Export limit exceeded: 359608 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359608 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-0368 | 1 Michiel Broek | 1 Mbse-bbs | 2026-04-23 | N/A |
| Stack-based buffer overflow in mbse-bbs 0.70 and earlier allows local users to execute arbitrary code via a long string in the MBSE_ROOT environment variable. | ||||
| CVE-2007-1278 | 2 Adobe, Microsoft | 3 Coldfusion, Jrun, Internet Information Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the IIS connector in Adobe JRun 4.0 Updater 6, and ColdFusion MX 6.1 and 7.0 Enterprise, when using Microsoft IIS 6, allows remote attackers to cause a denial of service via unspecified vectors, involving the request of a file in the JRun web root. | ||||
| CVE-2007-1281 | 3 Kaspersky Lab, Linux, Microsoft | 3 Kaspersky Antivirus Engine, Linux Kernel, All Windows | 2026-04-23 | N/A |
| Kaspersky AntiVirus Engine 6.0.1.411 for Windows and 5.5-10 for Linux allows remote attackers to cause a denial of service (CPU consumption) via a crafted UPX compressed file with a negative offset, which triggers an infinite loop during decompression. | ||||
| CVE-2008-2458 | 1 4shared | 1 Starsgames Control Panel | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Starsgames Control Panel 4.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the st parameter. | ||||
| CVE-2007-0371 | 1 Common Controls Replacement Project | 1 Browsedialog Server | 2026-04-23 | N/A |
| A certain ActiveX control in the Common Controls Replacement Project (CCRP) CCRP BrowseDialog Server (ccrpbds6.dll) allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long CCRP_BDc.SelectedFolder property value. | ||||
| CVE-2007-1226 | 1 Mcafee | 1 Virex | 2026-04-23 | N/A |
| McAfee VirusScan for Mac (Virex) before 7.7 patch 1 has weak permissions (0666) for /Library/Application Support/Virex/VShieldExclude.txt, which allows local users to reconfigure Virex to skip scanning of arbitrary files. | ||||
| CVE-2007-0337 | 1 Kgb | 1 Kgb | 2026-04-23 | N/A |
| Directory traversal vulnerability in sesskglogadmin.php in KGB 1.9 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the skinnn parameter, as demonstrated by invoking kg.php with a postek parameter containing PHP code, which is injected into a file in the kg directory, and then included by sesskglogadmin.php. | ||||
| CVE-2007-1223 | 3 Hitachi, Ibm, Sun | 4 Hi-ux\/we2, Osas\/ft\/w, Aix and 1 more | 2026-04-23 | N/A |
| Unspecified vulnerability in Hitachi OSAS/FT/W before 20070223 allows attackers to cause a denial of service (responder control processing halt) by sending "data unexpectedly through the port". | ||||
| CVE-2007-1219 | 1 Admin Phorum | 1 Admin Phorum | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in actions/del.php in Admin Phorum 3.3.1a allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter. | ||||
| CVE-2007-1218 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2026-04-23 | N/A |
| Off-by-one buffer overflow in the parse_elements function in the 802.11 printer code (print-802_11.c) for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted 802.11 frame. NOTE: this was originally referred to as heap-based, but it might be stack-based. | ||||
| CVE-2007-1214 | 1 Microsoft | 2 Excel, Excel Viewer | 2026-04-23 | N/A |
| Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, and 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a crafted AutoFilter filter record in an Excel BIFF8 format XLS file, which triggers memory corruption. | ||||
| CVE-2008-2446 | 1 Wgcc | 1 Web Group Communication Center | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Web Group Communication Center (WGCC) 1.0.3 PreRelease 1 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) userid parameter to (a) profile.php in a "show moreinfo" action; the (2) bildid parameter to (b) picturegallery.php in a shownext action; the (3) id parameter to (c) filebase.php in a freigeben action, (d) schedule.php in a del action, and (e) profile.php in an observe action; and the (4) pmid parameter in a delete action and (5) folderid parameter in a showfolder action to (f) message.php. | ||||
| CVE-2007-1202 | 1 Microsoft | 3 Word, Word Viewer, Works | 2026-04-23 | N/A |
| Word (or Word Viewer) in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, 2004 for Mac, and Works Suite 2004, 2005, and 2006 does not properly parse certain rich text "property strings of certain control words," which allows user-assisted remote attackers to trigger heap corruption and execute arbitrary code, aka the "Word RTF Parsing Vulnerability." | ||||
| CVE-2007-1201 | 1 Microsoft | 5 Biztalk Server, Commerce Server, Internet Security And Acceleration Server and 2 more | 2026-04-23 | N/A |
| Unspecified vulnerability in certain COM objects in Microsoft Office Web Components 2000 allows user-assisted remote attackers to execute arbitrary code via vectors related to DataSource that trigger memory corruption, aka "Office Web Components DataSource Vulnerability." | ||||
| CVE-2007-1197 | 1 Epiware | 1 Epiware | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in Epiware before 4.7.5 have unknown impact and attack vectors, possibly related to cross-site scripting (XSS) and other unspecified issues. | ||||
| CVE-2007-1196 | 1 Citrix | 1 Presentation Server Client | 2026-04-23 | N/A |
| Unspecified vulnerability in Citrix Presentation Server Client for Windows before 10.0 allows remote web sites to execute arbitrary code via unspecified vectors, related to the implementation of ICA connectivity through proxy servers. | ||||
| CVE-2007-0296 | 1 Oracle | 2 Enterpriseone, Peoplesoft Enterprise | 2026-04-23 | N/A |
| Unspecified vulnerability in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.13, 8.47.11, and 8.48.06 has unknown impact and attack vectors in PeopleTools, aka PSE02. | ||||
| CVE-2007-1195 | 1 Dxmsoft | 1 Xm Easy Personal Ftp Server | 2026-04-23 | N/A |
| Multiple buffer overflows in XM Easy Personal FTP Server 5.3.0 allow remote attackers to execute arbitrary code via unspecified vectors. NOTE: this issue might overlap CVE-2006-2225, CVE-2006-2226, or CVE-2006-5728. | ||||
| CVE-2008-4769 | 1 Wordpress | 1 Wordpress | 2026-04-23 | N/A |
| Directory traversal vulnerability in the get_category_template function in wp-includes/theme.php in WordPress 2.3.3 and earlier, and 2.5, allows remote attackers to include and possibly execute arbitrary PHP files via the cat parameter in index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-1193 | 1 Orangehrm | 1 Orangehrm | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in the Login page in OrangeHRM before 20070212 have unknown impact and attack vectors. | ||||