Export limit exceeded: 29885 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29885 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-2953 | 2 Redhat, Vim Development Group | 2 Enterprise Linux, Vim | 2025-04-09 | N/A |
| Format string vulnerability in the helptags_one function in src/ex_cmds.c in Vim 6.4 and earlier, and 7.x up to 7.1, allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a help-tags tag in a help file, related to the helptags command. | ||||
| CVE-2006-5597 | 1 Minihttp | 1 Web Forum File Sharing Sever Powerpack | 2025-04-09 | N/A |
| join.asp in MiniHTTP Web Forum & File Server PowerPack 4.0 allows remote attackers to add or modify arbitrary user accounts via modified (1) frmMailBox and (2) frmUserPass parameters. | ||||
| CVE-2007-0357 | 1 Fritzdsl | 1 Fritzdsl | 2025-04-09 | N/A |
| Directory traversal vulnerability in the AVM IGD CTRL Service in Fritz!DSL 02.02.29 allows remote attackers to read arbitrary files via ..%5C (URL-encoded dot dot backslash) sequences in a URI requested from the AR7 webserver. | ||||
| CVE-2007-0358 | 1 Hp | 1 Jetdirect Firmware | 2025-04-09 | N/A |
| Unspecified vulnerability in the FTP server implementation in HP Jetdirect firmware x.20.nn through x.24.nn allows remote attackers to cause a denial of service via unknown vectors. | ||||
| CVE-2007-0359 | 1 Uberghey | 1 Cms | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in frontpage.php in Uberghey CMS 0.3.1 allows remote attackers to execute arbitrary PHP code via a URL in the setup_folder parameter. | ||||
| CVE-2007-0360 | 1 Oreon Project | 1 Oreon | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in lang/index.php in Oreon 1.2.3 RC4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the file parameter. | ||||
| CVE-2007-0362 | 1 Freshreader | 1 Freshreader | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in the RSS feed component in FreshReader before 1.0.07010600 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to tag attributes. | ||||
| CVE-2007-2178 | 1 Objective Development | 1 Sharity | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in Objective Development Sharity before 3.3 allow remote attackers to cause a denial of service (daemon crash) via unspecified vectors. | ||||
| CVE-2007-2956 | 2 Pfstools, Qtpfsgui | 2 Pfstools, Qtpfsgui | 2025-04-09 | N/A |
| Stack-based buffer overflow in the readRadianceHeader function in (1) src/fileformat/rgbeio.cpp in pfstools 1.6.2 and (2) src/Fileformat/rgbeio.cpp in Qtpfsgui 1.8.11 allows remote attackers to execute arbitrary code via a crafted Radiance RGBE (.hdr) file. | ||||
| CVE-2007-2179 | 1 Raiden Professional Servers | 1 Raidenftpd | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in IXceedCompression in XceddZipLib (RaidenFTPD.dll) in RaidenFTPD 2.4 allow remote attackers to cause a denial of service (crash) via unspecified vectors involving the (1) CalculateCrc, (2) Compress, and (3) Uncompress functions, which result in a NULL pointer dereference. | ||||
| CVE-2007-2187 | 1 Extremail | 1 Extremail | 2025-04-09 | N/A |
| Stack-based buffer overflow in eXtremail 2.1.1 and earlier allows remote attackers to execute arbitrary code via a long DNS response. NOTE: this might be related to CVE-2006-6926. | ||||
| CVE-2007-2193 | 1 Acd Systems | 2 Acdsee, Photo Editor | 2025-04-09 | N/A |
| Stack-based buffer overflow in the ID_X.apl plugin in ACDSee 9.0 Build 108, Pro 8.1 Build 99, and Photo Editor 4.0 Build 195 allows user-assisted remote attackers to execute arbitrary code via a crafted XPM file with a long section string. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-2195 | 1 Alvaro | 1 Alvaros Messenger | 2025-04-09 | N/A |
| aMSN (aka Alvaro's Messenger) 0.96 and earlier allows remote attackers to cause a denial of service (application crash) by sending invalid data to TCP port 31337. | ||||
| CVE-2007-0401 | 1 Easebay Resources | 1 Login Manager | 2025-04-09 | N/A |
| SQL injection vulnerability in admin/memberlist.php in Easebay Resources Login Manager 3.0 allows remote attackers to execute arbitrary SQL commands via the init_row parameter. | ||||
| CVE-2007-0403 | 1 Easebay Resources | 1 Paypal Subscription Manager | 2025-04-09 | N/A |
| SQL injection vulnerability in admin/memberlist.php in Easebay Resources Paypal Subscription Manager allows remote attackers to execute arbitrary SQL commands via the keyword parameter. | ||||
| CVE-2007-0405 | 1 Django Project | 1 Django | 2025-04-09 | N/A |
| The LazyUser class in the AuthenticationMiddleware for Django 0.95 does not properly cache the user name across requests, which allows remote authenticated users to gain the privileges of a different user. | ||||
| CVE-2007-0408 | 1 Bea | 1 Weblogic Server | 2025-04-09 | N/A |
| BEA Weblogic Server 8.1 through 8.1 SP4 does not properly validate client certificates when reusing cached connections, which allows remote attackers to obtain access via an untrusted X.509 certificate. | ||||
| CVE-2007-0413 | 1 Bea | 1 Weblogic Server | 2025-04-09 | N/A |
| BEA WebLogic Server 8.1 through 8.1 SP5 stores cleartext data in a backup of config.xml after offline editing, which allows local users to obtain sensitive information by reading this backup file. | ||||
| CVE-2007-0415 | 1 Bea | 1 Weblogic Server | 2025-04-09 | N/A |
| BEA WebLogic Server 8.1 through 8.1 SP5 does not properly enforce access control after a dynamic update and dynamic redeployment of an application that is implemented through exploded jars, which allows attackers to bypass intended access restrictions. | ||||
| CVE-2007-0416 | 1 Bea | 1 Weblogic Server | 2025-04-09 | N/A |
| The WSEE runtime (WS-Security runtime) in BEA WebLogic Server 9.0 and 9.1 does not verify credentials when decrypting client messages, which allows remote attackers to bypass application security. | ||||