Search Results (121363 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-4520 1 Novell 1 Edirectory 2026-04-23 N/A
ncp in Novell eDirectory before 8.7.3 SP9, and 8.8.x before 8.8.1 FTF2, does not properly handle NCP fragments with a negative length, which allows remote attackers to cause a denial of service (daemon crash) when the heap is written to a log file.
CVE-2008-1425 1 Easy-clanpage 1 Easy-clanpage 2026-04-23 N/A
SQL injection vulnerability in index.php in the gallery module in Easy-Clanpage 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a kate action.
CVE-2008-6731 1 China-on-site 1 Flexphplink 2026-04-23 N/A
Unrestricted file upload vulnerability in submitlink.php in FlexPHPLink Pro 0.0.7 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the renamed file in linkphoto/.
CVE-2008-4468 1 Vastal I-tech 1 Share Zone 2026-04-23 N/A
SQL injection vulnerability in view_news.php in Vastal I-Tech Share Zone allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2008-1492 1 Coronamatrix 1 Phpaddressbook 2026-04-23 N/A
Multiple directory traversal vulnerabilities in CoronaMatrix phpAddressBook 2.11 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the skin parameter to (1) index.php and (2) install.php. NOTE: it was later reported that vector 1 is also present in 2.0.
CVE-2008-1506 1 Peel 1 Peel 2026-04-23 N/A
PEEL, possibly 3.x and earlier, allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function.
CVE-2006-5660 1 Cisco 1 Security Agent Management Center 2026-04-23 N/A
Cisco Security Agent Management Center (CSAMC) 5.1 before 5.1.0.79 does not properly handle certain LDAP error messages, which allows remote attackers to bypass authentication requirements via an empty password when using an external LDAP server.
CVE-2008-1533 1 Joomla 1 Joomla 2026-04-23 N/A
Unspecified vulnerability in the XML-RPC Blogger API plugin in Joomla! 1.5 allows remote attackers to perform unauthorized article operations on articles via unknown vectors.
CVE-2008-4472 1 Autodesk 3 Design Review, Dwf Viewer, Revit Architecture 2026-04-23 N/A
The UpdateEngine class in the LiveUpdate ActiveX control (LiveUpdate16.DLL 17.2.56), as used in Revit Architecture 2009 SP2 and Autodesk Design Review 2009, allows remote attackers to execute arbitrary programs via the second argument to the ApplyPatch method.
CVE-2009-1602 1 Pablosoftwaresolutions 1 Quick\'n Easy Mail Server 2026-04-23 N/A
Pablo Software Solutions Quick 'n Easy Mail Server 3.3 allows remote attackers to cause a denial of service (daemon outage or CPU consumption) via multiple long SMTP commands, as demonstrated by HELO commands.
CVE-2008-4384 3 Iseemedia, Mgi Software, Roxio 3 Lpviewer, Lpviewer, Lpviewer 2026-04-23 N/A
Multiple stack-based buffer overflows in MGI Software LPViewer ActiveX control (LPControl.dll), as acquired by Roxio and iseemedia, allow remote attackers to execute arbitrary code via the (1) url, (2) toolbar, and (3) enableZoomPastMax methods.
CVE-2009-2363 1 Yukudr 1 Audioplus 2026-04-23 N/A
Stack-based buffer overflow in KUDRSOFT AudioPLUS 2.00.215 allows remote attackers to execute arbitrary code via a .pls playlist file with a playlist entry containing a long File1 argument.
CVE-2008-4458 1 E-php Scripts 1 B2b Trading Marketplace Script 2026-04-23 N/A
SQL injection vulnerability in listings.php in E-Php B2B Trading Marketplace Script allows remote attackers to execute arbitrary SQL commands via the cid parameter in a product action.
CVE-2008-4464 1 Vastal I-tech 1 Mag Zone 2026-04-23 N/A
SQL injection vulnerability in view_mags.php in Vastal I-Tech Mag Zone allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
CVE-2009-3070 2 Mozilla, Redhat 2 Firefox, Enterprise Linux 2026-04-23 N/A
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2009-3074 2 Mozilla, Redhat 2 Firefox, Enterprise Linux 2026-04-23 N/A
Unspecified vulnerability in the JavaScript engine in Mozilla Firefox before 3.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2009-3079 2 Mozilla, Redhat 2 Firefox, Enterprise Linux 2026-04-23 N/A
Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter.
CVE-2009-1346 1 Interguias 1 Nethoteles 2026-04-23 N/A
SQL injection vulnerability in publico/ficha.php in NetHoteles 3.0 allows remote attackers to execute arbitrary SQL commands via the id_establecimiento parameter.
CVE-2008-1333 1 Asterisk 1 Open Source 2026-04-23 N/A
Format string vulnerability in Asterisk Open Source 1.6.x before 1.6.0-beta6 might allow remote attackers to execute arbitrary code via logging messages that are not properly handled by (1) the ast_verbose logging API call, or (2) the astman_append function.
CVE-2006-5974 1 Fetchmail 1 Fetchmail 2026-04-23 N/A
fetchmail 6.3.5 and 6.3.6 before 6.3.6-rc4, when refusing a message delivered via the mda option, allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger a NULL pointer dereference when calling the (1) ferror or (2) fflush functions.