Export limit exceeded: 347063 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347063 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-4097 | 1 Tor | 1 Tor | 2026-04-23 | N/A |
| Tor before 0.1.2.15 sends "destroy cells" containing the reason for tearing down a circuit, which allows remote attackers to obtain sensitive information, contrary to specifications. | ||||
| CVE-2007-0905 | 2 Php, Trustix | 2 Php, Secure Linux | 2026-04-23 | N/A |
| PHP before 5.2.1 allows attackers to bypass safe_mode and open_basedir restrictions via unspecified vectors in the session extension. NOTE: it is possible that this issue is a duplicate of CVE-2006-6383. | ||||
| CVE-2007-4099 | 1 Tor | 1 Tor | 2026-04-23 | N/A |
| Tor before 0.1.2.15 can select a guard node beyond the first listed never-before-connected-to guard node, which allows remote attackers with control of certain guard nodes to obtain sensitive information and possibly leverage further attacks. | ||||
| CVE-2007-0912 | 1 Jportal | 1 Jportal Web Server | 2026-04-23 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in admin/admin.adm.php in Jportal 2.3.1, and possibly earlier, allows remote attackers to perform privileged actions as administrators by tricking the admin into accessing a URL with modified arguments to admin/admin.adm.php. | ||||
| CVE-2007-0914 | 1 Sun | 1 Solaris | 2026-04-23 | N/A |
| Race condition in the TCP subsystem for Solaris 10 allows remote attackers to cause a denial of service (system panic) via unknown vectors. | ||||
| CVE-2007-0916 | 1 Hp | 1 Hp-ux | 2026-04-23 | N/A |
| Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors. | ||||
| CVE-2007-4100 | 1 Mldonkey | 1 Mldonkey | 2026-04-23 | N/A |
| MLDonkey before 2.9.0 does not load certain code from $MLDONKEY/web_infos/ before the network modules become active, which allows remote attackers to bypass the IP blocklist. | ||||
| CVE-2007-0934 | 1 Microsoft | 1 Visio | 2026-04-23 | N/A |
| Unspecified vulnerability in Microsoft Visio 2002 allows remote user-assisted attackers to execute arbitrary code via a Visio (.VSD, VSS, .VST) file with a crafted version number that triggers memory corruption. | ||||
| CVE-2008-3844 | 2 Openbsd, Redhat | 4 Openssh, Enterprise Linux, Enterprise Linux Desktop and 1 more | 2026-04-23 | N/A |
| Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOTE: since the malicious packages were not distributed from any official Red Hat sources, the scope of this issue is restricted to users who may have obtained these packages through unofficial distribution points. As of 20080827, no unofficial distributions of this software are known. | ||||
| CVE-2007-0944 | 1 Microsoft | 5 Ie, Internet Explorer, Windows 2000 and 2 more | 2026-04-23 | N/A |
| Unspecified vulnerability in the CTableCol::OnPropertyChange method in Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; and 6 on Windows XP SP2, or Windows Server 2003 SP1 or SP2 allows remote attackers to execute arbitrary code by calling deleteCell on a named table row in a named table column, then accessing the column, which causes Internet Explorer to access previously deleted objects, aka the "Uninitialized Memory Corruption Vulnerability." | ||||
| CVE-2007-0948 | 1 Microsoft | 2 Virtual Pc, Virtual Server | 2026-04-23 | N/A |
| Heap-based buffer overflow in Microsoft Virtual PC 2004 and PC for Mac 7.1 and 7, and Virtual Server 2005 and 2005 R2, allows local guest OS administrators to execute arbitrary code on the host OS via unspecified vectors related to "interaction and initialization of components." | ||||
| CVE-2007-0959 | 1 Cisco | 2 Asa 5500, Pix Firewall Software | 2026-04-23 | N/A |
| Cisco PIX 500 and ASA 5500 Series Security Appliances 7.2.2, when configured to inspect certain TCP-based protocols, allows remote attackers to cause a denial of service (device reboot) via malformed TCP packets. | ||||
| CVE-2007-6459 | 1 Anon Proxy Server | 1 Anon Proxy Server | 2026-04-23 | N/A |
| Anon Proxy Server 0.100, and probably 0.101, allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the host parameter to diagdns.php, and (2) the host parameter and possibly (3) the port parameter to diagconnect.php, a different vulnerability than CVE-2007-6460. | ||||
| CVE-2007-6479 | 1 Dokeos | 1 Dokeos | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in the "My productions" component for main/auth/profile.php (aka the "My profile" page) in Dokeos 1.8.4 allows remote authenticated users to upload and execute arbitrary PHP files via a filename with a double extension, which can then be accessed through a URI under main/upload/users/. | ||||
| CVE-2007-0962 | 1 Cisco | 3 Asa 5500, Firewall Services Module, Pix Firewall Software | 2026-04-23 | N/A |
| Cisco PIX 500 and ASA 5500 Series Security Appliances 7.0 before 7.0(4.14) and 7.1 before 7.1(2.1), and the FWSM 2.x before 2.3(4.12) and 3.x before 3.1(3.24), when "inspect http" is enabled, allows remote attackers to cause a denial of service (device reboot) via malformed HTTP traffic. | ||||
| CVE-2007-6585 | 1 Nmnnewsletter | 1 Nmnnewsletter | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in confirmUnsubscription.php in NmnNewsletter 1.0.7 allows remote attackers to execute arbitrary PHP code via a URL in the output parameter. | ||||
| CVE-2007-0968 | 1 Cisco | 1 Firewall Services Module | 2026-04-23 | N/A |
| Unspecified vulnerability in Cisco Firewall Services Module (FWSM) before 2.3(4.7) and 3.x before 3.1(3.1) causes the access control entries (ACE) in an ACL to be improperly evaluated, which allows remote authenticated users to bypass intended certain ACL protections. | ||||
| CVE-2007-0971 | 1 Jupiter Cms | 1 Jupiter Cms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Jupiter CMS 1.1.5 allow remote attackers to execute arbitrary SQL commands via the Client-IP HTTP header and certain other HTTP headers, which set the ip variable that is used in SQL queries performed by index.php and certain other PHP scripts. NOTE: the attack vector might involve _SERVER. | ||||
| CVE-2007-3383 | 1 Apache | 1 Tomcat | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in SendMailServlet in the examples web application (examples/jsp/mail/sendmail.jsp) in Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.36 allows remote attackers to inject arbitrary web script or HTML via the From field and possibly other fields, related to generation of error messages. | ||||
| CVE-2008-0089 | 1 Clip-share | 1 Clipshare | 2026-04-23 | N/A |
| SQL injection vulnerability in uprofile.php in ClipShare allows remote attackers to execute arbitrary SQL commands via the UID parameter. | ||||