Search
31,027 CVEs · Critical severity
CVEs (31,027, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 76–100 of 31,027 (capped at 500)
| CVE ID ↑ | Severity | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2006-3100 | CRITICAL | 9.8 | 2019-11-06 | termpkg 3.3 suffers from buffer overflow. | |
| CVE-2006-3136 | CRITICAL | 9.8 | 2006-06-22 | Multiple PHP remote file inclusion vulnerabilities in Nucleus 3.23 allow remote attackers to execute arbitrary PHP code via a URL the DIR_LIBS parameter in (1) path/action.… | |
| CVE-2006-4243 | CRITICAL | Patched | 9.8 | 2019-11-06 | linux vserver 2.6 before 2.6.17 suffers from privilege escalation in remount code. |
| CVE-2006-4264 | CRITICAL | 9.8 | 2006-08-21 | Multiple PHP remote file inclusion vulnerabilities in the lmtg_myhomepage Component (com_lmtg_myhomepage) for Mambo allow remote attackers to execute arbitrary PHP code via… | |
| CVE-2006-4428 | CRITICAL | 9.8 | 2006-08-29 | PHP remote file inclusion vulnerability in index.php in Jupiter CMS 1.1.5 allows remote attackers to execute arbitrary PHP code via a URL in the template parameter. NOTE: … | |
| CVE-2006-5021 | CRITICAL | 9.8 | 2006-09-27 | Multiple PHP remote file inclusion vulnerabilities in redgun RedBLoG 0.5 allow remote attackers to execute arbitrary PHP code via a URL in (1) the root parameter in imgen.p… | |
| CVE-2006-5024 | CRITICAL | Patched | 9.8 | 2006-09-27 | Multiple unspecified vulnerabilities in Paisterist Simple HTTP Scanner (sHTTPScanner) before 0.4 have unknown impact and attack vectors. |
| CVE-2006-5603 | CRITICAL | 9.8 | 2006-10-30 | SQL injection vulnerability in pop_mail.asp in Snitz Forums 2000 3.4.06 allows remote attackers to execute arbitrary SQL commands via the RC parameter. NOTE: the provenanc… | |
| CVE-2006-5610 | CRITICAL | 9.8 | 2006-10-31 | PHP remote file inclusion vulnerability in player/includes/common.php in Teake Nutma Foing, as modified in Fully Modded phpBB (phpbbfm) 2021.4.40, allows remote attackers t… | |
| CVE-2006-5678 | CRITICAL | 9.8 | 2006-11-03 | PHP remote file inclusion vulnerability in common/visiteurs/include/library.inc.php in J-Pierre DEZELUS Les Visiteurs 2.0.1, as used in phpMyConferences (phpMyConference) 8… | |
| CVE-2006-6024 | CRITICAL | 9.8 | 2006-11-21 | Multiple buffer overflows in Eudora Worldmail, possibly Worldmail 3 version 6.1.22.0, have unknown impact and attack vectors, as demonstrated by the (1) "Eudora WorldMail s… | |
| CVE-2006-6863 | CRITICAL | 9.8 | 2006-12-31 | PHP remote file inclusion vulnerability in the Enigma2 plugin (Enigma2.php) in Enigma WordPress Bridge allows remote attackers to execute arbitrary PHP code via a URL in th… | |
| CVE-2006-6975 | CRITICAL | 9.8 | 2007-02-08 | PHP remote file inclusion vulnerability in centipaid_class.php in CentiPaid 1.4.3 allows remote attackers to execute arbitrary code via a URL in the class_pwd parameter. N… | |
| CVE-2006-7079 | CRITICAL | Patched | 9.8 | 2007-03-02 | Variable extraction vulnerability in include/common.php in exV2 2.0.4.3 and earlier allows remote attackers to overwrite arbitrary program variables and conduct directory t… |
| CVE-2006-7105 | CRITICAL | 9.8 | 2007-03-03 | PHP remote file inclusion vulnerability in libs/Smarty.class.php in Smarty 2.6.9 allows remote attackers to execute arbitrary PHP code via a URL in the filename parameter. … | |
| CVE-2007-0158 | CRITICAL | 9.8 | 2019-12-27 | thttpd 2007 has buffer underflow. | |
| CVE-2007-0681 | CRITICAL | Patched | 9.8 | 2007-02-03 | profile.php in ExtCalendar 2 and earlier allows remote attackers to change the passwords of arbitrary users without providing the original password, and possibly perform ot… |
| CVE-2007-0899 | CRITICAL | Patched | 9.8 | 2019-11-06 | There is a possible heap overflow in libclamav/fsg.c before 0.100.0. |
| CVE-2007-1383 | CRITICAL | 9.8 | 2007-03-10 | Integer overflow in the 16 bit variable reference counter in PHP 4 allows context-dependent attackers to execute arbitrary code by overflowing this counter, which causes th… | |
| CVE-2007-1399 | CRITICAL | Patched | 9.8 | 2007-03-10 | Stack-based buffer overflow in the zip:// URL wrapper in PECL ZIP 1.8.3 and earlier, as bundled with PHP 5.2.0 and 5.2.1, allows remote attackers to execute arbitrary code … |
| CVE-2007-1966 | CRITICAL | 9.1 | 2007-04-11 | Session fixation vulnerability in eXV2 CMS 2.0.4.3 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID cookie. | |
| CVE-2007-2020 | CRITICAL | 9.8 | 2007-04-12 | Unspecified vulnerability in administration.php in xodagallery allows remote attackers to execute arbitrary code via the cmd parameter. NOTE: CVE disputes this vulnerabilit… | |
| CVE-2007-2422 | CRITICAL | 9.8 | 2007-05-02 | Multiple PHP remote file inclusion vulnerabilities in Modules Builder (modbuild) 4.1 for Comdev One Admin allow remote attackers to execute arbitrary PHP code via a URL in … | |
| CVE-2007-2534 | CRITICAL | 9.8 | 2007-05-09 | Multiple SQL injection vulnerabilities in admin.php in phpHoo3 allow remote attackers to execute arbitrary SQL commands via the (1) ADMIN_USER (USER) and (2) ADMIN_PASS (PA… | |
| CVE-2007-3010 | CRITICAL | Patched | 9.8 | 2007-09-18 | masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server R7.1 and earlier allows remote attackers to execute arbitrary commands via shel… |