Export limit exceeded: 358793 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (358793 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-5995 | 1 Php-tools | 1 Patbbcode | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in examples/patExampleGen/bbcodeSource.php in patBBcode 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the example parameter. | ||||
| CVE-2007-3926 | 1 Ipswitch | 1 Imail Server | 2026-04-23 | N/A |
| Ipswitch IMail Server 2006 before 2006.21 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors involving an "overwritten destructor." | ||||
| CVE-2007-5992 | 1 Datecomm | 1 Social Networking Script | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in datecomm Social Networking Script (aka Myspace Clone Script) allows remote attackers to execute arbitrary SQL commands via the seid parameter in a viewcat s action on the forums page. | ||||
| CVE-2007-5911 | 1 Viewpoint | 1 Media Player | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in the AxMetaStream ActiveX control in AxMetaStream.dll 3.3.2.26 in Viewpoint Media Player 3.2 allow remote attackers to execute arbitrary code via a long string argument to the (1) BroadcastKey, (2) BroadcastKeyFileURL, (3) Component, (4) ComponentClassID, (5) ComponentFileName, (6) ExtraProperty, (7) Properties, (8) RequiredVersions, (9) Source, or (10) XMLText method. | ||||
| CVE-2007-5844 | 1 Guppy | 1 Guppy | 2026-04-23 | N/A |
| Directory traversal vulnerability in inc/includes.inc in GuppY 4.6.3 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the selskin parameter to index.php. NOTE: this can be leveraged for remote file inclusion by including inc/boxleft.inc and specifying a URL in the xposbox[L][] array parameter. | ||||
| CVE-2007-3837 | 1 Hydrairc | 1 Hydrairc | 2026-04-23 | N/A |
| Heap-based buffer overflow in HydraIRC 0.3.151 allows remote IRC servers to cause a denial of service (application crash) via a long CTCP request message containing '%' (percent) characters. | ||||
| CVE-2007-3835 | 1 Exlibris Group | 1 Metalib | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Ex Libris MetaLib 3.13 and 4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to a resource id that can be discovered through a search. | ||||
| CVE-2007-3834 | 1 Exlibris Group | 1 Aleph | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Ex Libris ALEPH allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to a URL that can be discovered through a keyword search. NOTE: this may be related to the MetaLib XSS issue, CVE-2007-3835. | ||||
| CVE-2007-3832 | 1 Cerulean Studios | 1 Trillian | 2026-04-23 | N/A |
| Buffer overflow in the AOL Instant Messenger (AIM) protocol handler in AIM.DLL in Cerulean Studios Trillian allows remote attackers to execute arbitrary code via a malformed aim: URI, as demonstrated by a long URI beginning with the aim:///#1111111/ substring. | ||||
| CVE-2007-3828 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| Unspecified vulnerability in mDNSResponder in Apple Mac OS X allows remote attackers to execute arbitrary code via unspecified vectors, a related issue to CVE-2007-2386. | ||||
| CVE-2007-3454 | 1 Trend Micro | 1 Officescan | 2026-04-23 | N/A |
| Stack-based buffer overflow in CGIOCommon.dll before 8.0.0.1042 in Trend Micro OfficeScan Corporate Edition 8.0 allows remote attackers to execute arbitrary code via long crafted requests, as demonstrated using a long session cookie to unspecified CGI programs that use this library. | ||||
| CVE-2007-3457 | 1 Adobe | 1 Flash Player | 2026-04-23 | N/A |
| Adobe Flash Player 8.0.34.0 and earlier insufficiently validates HTTP Referer headers, which might allow remote attackers to conduct a CSRF attack via a crafted SWF file. | ||||
| CVE-2007-3500 | 1 Xeforum | 1 Xeforum | 2026-04-23 | N/A |
| Xeweb XEForum allows remote attackers to gain privileges via a modified xeforum cookie. | ||||
| CVE-2007-3534 | 1 Daniel Toma | 1 Webchat | 2026-04-23 | N/A |
| SQL injection vulnerability in login.php in WebChat 0.78 allows remote attackers to execute arbitrary SQL commands via the rid parameter. | ||||
| CVE-2007-3469 | 1 Sun | 1 Solaris | 2026-04-23 | N/A |
| Unspecified vulnerability in the TCP Loopback/Fusion implementation in Sun Solaris 10 allows local users to cause a denial of service (resource exhaustion and service hang) via unspecified vectors. | ||||
| CVE-2007-3475 | 2 Gd Graphics Library, Redhat | 2 Gdlib, Enterprise Linux | 2026-04-23 | N/A |
| The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via a GIF image that has no global color map. | ||||
| CVE-2007-4278 | 1 Esri | 1 Arcsde | 2026-04-23 | N/A |
| Stack-based buffer overflow in the giomgr process in ESRI ArcSDE service 9.2, as used with ArcGIS, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number that requires more than 8 bytes to represent in ASCII, which triggers the overflow in an sprintf function call. | ||||
| CVE-2007-3480 | 1 Pc Soft | 1 Windev | 2026-04-23 | N/A |
| PCSoft WinDEV 11 (01F110053p) allows user-assisted remote attackers to cause a denial of service (infinite loop and resource consumption) via a malformed WDP project file. | ||||
| CVE-2007-3483 | 1 Rim | 1 Blackberry Enterprise Server | 2026-04-23 | N/A |
| Research in Motion BlackBerry Enterprise Server 4.0 through 4.1 has a default configuration that permits installation of arbitrary third-party applications on BlackBerry devices, which might facilitate loading of malware. | ||||
| CVE-2007-3486 | 1 Altavista | 1 Search Engine | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in AltaVista search engine allows remote attackers to inject arbitrary web script or HTML via the text parameter to the default URI. | ||||