Total
346613 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-0775 | 2 Mozilla, Redhat | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allow remote attackers to cause a denial of service (crash) and potentially execute arbitrary code via certain vectors. | ||||
| CVE-2006-5451 | 1 Torrentflux | 1 Torrentflux | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in TorrentFlux 2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) action, (2) file, and (3) users array variables in (a) admin.php, which are not properly handled when the administrator views the Activity Log; and the (4) torrent parameter, as used by the displayName variable, in (b) startpop.php, different vectors than CVE-2006-5227. | ||||
| CVE-2006-5663 | 1 Ibm | 3 Informix Client Sdk, Informix Dynamic Server, Informix I-connect | 2026-04-23 | N/A |
| IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 use insecure permissions for installation scripts, which allows local users to gain privileges by modifying the scripts. | ||||
| CVE-2009-4187 | 1 Sun | 2 Java System Portal Server, Solaris | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Gateway component in Sun Java System Portal Server 6.3.1, 7.1, and 7.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2007-1930 | 1 Cattadoc | 1 Cattadoc | 2026-04-23 | N/A |
| Directory traversal vulnerability in download2.php in cattaDoc 2.21, and possibly other versions including 3.0, allows remote attackers to read arbitrary files via a .. (dot dot) in the fn1 parameter. | ||||
| CVE-2009-4207 | 2 Drupal, Nathan Haug | 2 Drupal, Webform | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Webform module 5.x before 5.x-2.7 and 6.x before 6.x-2.7, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via a submission. | ||||
| CVE-2007-1931 | 1 Smodcms | 1 Smodcms | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in the slownik module in SmodCMS 2.10 and earlier allows remote attackers to execute arbitrary SQL commands via the ssid parameter. | ||||
| CVE-2007-1932 | 1 Scar4u | 1 Scarnews | 2026-04-23 | N/A |
| Directory traversal vulnerability in scarnews.inc.php in ScarNews 1.2.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the sn_admin_dir parameter. | ||||
| CVE-2007-0777 | 3 Canonical, Mozilla, Redhat | 5 Ubuntu Linux, Firefox, Seamonkey and 2 more | 2026-04-23 | N/A |
| The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption. | ||||
| CVE-2007-1946 | 1 Microsoft | 1 Windows Xp | 2026-04-23 | N/A |
| Integer overflow in Windows Explorer in Microsoft Windows XP SP1 might allow user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large width dimension in a crafted BMP image, as demonstrated by w4intof.bmp. | ||||
| CVE-2007-1949 | 1 Webblizzard | 1 Content Management System | 2026-04-23 | N/A |
| Session fixation vulnerability in WebBlizzard CMS allows remote attackers to hijack web sessions by setting a PHPSESSID cookie. | ||||
| CVE-2009-4514 | 2 Astha Bhatnagar, Drupal | 2 Shindigintegrator, Drupal | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the OpenSocial Shindig-Integrator module 5.x and 6.x before 6.x-2.1, a module for Drupal, allows remote authenticated users, with "create application" privileges, to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2009-4515 | 2 Drupal, Speedtech | 2 Drupal, Storm | 2026-04-23 | N/A |
| The Storm module 6.x before 6.x-1.25 for Drupal does not enforce privilege requirements for storminvoiceitem nodes, which allows remote attackers to read node titles via unspecified vectors. | ||||
| CVE-2007-0789 | 1 Mambo | 1 Mambo | 2026-04-23 | N/A |
| SQL injection vulnerability in Mambo before 4.5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors in cancel edit functions, possibly related to the id parameter. | ||||
| CVE-2009-4516 | 2 Drupal, Nanwich | 2 Drupal, Faq Ask | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the FAQ Ask module 5.x and 6.x before 6.x-2.0, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2007-1953 | 1 Onelook | 1 Courts Online | 2026-04-23 | N/A |
| Session fixation vulnerability in onelook courts on-line allows remote attackers to hijack web sessions by setting a PHPSESSID cookie. | ||||
| CVE-2006-5670 | 1 Free Php Scripts | 1 Free Image Hosting | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in forgot_pass.php in Free Image Hosting 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AD_BODY_TEMP parameter. | ||||
| CVE-2007-0790 | 1 Smartftp | 1 Smartftp | 2026-04-23 | N/A |
| Heap-based buffer overflow in SmartFTP 2.0.1002 allows remote FTP servers to execute arbitrary code via a large banner. | ||||
| CVE-2009-4517 | 2 Drupal, Nanwich | 2 Drupal, Faq Ask | 2026-04-23 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the FAQ Ask module 5.x and 6.x before 6.x-2.0, a module for Drupal, allows remote attackers to hijack the authentication of arbitrary users for requests that access unpublished content. | ||||
| CVE-2006-4169 | 1 Squirrelmail | 1 Gpg Plugin | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in the G/PGP (GPG) Plugin 2.0, and 2.1dev before 20070614, for Squirrelmail allow remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the help parameter to (1) gpg_help.php or (2) gpg_help_base.php. | ||||