Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-3179 1 Particle Blogger 1 Particle Blogger 2026-04-23 N/A
Multiple SQL injection vulnerabilities in archives.php in Particle Blogger 1.2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the month parameter and other unspecified vectors.
CVE-2007-3952 1 Norman 1 Normon Antivirus 2026-04-23 N/A
The OLE2 parsing in Norman Antivirus before 5.91.02 allows remote attackers to bypass the malware detection via a crafted DOC file, resulting from an "integer cast around".
CVE-2007-4242 1 Astaro 1 Security Gateway 2026-04-23 N/A
The pop3 Proxy in Astaro Security Gateway (ASG) 7 does not perform virus scanning of attachments that exceed the maximum attachment size, and passes these attachments, which allows remote attackers to bypass this scanning via a large attachment.
CVE-2007-4243 1 Astaro 1 Security Gateway 2026-04-23 N/A
Unspecified vulnerability in pfilter-reporter.pl in Astaro Security Gateway (ASG) 7 allows remote attackers to cause a denial of service (CPU consumption) via certain network traffic, as demonstrated by P2P and iTunes applications that download large amounts of data.
CVE-2007-3212 1 Beehive Forum 1 Beehive Forum 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in links.php in Beehive Forum 0.7.1 allow remote attackers to inject arbitrary web script or HTML via the (1) viewmode, (2) fid, and (3) sort_dir parameters, different vectors than CVE-2005-4460.
CVE-2006-5874 1 Clam Anti-virus 1 Clamav 2026-04-23 N/A
Clam AntiVirus (ClamAV) 0.88 and earlier allows remote attackers to cause a denial of service (crash) via a malformed base64-encoded MIME attachment that triggers a null pointer dereference.
CVE-2007-3486 1 Altavista 1 Search Engine 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in AltaVista search engine allows remote attackers to inject arbitrary web script or HTML via the text parameter to the default URI.
CVE-2007-3491 1 Progress 1 Openedge 2026-04-23 N/A
Buffer overflow in _mprosrv in Progress Software OpenEdge before 9.1E0422, and 10.x before 10.1B01, allows remote attackers to have an unknown impact via a malformed TCP/IP message.
CVE-2007-3497 1 Microsoft 1 Internet Explorer 2026-04-23 N/A
Microsoft Internet Explorer 7 allows remote attackers to determine the existence of page history via the history.length JavaScript variable.
CVE-2007-1655 1 Tinymux 1 Tinymux 2026-04-23 N/A
Buffer overflow in the fun_ladd function in funmath.cpp in TinyMUX before 20070126 might allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors related to lists of numbers.
CVE-2007-2417 2 Progress, Rsa 4 Openedge, Progress, Ace Server and 1 more 2026-04-23 N/A
Heap-based buffer overflow in _mprosrv.exe in Progress Software Progress 9.1E and OpenEdge 10.1x, as used by the RSA Authentication Manager 6.0 and 6.1, SecurID Appliance 2.0, ACE/Server 5.2, and possibly other products, allows remote attackers to execute arbitrary code via crafted packets. NOTE: this issue might overlap CVE-2007-3491.
CVE-2007-4630 1 Xigla 1 Absolute Poll Manager Xe 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in xlaapmview.asp in Absolute Poll Manager XE 4.1 allows remote attackers to inject arbitrary web script or HTML via the msg parameter.
CVE-2007-3515 1 Sweetphp 1 Totalcalendar 2026-04-23 N/A
SQL injection vulnerability in view_event.php in TotalCalendar 2.402 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-3518 1 Hispah 1 Youtube Clone Script 2026-04-23 N/A
SQL injection vulnerability in msg.php in HispaH YouTube Clone Script (youtubeclone) allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-3519 1 Wesmo 1 Phpeventcalendar 2026-04-23 N/A
SQL injection vulnerability in eventdisplay.php in phpEventCalendar 0.2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-3520 1 Easybe 1 1-2-3 Music Store 2026-04-23 N/A
SQL injection vulnerability in process.php in Easybe 1-2-3 Music Store allows remote attackers to execute arbitrary SQL commands via the CategoryID parameter.
CVE-2007-3521 1 Arcadebuilder 1 Game Portal Manager 2026-04-23 N/A
SQL injection vulnerability in ArcadeBuilder Game Portal Manager 1.7 allows remote attackers to execute arbitrary SQL commands via a usercookie cookie.
CVE-2007-3523 1 Groupeclan.free.fr 1 Xcms 2026-04-23 N/A
Multiple directory traversal vulnerabilities in Module/Galerie.php in XCMS 1.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) Ent or (2) Lang parameter.
CVE-2007-4482 1 Wordpress 1 Pool 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in the Pool 1.0.7 theme for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF).
CVE-2006-6117 1 Fipsasp 1 Fipsgallery 2026-04-23 N/A
SQL injection vulnerability in index1.asp in fipsGallery 1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the which parameter.