Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-4316 | 1 Zyxel | 2 Zynos, Zywall 2 | 2026-04-23 | N/A |
| The management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device has a certain default password, which allows remote attackers to perform administrative actions. | ||||
| CVE-2007-5380 | 1 David Hansson | 1 Ruby On Rails | 2026-04-23 | N/A |
| Session fixation vulnerability in Rails before 1.2.4, as used for Ruby on Rails, allows remote attackers to hijack web sessions via unspecified vectors related to "URL-based sessions." | ||||
| CVE-2009-2764 | 1 Microsoft | 2 Internet Explorer, Windows 7 | 2026-04-23 | N/A |
| Microsoft Internet Explorer 8.0.7100.0 on Windows 7 RC on the x64 platform allows remote attackers to cause a denial of service (application crash) via a certain DIV element in conjunction with SCRIPT elements that have empty contents and no reference to a valid external script location. | ||||
| CVE-2007-2749 | 1 Faqengine | 1 Faqengine | 2026-04-23 | N/A |
| SQL injection vulnerability in question.php in FAQEngine 4.16.03 and earlier allows remote attackers to execute arbitrary SQL commands via the questionref parameter in a display action. | ||||
| CVE-2007-1292 | 1 Jelsoft | 1 Vbulletin | 2026-04-23 | N/A |
| SQL injection vulnerability in inlinemod.php in Jelsoft vBulletin before 3.5.8, and before 3.6.5 in the 3.6.x series, might allow remote authenticated users to execute arbitrary SQL commands via the postids parameter. NOTE: the vendor states that the attack is feasible only in circumstances "almost impossible to achieve." | ||||
| CVE-2007-3660 | 1 Nonnoi Solutions | 1 Asp Barcode | 2026-04-23 | N/A |
| The Nonnoi ASP/Barcode ActiveX control (nonnoi_ASPBarcode.dll) allows remote attackers to overwrite arbitrary files via an argument to the SaveBarcode function. | ||||
| CVE-2007-4229 | 1 Kde | 1 Konqueror | 2026-04-23 | N/A |
| Unspecified vulnerability in KDE Konqueror 3.5.7 and earlier allows remote attackers to cause a denial of service (failed assertion and application crash) via certain malformed HTML, as demonstrated by a document containing TEXTAREA, BUTTON, BR, BDO, PRE, FRAMESET, and A tags. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-1070 | 2 Microsoft, Trend Micro | 6 Windows 2000, Windows 2003 Server, Windows Nt and 3 more | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in Trend Micro ServerProtect for Windows and EMC 5.58, and for Network Appliance Filer 5.61 and 5.62, allow remote attackers to execute arbitrary code via crafted RPC requests to TmRpcSrv.dll that trigger overflows when calling the (1) CMON_NetTestConnection, (2) CMON_ActiveUpdate, and (3) CMON_ActiveRollback functions in (a) StCommon.dll, and (4) ENG_SetRealTimeScanConfigInfo and (5) ENG_SendEMail functions in (b) eng50.dll. | ||||
| CVE-2007-3666 | 1 Symantec | 1 Norton Ghost | 2026-04-23 | N/A |
| Buffer overflow in RemoteCommand.DLL in Symantec Norton Ghost 12.0 allows remote attackers to execute arbitrary code via the Connect function. | ||||
| CVE-2006-6430 | 1 Xerox | 6 Workcentre 232, Workcentre 238, Workcentre 245 and 3 more | 2026-04-23 | N/A |
| Web services in Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 do not require HTTPS, which allows remote attackers to obtain sensitive information by sniffing the unencrypted HTTP traffic. | ||||
| CVE-2007-1075 | 1 Turbosoft | 1 Turboftp | 2026-04-23 | N/A |
| TurboFTP 5.30 Build 572 allows remote servers to cause a denial of service (CPU consumption) via a response with a large number of newline characters. | ||||
| CVE-2006-6192 | 1 8pixel.net | 1 Simple Blog | 2026-04-23 | N/A |
| Unspecified scripts in the admin directory in 8pixel.net SimpleBlog 3.0 and earlier do not properly perform authentication, which allows remote attackers to add users and perform certain other unauthorized privileged actions. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-0905 | 2 Php, Trustix | 2 Php, Secure Linux | 2026-04-23 | N/A |
| PHP before 5.2.1 allows attackers to bypass safe_mode and open_basedir restrictions via unspecified vectors in the session extension. NOTE: it is possible that this issue is a duplicate of CVE-2006-6383. | ||||
| CVE-2007-3665 | 1 Symantec | 1 Norton Ghost | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in FileBackup.DLL in Symantec Norton Ghost 12.0 allow remote attackers to cause a denial of service via unspecified vectors involving the UpdateCatalog and other functions. | ||||
| CVE-2007-2334 | 1 Nortel | 2 Contivity, Vpn Router 5000 | 2026-04-23 | N/A |
| Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 has two template HTML files lacking certain verification tags, which allows remote attackers to access the administration interface and change the device configuration via certain requests. | ||||
| CVE-2007-4262 | 1 Ez Photo Sales | 1 Ez Photo Sales | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in EZPhotoSales 1.9.3 and earlier allows remote authenticated administrators to upload and execute arbitrary PHP code under OnlineViewing/galleries/. | ||||
| CVE-2007-1271 | 1 Vmware | 1 Esx | 2026-04-23 | N/A |
| Buffer overflow in VMware ESX Server 3.0.0 and 3.0.1 might allow attackers to gain privileges or cause a denial of service (application crash) via unspecified vectors. | ||||
| CVE-2007-1273 | 2 Navision, Netbsd | 2 Financials Server, Netbsd | 2026-04-23 | N/A |
| Integer overflow in the ktruser function in NetBSD-current before 20061022, NetBSD 3 and 3-0 before 20061024, and NetBSD 2 before 20070209, when the kernel is built with the COMPAT_FREEBSD or COMPAT_DARWIN option, allows local users to cause a denial of service and possibly gain privileges. | ||||
| CVE-2007-1286 | 2 Php, Redhat | 3 Php, Enterprise Linux, Rhel Stronghold | 2026-04-23 | N/A |
| Integer overflow in PHP 4.4.4 and earlier allows remote context-dependent attackers to execute arbitrary code via a long string to the unserialize function, which triggers the overflow in the ZVAL reference counter. | ||||
| CVE-2007-2607 | 1 Lavague | 1 Lavague | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in views/print/printbar.php in LaVague 0.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the views_path parameter. | ||||