modifying source code. | ||||
| CVE-2009-2222 | 1 Php.s3 | 1 Php-i-board | 2026-04-23 | N/A |
| Directory traversal vulnerability in PHP-I-BOARD 1.2 and earlier allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors, probably related to mail. | ||||
| CVE-2007-3975 | 1 Elite Forum | 1 Elite Forum | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Elite Forum 1.0.0.0 allows remote attackers to inject arbitrary web script or HTML via the title parameter in a ptopic action, a different vulnerability than CVE-2005-3412. | ||||
| CVE-2008-4956 | 1 Firewallbuilder | 1 Fwbuilder | 2026-04-23 | N/A |
| fwb_install in fwbuilder 2.1.19 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/ssh-agent.##### temporary file. | ||||
| CVE-2009-2223 | 1 Teozkr | 1 Lightopencms | 2026-04-23 | N/A |
| Directory traversal vulnerability in locms/smarty.php in LightOpenCMS 0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cwd parameter. NOTE: remote file inclusion attacks may be possible. | ||||
| CVE-2007-3978 | 1 Bwired | 1 Bwired | 2026-04-23 | N/A |
| Session fixation vulnerability in bwired allows remote attackers to hijack web sessions by setting the PHPSESSID parameter. | ||||
| CVE-2008-4957 | 1 Gccxml | 1 Gccxml | 2026-04-23 | N/A |
| find_flags in Kitware GCC-XML (gccxml) 0.9.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/*.cxx temporary file. | ||||
| CVE-2007-3979 | 1 Netart Media | 1 Blog System | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in BlogSite Professional (aka Blog System) 1.x allows remote attackers to execute arbitrary SQL commands via the news_id parameter. | ||||
| CVE-2008-4965 | 1 Savonet | 1 Liguidsoap | 2026-04-23 | N/A |
| liguidsoap.py in liguidsoap 0.3.8.1+2 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/liguidsoap.liq, (2) /tmp/lig.#####.log, and (3) /tmp/emission.ogg temporary files. | ||||
| CVE-2007-3980 | 1 Rcms Pro | 1 Rgamescript Pro | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in page.php in RCMS Pro RGameScript Pro allows remote attackers to execute arbitrary PHP code via a URL in the id parameter. | ||||
| CVE-2007-3981 | 1 Wsn Links | 1 Wsn Links | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in WSN Links Basic Edition allows remote attackers to execute arbitrary SQL commands via the catid parameter in a displaycat action. | ||||