Export limit exceeded: 26430 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (26430 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-6241 1 Telnet Ftp Server 1 Telnet Ftp Server 2026-04-23 N/A
Sorin Chitu Telnet-FTP Server 1.0 allows remote authenticated users to cause a denial of service (crash) via consecutive RETR commands. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6063 1 Microsoft 1 Word 2026-04-23 N/A
Microsoft Word 2007, when the "Save as PDF" add-on is enabled, places an absolute pathname in the Subject field during an "Email as PDF" operation, which allows remote attackers to obtain sensitive information such as the sender's account name and a Temporary Internet Files subdirectory name.
CVE-2007-0683 1 Omegaboard Project 1 Omegaboard 2026-04-23 N/A
PHP remote file inclusion vulnerability in includes/functions.php in Omegaboard 1.0beta4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2007-3716 1 Sun 2 Jdk, Jre 2026-04-23 N/A
The Java XML Digital Signature implementation in Sun JDK and JRE 6 before Update 2 does not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute arbitrary code via a crafted stylesheet, a related issue to CVE-2007-3715.
CVE-2008-6058 1 Syslserve 1 Syslserve 2026-04-23 N/A
Syslserve 1.058 and earlier, and probably 1.059, allows remote attackers to cause a denial of service (hang) via a crafted UDP Syslog packet.
CVE-2007-6283 4 Centos, Fedoraproject, Oracle and 1 more 9 Centos, Fedora Core, Linux and 6 more 2026-04-23 N/A
Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key file with world-readable permissions, which allows local users to perform unauthorized named commands, such as causing a denial of service by stopping named.
CVE-2008-6913 1 Zeeways 1 Zeejobsite 2026-04-23 N/A
Unrestricted file upload vulnerability in editresume_next.php in Zeeways ZEEJOBSITE 2.0 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a photo in a profile edit action, then accessing the file via a direct request to jobseekers/logos/.
CVE-2007-2353 1 Apache 1 Axis 2026-04-23 N/A
Apache Axis 1.0 allows remote attackers to obtain sensitive information by requesting a non-existent WSDL file, which reveals the installation path in the resulting exception message.
CVE-2008-4340 1 Google 1 Chrome 2026-04-23 N/A
Google Chrome 0.2.149.29 and 0.2.149.30 allows remote attackers to cause a denial of service (memory consumption) via an HTML document containing a carriage return ("\r\n\r\n") argument to the window.open function.
CVE-2008-5431 1 5e5 1 Teamtek Universal Ftp Server 2026-04-23 N/A
Teamtek Universal FTP Server 1.0.44 allows remote attackers to cause a denial of service via (1) a certain CWD command, (2) a long LIST command, or (3) a certain PORT command.
CVE-2007-6476 1 Gf 3xplorer 1 Gf 3xplorer 2026-04-23 N/A
GF-3XPLORER 2.4 allows remote attackers to obtain configuration information via a direct request to explorer/phpinfo.php, which calls the phpinfo function.
CVE-2008-5420 1 Emc 1 Control Center 2026-04-23 N/A
The SAN Manager Master Agent service (aka msragent.exe) in EMC Control Center before 6.1 does not properly authenticate SST_SENDFILE requests, which allows remote attackers to read arbitrary files.
CVE-2008-1245 1 Belkin 1 F5d7230-4 2026-04-23 N/A
cgi-bin/setup_virtualserver.exe on the Belkin F5D7230-4 router with firmware 9.01.10 allows remote attackers to cause a denial of service (control center outage) via an HTTP request with invalid POST data and a "Connection: Keep-Alive" header.
CVE-2008-4400 2 Broadcom, Ca 5 Arcserve Backup, Business Protection Suite, Server Protection Suite and 2 more 2026-04-23 N/A
Unspecified vulnerability in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash of multiple services) via crafted authentication credentials, related to "insufficient validation."
CVE-2008-5413 1 Ibm 1 Websphere Application Server 2026-04-23 N/A
PerfServlet in the PMI/Performance Tools component in IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 allows attackers to obtain sensitive information by reading the (1) systemout.log and (2) ffdc files. NOTE: this is probably a duplicate of CVE-2009-0434.
CVE-2007-6514 2 Apache, Linux 2 Http Server, Linux Kernel 2026-04-23 N/A
Apache HTTP Server, when running on Linux with a document root on a Windows share mounted using smbfs, allows remote attackers to obtain unprocessed content such as source files for .php programs via a trailing "\" (backslash), which is not handled by the intended AddType directive.
CVE-2008-5362 2 Adobe, Redhat 3 Air, Flash Player, Rhel Extras 2026-04-23 N/A
The DefineConstantPool action in the ActionScript 2 virtual machine in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0, and Adobe AIR before 1.5, accepts an untrusted input value for a "constant count," which allows remote attackers to read sensitive data from process memory via a crafted PDF file.
CVE-2008-5350 2 Redhat, Sun 5 Network Satellite, Rhel Extras, Jdk and 2 more 2026-04-23 N/A
Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted applications and applets to list the contents of the operating user's directory via unknown vectors.
CVE-2007-3711 1 3com 1 Tippingpoint Ips Tos 2026-04-23 N/A
Unspecified vulnerability in TOS 2.1.x, 2.2.x before 2.2.5, and 2.5.x before 2.5.2 on TippingPoint IPS allows remote attackers to avoid detection by sending certain fragmented packets.
CVE-2008-5346 2 Redhat, Sun 5 Network Satellite, Rhel Extras, Jdk and 2 more 2026-04-23 N/A
Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 or earlier allows untrusted applets and applications to read arbitrary memory via a crafted ZIP file.