Export limit exceeded: 29885 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29885 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-3341 | 1 Microsoft | 2 All Windows, Internet Explorer | 2025-04-09 | N/A |
| Unspecified vulnerability in the FTP implementation in Microsoft Internet Explorer allows remote attackers to "see a valid memory address" via unspecified vectors, a different issue than CVE-2007-0217. | ||||
| CVE-2007-3721 | 1 Freebsd | 1 Freebsd | 2025-04-09 | N/A |
| The ULE process scheduler in the FreeBSD kernel gives preference to "interactive" processes that perform voluntary sleeps, which allows local users to cause a denial of service (CPU consumption), as described in "Secretly Monopolizing the CPU Without Superuser Privileges." | ||||
| CVE-2007-3351 | 3 Dell, Microsoft, Sj Labs | 3 Axim X3, Windows Mobile, Sjphone | 2025-04-09 | N/A |
| The SJPhone SIP soft phone 1.60.303c, when installed on the Dell Axim X3 running Windows Mobile 2003, allows remote attackers to cause a denial of service (device hang and traffic amplification) via a direct crafted INVITE transaction, which causes the phone to transmit many RTP packets. | ||||
| CVE-2007-3350 | 2 Aol, Microsoft | 2 Instant Messenger, Windows Xp | 2025-04-09 | N/A |
| AOL Instant Messenger (AIM) 6.1.32.1 on Windows XP allows remote attackers to cause a denial of service (application hang) via a flood of spoofed SIP INVITE requests. | ||||
| CVE-2007-3357 | 1 Scriptdevelopers.net | 1 Netclassifieds | 2025-04-09 | N/A |
| NetClassifieds Premium Edition does not use encryption for (1) stored passwords or (2) sensitive data, which might allow attackers to obtain information via certain vectors. | ||||
| CVE-2007-3360 | 1 Bitchx | 1 Bitchx | 2025-04-09 | N/A |
| hook.c in BitchX 1.1-final allows remote IRC servers to execute arbitrary commands by sending a client certain data containing NICK and EXEC strings, which exceeds the bounds of a hash table, and injects an EXEC hook function that receives and executes shell commands. | ||||
| CVE-2007-3372 | 1 Avahi | 1 Avahi | 2025-04-09 | N/A |
| The Avahi daemon in Avahi before 0.6.20 allows attackers to cause a denial of service (exit) via empty TXT data over D-Bus, which triggers an assert error. | ||||
| CVE-2007-3368 | 1 Polycom | 1 Soundpoint Ip 650 | 2025-04-09 | N/A |
| Buffer overflow in the HTTP server on the Polycom SoundPoint IP 601 SIP phone with BootROM 3.0.x+ allows remote attackers to cause a denial of service (device reboot) via a malformed CGI parameter. | ||||
| CVE-2007-3966 | 1 Iexpress | 1 Munch Pro | 2025-04-09 | N/A |
| SQL injection vulnerability in Munch Pro allows remote attackers to execute arbitrary SQL commands via the login field to /admin, a different vulnerability than CVE-2006-5880. | ||||
| CVE-2007-3969 | 1 Panda | 1 Panda Antivirus | 2025-04-09 | N/A |
| Buffer overflow in Panda Antivirus before 20070720 allows remote attackers to execute arbitrary code via a crafted EXE file, resulting from an "Integer Cast Around." | ||||
| CVE-2007-3971 | 1 Eset Software | 1 Nod32 Antivirus | 2025-04-09 | N/A |
| Integer overflow in ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service (CPU and disk consumption) via a crafted ASPACK packed file, which triggers an infinite loop. | ||||
| CVE-2007-3980 | 1 Rcms Pro | 1 Rgamescript Pro | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in page.php in RCMS Pro RGameScript Pro allows remote attackers to execute arbitrary PHP code via a URL in the id parameter. | ||||
| CVE-2007-3981 | 1 Wsn Links | 1 Wsn Links | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in WSN Links Basic Edition allows remote attackers to execute arbitrary SQL commands via the catid parameter in a displaycat action. | ||||
| CVE-2007-3989 | 1 Asp Indir | 1 Dora Emlak | 2025-04-09 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in default.asp in Dora Emlak 1.0, when the goster parameter is set to iletisim, allow remote attackers to inject arbitrary web script or HTML via the (1) Adiniz and (2) Soyadiniz parameters; and possibly other unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-3985 | 1 Securecomputing | 1 Securityreporter | 2025-04-09 | N/A |
| Directory traversal vulnerability in file.cgi in Secure Computing SecurityReporter (aka Network Security Analyzer) 4.6.3 allows remote attackers to download arbitrary files via a .. (dot dot) in the name parameter. | ||||
| CVE-2007-3993 | 1 Kerio | 1 Kerio Mailserver | 2025-04-09 | N/A |
| Unspecified vulnerability in the attachment filter in Kerio MailServer before 6.4.1 has unknown impact and remote attack vectors. | ||||
| CVE-2007-4007 | 1 Article Directory | 1 Article Directory | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in index.php in Article Directory (Article Site Directory) allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. | ||||
| CVE-2009-2940 | 2 Pygresql, Python | 2 Pygresql, Python | 2025-04-09 | N/A |
| The pygresql module 3.8.1 and 4.0 for Python does not properly support the PQescapeStringConn function, which might allow remote attackers to leverage escaping issues involving multibyte character encodings. | ||||
| CVE-2007-4027 | 1 Areca | 1 Cli | 2025-04-09 | N/A |
| Buffer overflow in cli32 in Areca CLI 1.72.250 and earlier might allow local users to gain privileges via a long argument. NOTE: this program is not setuid by default, but there are some usage scenarios in which an administrator might make it setuid. | ||||
| CVE-2007-4028 | 1 Webspell | 1 Webspell | 2025-04-09 | N/A |
| Absolute path traversal vulnerability in index.php in Webspell 4.01.02 allows remote attackers to include and execute arbitrary local files via a full pathname in the site parameter. NOTE: some of these details are obtained from third party information. | ||||