Export limit exceeded: 363638 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363638 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363638 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363638 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2011-4040 1 Njstar 1 Njstar Communicator 2025-04-11 N/A
Buffer overflow in MiniSmtp 3.0.11818 in NJStar Communicator allows remote attackers to execute arbitrary code via a crafted packet.
CVE-2011-4047 1 Dell 1 Kace K2000 Systems Deployment Appliance 2025-04-11 N/A
The Dell KACE K2000 System Deployment Appliance allows remote attackers to execute arbitrary commands by leveraging database write access.
CVE-2009-4000 1 Hp 1 Power Manager 2025-04-11 N/A
Directory traversal vulnerability in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to overwrite arbitrary files, and execute arbitrary code, via directory traversal sequences in the fileName parameter.
CVE-2010-0004 1 Viewvc 1 Viewvc 2025-04-11 N/A
ViewVC before 1.1.3 composes the root listing view without using the authorizer for each root, which might allow remote attackers to discover private root names by reading this view.
CVE-2010-1869 1 Artifex 1 Gpl Ghostscript 2025-04-11 N/A
Stack-based buffer overflow in the parser function in GhostScript 8.70 and 8.64 allows context-dependent attackers to execute arbitrary code via a crafted PostScript file.
CVE-2010-2509 1 2daybiz 1 Web Template Software 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in 2daybiz Web Template Software allow remote attackers to inject arbitrary web script or HTML via the (1) keyword parameter to category.php and the (2) password parameter to memberlogin.php.
CVE-2010-3796 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-11 N/A
Safari RSS in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not block Java applets in an RSS feed, which allows remote attackers to obtain sensitive information via a feed: URL containing an applet that performs DOM modifications.
CVE-2011-2131 1 Adobe 2 Creative Suite, Photoshop 2025-04-11 N/A
Adobe Photoshop 12.0 in Creative Suite 5 (CS5) and 12.1 in Creative Suite 5.1 (CS5.1) allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted GIF file.
CVE-2011-2322 1 Oracle 1 Database Server 2025-04-11 N/A
Unspecified vulnerability in the Database Vault component in Oracle Database Server 11.1.0.7 allows remote authenticated users to affect integrity and availability, related to SYSDBA.
CVE-2011-2771 1 Mahara 1 Mahara 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Mahara before 1.4.1 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) URI attributes and (2) the External Feed component, as demonstrated by the guid element in an RSS feed.
CVE-2011-2773 1 Mahara 1 Mahara 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in Mahara before 1.4.1 allows remote attackers to hijack the authentication of administrators for requests that add a user to an institution.
CVE-2011-2774 1 Mahara 1 Mahara 2025-04-11 N/A
The "Reply to message" feature in Mahara 1.3.x and 1.4.x before 1.4.1 allows remote authenticated users to read the messages of a different user via a modified replyto parameter.
CVE-2011-4118 1 Mahara 1 Mahara 2025-04-11 N/A
Mahara before 1.4.1, when MNet (aka the Moodle network feature) is used, allows remote authenticated users to gain privileges via a jump to an XMLRPC target.
CVE-2012-0417 1 Novell 1 Groupwise 2025-04-11 N/A
Integer overflow in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2012-0418 2 Microsoft, Novell 2 Windows, Groupwise 2025-04-11 N/A
Unspecified vulnerability in the client in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 on Windows allows user-assisted remote attackers to execute arbitrary code via a crafted file.
CVE-2012-0453 1 Mozilla 1 Bugzilla 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in xmlrpc.cgi in Bugzilla 4.0.2 through 4.0.4 and 4.1.1 through 4.2rc2, when mod_perl is used, allows remote attackers to hijack the authentication of arbitrary users for requests that modify the product's installation via the XML-RPC API.
CVE-2012-6625 1 Vasthtml 1 Forumpress 2025-04-11 N/A
SQL injection vulnerability in fs-admin/fs-admin.php in the ForumPress WP Forum Server plugin before 1.7.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the groupid parameter in an editgroup action.
CVE-2012-6626 1 Brian Cabunac 1 Browser To Email Phone Message System 2025-04-11 N/A
SQL injection vulnerability in verify-user.php in b2ePMS 1.0 allows remote attackers to execute arbitrary SQL commands via the username field.
CVE-2008-7303 1 Apple 1 Mac Os X 2025-04-11 N/A
The nonet and nointernet sandbox profiles in Apple Mac OS X 10.5.x do not propagate restrictions to all created processes, which allows remote attackers to access network resources via a crafted application, as demonstrated by use of launchctl to trigger the launchd daemon's execution of a script file, a related issue to CVE-2011-1516.
CVE-2011-3646 1 Phpmyadmin 1 Phpmyadmin 2025-04-11 N/A
phpmyadmin.css.php in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to obtain sensitive information via an array-typed js_frame parameter to phpmyadmin.css.php, which reveals the installation path in an error message.