Export limit exceeded: 346064 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346064 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-3554 | 1 Hp | 1 Instant Support | 2026-04-23 | N/A |
| Stack-based buffer overflow in the HPSDDX Class (SDD) ActiveX control in sdd.dll in HP Instant Support - Driver Check before 1.5.0.3 allows remote attackers to execute arbitrary code via a long argument to the queryHub function. | ||||
| CVE-2009-2429 | 1 Mcafee | 1 Smartfilter | 2026-04-23 | N/A |
| SmartFilter Web Gateway Security 4.2.1.00 stores user credentials in cleartext in admin_backup.xml files and uses insecure permissions for these files, which allows local users to gain privileges. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-5211 | 1 Arbor Networks | 1 Peakflow Sp | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Arbor Networks Peakflow SP 3.5.1 before patch 14, and 3.6.1 before patch 5, when scope accounts are enabled, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving GET or POST requests. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-3584 | 1 Postnuke Software Foundation | 1 Pnphpbb2 | 2026-04-23 | N/A |
| SQL injection vulnerability in viewforum.php in PNphpBB2 1.2i and earlier for Postnuke allows remote attackers to execute arbitrary SQL commands via the order parameter. | ||||
| CVE-2007-3596 | 1 Izzysoft | 1 Phpvideopro | 2026-04-23 | N/A |
| inc/vul_check.inc in phpVideoPro before 0.8.8 permits non-alphanumeric characters in the sess_id parameter, which has unknown impact and remote attack vectors, probably cross-site scripting (XSS). | ||||
| CVE-2007-3580 | 1 Phpids | 1 Phpids | 2026-04-23 | N/A |
| PHPIDS does not properly handle certain code containing newlines, as demonstrated by a try/catch block within a loop, which allows user-assisted remote attackers to inject arbitrary web script. | ||||
| CVE-2007-5011 | 1 Wilson Windowware | 1 Webbatch | 2026-04-23 | N/A |
| webbatch.exe in WebBatch allows remote attackers to obtain sensitive information via the dumpinputdata parameter. | ||||
| CVE-2007-2588 | 1 Office Ocx | 1 Office Viewer Ocx | 2026-04-23 | N/A |
| Multiple buffer overflows in the Office Viewer OCX ActiveX control (oa.ocx) 3.2 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long argument to the (1) HttpDownloadFile, (2) Open, (3) OpenWebFile, (4) DoOleCommand, (5) FTPDownloadFile, (6) FTPUploadFile, (7) HttpUploadFile, (8) Save, or (9) SaveWebFile function. | ||||
| CVE-2010-0356 | 1 Viscomsoft | 1 Movie Player Pro Sdk Activex | 2026-04-23 | N/A |
| Stack-based buffer overflow in the MOVIEPLAYER.MoviePlayerCtrl.1 ActiveX control in MoviePlayer.ocx 6.8.0.0 in Viscom Software Movie Player Pro SDK ActiveX 6.8 allows remote attackers to execute arbitrary code via a long strFontName parameter to the DrawText method. | ||||
| CVE-2007-4928 | 1 Axis | 1 207w Network Camera | 2026-04-23 | N/A |
| The AXIS 207W camera stores a WEP or WPA key in cleartext in the configuration file, which might allow local users to obtain sensitive information. | ||||
| CVE-2007-5008 | 1 Hp | 1 Hp-ux | 2026-04-23 | N/A |
| The logins command in HP-UX B.11.31, B.11.23, and B.11.11 does not correctly report password status, which allows remote attackers to obtain privileges when certain "password issues" are not detected. | ||||
| CVE-2009-2188 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| Buffer overflow in ImageIO in Apple Mac OS X 10.5 before 10.5.8, and Safari before 4.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image with crafted EXIF metadata. | ||||
| CVE-2007-2573 | 1 Phptree | 1 Phptree | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in plugin/HP_DEV/cms2.php in PHPtree 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the s_dir parameter. | ||||
| CVE-2007-4910 | 1 Netinvoicing | 1 Netinvoicing | 2026-04-23 | N/A |
| Unspecified vulnerability in netInvoicing before 2.7.3 has unknown impact and attack vectors, related to "security check soap". | ||||
| CVE-2007-2565 | 1 Cdelia Software | 1 Imageprocessing | 2026-04-23 | N/A |
| Cdelia Software ImageProcessing allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted BMP file. | ||||
| CVE-2007-2564 | 1 Sienzo | 1 Digital Music Mentor | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in the Sienzo Digital Music Mentor (DMM) 2.6.0.4 ActiveX control (DSKernel2.dll) allow remote attackers to execute arbitrary code via a long argument to the (1) LockModules or (2) UnlockModule function. | ||||
| CVE-2007-2567 | 1 Taltech | 1 Tal Bar Code Activex Control | 2026-04-23 | N/A |
| Buffer overflow in the SaveBarCode function in the Taltech Tal Bar Code ActiveX control allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2007-2566 | 1 Taltech | 1 Tal Bar Code Activex Control | 2026-04-23 | N/A |
| The SaveBarCode function in the Taltech Tal Bar Code ActiveX control allows remote attackers to cause a denial of service (disk consumption) by uploading multiple bar codes, as demonstrated by a WSF package. | ||||
| CVE-2007-4734 | 1 Ots Labs | 1 Otsturntables | 2026-04-23 | N/A |
| Buffer overflow in Ots Labs OTSTurntables 1.00 allows user-assisted remote attackers to execute arbitrary code via a long file path in an m3u file. | ||||
| CVE-2007-2556 | 1 Nuked-klan | 1 Nuked-klan | 2026-04-23 | N/A |
| SQL injection vulnerability in Nuked-klaN 1.7.6 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For (X_FORWARDED_FOR) HTTP header, as demonstrated by a request to the /nk/ URI. | ||||