Export limit exceeded: 29943 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29943 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-1772 | 1 Hp | 1 Jetdirect | 2026-04-23 | N/A |
| The FTP service in HP JetDirect print servers allows remote attackers to cause a denial of service (engine crash) via a RETR command with a long pathname. | ||||
| CVE-2007-1589 | 2 Linux, Truecrypt Foundation | 2 Linux Kernel, Truecrypt | 2026-04-23 | N/A |
| TrueCrypt before 4.3, when set-euid mode is used on Linux, allows local users to cause a denial of service (filesystem unavailability) by dismounting a volume mounted by a different user. | ||||
| CVE-2007-1613 | 1 Mpm Chat | 1 Mpm Chat | 2026-04-23 | N/A |
| Directory traversal vulnerability in view.php in MPM Chat 2.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the logi parameter. | ||||
| CVE-2007-1553 | 1 Guestbara | 1 Guestbara | 2026-04-23 | N/A |
| admin/configuration.php in Guestbara 1.2 and earlier allows remote attackers to modify the e-mail, name, and password of the admin account by setting the zapis parameter to "ok" and providing modified admin_mail, login, and pass parameters. | ||||
| CVE-2007-1550 | 1 Phpx | 1 Phpx | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in phpx 3.5.15 allow remote attackers to execute arbitrary SQL commands via the (1) image_id or (2) cat_id parameter to (a) gallery.php; the (3) news_id parameter to (b) news.php or (c) print.php; (4) the news_cat_id parameter to news.php; the (5) cat_id, (6) topic_id, or (7) post_id parameter to (d) forums.php; or (8) the user_id parameter to (e) users.php. | ||||
| CVE-2007-1557 | 1 F-secure | 1 F-secure Anti-virus | 2026-04-23 | N/A |
| Format string vulnerability in F-Secure Anti-Virus Client Security 6.02 allows local users to cause a denial of service and possibly gain privileges via format string specifiers in the Management Server name field on the Communication settings page. | ||||
| CVE-2007-1616 | 1 Scriptmagix | 1 Scriptmagix Lyrics | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in ScriptMagix Lyrics 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the recid parameter. | ||||
| CVE-2007-1590 | 1 Grandstream | 1 Budgetone 200 | 2026-04-23 | N/A |
| The Grandstream BudgeTone 200 IP phone, with program 1.1.1.14 and bootloader 1.1.1.5, allows remote attackers to cause a denial of service (device crash) via SIP (1) INVITE, (2) CANCEL, or unspecified other messages with a WWW-Authenticate header containing a crafted Digest domain. | ||||
| CVE-2007-1622 | 1 Wordpress | 1 Wordpress | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in wp-admin/vars.php in WordPress before 2.0.10 RC2, and before 2.1.3 RC2 in the 2.1 series, allows remote authenticated users with theme privileges to inject arbitrary web script or HTML via the PATH_INFO in the administration interface, related to loose regular expression processing of PHP_SELF. | ||||
| CVE-2007-1631 | 1 Clbox | 1 Clbox | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in signup.php in CLBOX 1.01 allows remote attackers to execute arbitrary PHP code via a URL in the header parameter. NOTE: this issue has been disputed by a reliable third party, stating that header is defined through an include file before use | ||||
| CVE-2007-1641 | 1 Portailphp | 1 Portailphp | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in PortailPHP 2.0 allows remote attackers to execute arbitrary SQL commands via the idnews parameter. | ||||
| CVE-2007-1644 | 1 Microsoft | 1 All Windows | 2026-04-23 | N/A |
| The dynamic DNS update mechanism in the DNS Server service on Microsoft Windows does not properly authenticate clients in certain deployments or configurations, which allows remote attackers to change DNS records for a web proxy server and conduct man-in-the-middle (MITM) attacks on web traffic, conduct pharming attacks by poisoning DNS records, and cause a denial of service (erroneous name resolution). | ||||
| CVE-2007-6511 | 1 Websense | 1 Enterpise | 2026-04-23 | N/A |
| Websense Enterprise 6.3.1 allows remote attackers to bypass content filtering by visiting http URLs with a (1) RealPlayer G2, (2) MSMSGS, or (3) StoneHttpAgent User-Agent header, which results in a Non-HTTP categorization. | ||||
| CVE-2007-1802 | 1 Maildwarf | 1 Maildwarf | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in MailDwarf 3.01 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2007-1813 | 1 Inconnueteam | 1 Ecal | 2026-04-23 | N/A |
| SQL injection vulnerability in display.php in the eCal 2.24 and earlier module for Xoops allows remote attackers to execute arbitrary SQL commands via the katid parameter. | ||||
| CVE-2007-1823 | 1 T-mobile | 1 Voice Mail Systems | 2026-04-23 | N/A |
| T-Mobile voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailboxes, by spoofing Calling Number Identification (CNID, aka Caller ID). | ||||
| CVE-2007-4397 | 6 Irssi, Kristof Korwisi, Mikachu and 3 more | 7 Irssi, Ixmmsa, L33t Xmms Music Showing Script and 4 more | 2026-04-23 | N/A |
| Multiple CRLF injection vulnerabilities in (1) xmms-thing 1.0, (2) XMMS Remote Control Script 1.07, (3) Disrok 1.0, (4) a2x 0.0.1, (5) Another xmms-info script 1.0, (6) XChat-XMMS 0.8.1, and other unspecified scripts for XChat allow user-assisted remote attackers to execute arbitrary IRC commands via CRLF sequences in the name of the song in a .mp3 file. | ||||
| CVE-2007-4410 | 1 Universal Ircd | 1 Ircu | 2026-04-23 | N/A |
| ircu 2.10.12.05 and earlier does not properly synchronize a kick action in certain cross scenarios, which allows remote authenticated operators to prevent later kick or de-op actions from non-local ops. | ||||
| CVE-2007-2014 | 1 Mynews | 1 Mynews | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in include/blocks/week_events.php in MyNews 4.2.2 allows remote attackers to execute arbitrary PHP code via a URL in the myNewsConf[path][sys][index] parameter, a different vector than CVE-2007-0633. | ||||
| CVE-2009-4373 | 1 Alienvault | 1 Open Source Security Information Management | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in repository/repository_attachment.php in AlienVault Open Source Security Information Management (OSSIM) 2.1.5, and possibly other versions before 2.1.5-4, allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in ossiminstall/uploads/. | ||||