Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-2652 1 Free-sa 1 Free-sa 2026-04-23 N/A
Multiple unspecified vulnerabilities in Free-SA before 1.2.2 allow remote attackers to execute arbitrary code via unspecified vectors involving certain (1) sprintf and (2) vsprintf calls in (a) r_index.c, (b) r_reports.c, (c) r_topsites.c, (d) r_topuser.c, (e) r_typical.c, (f) r_userdatetime.c, and (g) r_users.c in reports/; and (h) w_fs.c, (i) w_internal.c, and (j) w_log_operations.c in work/, probably related to buffer overflows. NOTE: some of these details are obtained from third party information.
CVE-2007-2657 1 Precisionid Barcode 1 Precisionid Barcode 2026-04-23 N/A
Unspecified vulnerability in the PrecisionID Barcode 1.3 ActiveX control in PrecisionID_DataMatrix.DLL allows remote attackers to cause a denial of service via a long argument to the SaveBarCode method.
CVE-2007-2671 1 Mozilla 1 Firefox 2026-04-23 N/A
Mozilla Firefox 2.0.0.3 allows remote attackers to cause a denial of service (application crash) via a long hostname in an HREF attribute in an A element, which triggers an out-of-bounds memory access.
CVE-2007-2672 1 Thinc4orce Marketing Group 1 Php Coupon Script 2026-04-23 N/A
SQL injection vulnerability in index.php in PHP Coupon Script 3.0 allows remote attackers to execute arbitrary SQL commands via the bus parameter in a viewbus page.
CVE-2007-2674 1 Pre Projects 1 Pre Shopping Mall 2026-04-23 N/A
SQL injection vulnerability in detail.php in Pre Shopping Mall 1.0 allows remote attackers to execute arbitrary SQL commands via the prodid parameter.
CVE-2007-2678 1 Netsprint 1 Netsprint Toolbar 2026-04-23 N/A
Buffer overflow in the isChecked function in toolbar.dll in Netsprint Toolbar 1.1 might allow remote attackers to execute arbitrary code via unspecified vectors.
CVE-2007-2680 1 Canon 3 Network Camera Server Vb100, Network Camera Server Vb101, Network Camera Server Vb150 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the management interface in Canon Network Camera Server VB100 and VB101 with firmware 3.0 R69 and earlier, and VB150 with firmware 1.1 R39 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2007-2689 1 Checkpoint 1 Web Intelligence 2026-04-23 N/A
Check Point Web Intelligence does not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic.
CVE-2007-2690 1 Iss 3 Proventia A Series Xpu, Proventia G Series Xpu, Proventia M Series Xpu 2026-04-23 N/A
Multiple IBM ISS Proventia Series products, including the A, G, and M series, do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic.
CVE-2007-2700 1 Bea 1 Weblogic Server 2026-04-23 N/A
The WLST script generated by the configToScript command in BEA WebLogic Express and WebLogic Server 9.0 and 9.1 does not encrypt certain attributes in configuration files when creating a new domain, which allows remote authenticated users to obtain sensitive information.
CVE-2007-2711 1 Tinyirc 1 Tinyidentd 2026-04-23 N/A
Stack-based buffer overflow in TinyIdentD 2.2 and earlier allows remote attackers to execute arbitrary code via a long string to TCP port 113.
CVE-2007-1954 1 Archivexpert 1 Archivexpert 2026-04-23 N/A
Multiple directory traversal vulnerabilities in ArchiveXpert 2.02 build 80 allow remote attackers to create files in arbitrary directories via a .. (dot dot) in a (1) .gz, (2) .jar, (3) .rar, (4) .tar.gz, (5) .zip, or (6) .tar file.
CVE-2007-2763 1 Sienzo 1 Digital Music Mentor 2026-04-23 N/A
Buffer overflow in the UnlockSupport function in the LockModules subsystem in a certain ActiveX control in ltmm15.dll in Sienzo Digital Music Mentor (DMM) 2.6.0.4 allows remote attackers to execute arbitrary code via a long string in the second argument, a different issue than CVE-2007-2564.
CVE-2007-1957 1 Guernion Sylvain Portail 1 Web Php 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in Guernion Sylvain Portail Web Php (aka Gsylvain35 Portail Web, PwP) allow remote attackers to execute arbitrary PHP code via a URL in the pageAll parameter to index.php in (1) template/Vert/, or (2) template/Noir/.
CVE-2007-2712 1 Mh Software 1 Connect Daily 2026-04-23 N/A
Unspecified vulnerability in MH Software Connect Daily before 3.3.3 has unknown impact and attack vectors.
CVE-2007-2714 1 Matt Mullenweg 1 Akismet 2026-04-23 N/A
Unspecified vulnerability in akismet.php in Matt Mullenweg Akismet before 2.0.2, a WordPress plugin, has unknown impact and attack vectors.
CVE-2007-2715 1 Snaps Gallery 1 Snaps Gallery 2026-04-23 N/A
Admin/users.php in Snaps! Gallery 1.4.4 allows remote attackers to change arbitrary usernames and passwords via the (1) username, or the (2) password and password2 parameters in an edit action.
CVE-2007-2716 1 Eqdkp 1 Eqdkp 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in EQdkp 1.3.2c and earlier allow remote attackers to inject arbitrary web script or HTML via the show parameter to (1) listmembers.php and (2) stats.php. NOTE: some of these details are obtained from third party information.
CVE-2007-2756 2 Libgd, Redhat 3 Libgd, Enterprise Linux, Rhel Application Stack 2026-04-23 N/A
The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng.
CVE-2007-2752 1 Runawaysoft 1 Haber Portal 2026-04-23 N/A
SQL injection vulnerability in devami.asp in RunawaySoft Haber portal 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.