Export limit exceeded: 346300 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346300 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-3673 | 1 Symantec | 6 Client Security, Norton Antispam, Norton Antivirus and 3 more | 2026-04-23 | N/A |
| Symantec symtdi.sys before 7.0.0, as distributed in Symantec AntiVirus Corporate Edition 9 through 10.1 and Client Security 2.0 through 3.1, Norton AntiSpam 2005, and Norton AntiVirus, Internet Security, Personal Firewall, and System Works 2005 and 2006; allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in an IOCTL 0x83022323 request to \\symTDI\, which results in memory overwrite. | ||||
| CVE-2007-5243 | 1 Borland Software | 1 Interbase | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 through 8.1.0.253, and WI 5.1.1.680 through 8.1.0.257, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the (a) SVC_attach or (b) INET_connect function, (2) a long create request on TCP port 3050 to the (c) isc_create_database or (d) jrd8_create_database function, (3) a long attach request on TCP port 3050 to the (e) isc_attach_database or (f) PWD_db_aliased function, or unspecified vectors involving the (4) jrd8_attach_database or (5) expand_filename2 function. | ||||
| CVE-2007-3680 | 1 Ibm | 1 Aix | 2026-04-23 | N/A |
| Stack-based buffer overflow in the odm_searchpath function in libodm in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary code via a long ODMPATH environment variable. | ||||
| CVE-2007-5251 | 1 Webhost Automation | 1 Helm Web Hosting Control Panel | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Helm 3.2.16 allow remote attackers to inject arbitrary web script or HTML via (1) the showOption parameter to domain.asp, or the (2) Folder or (3) StartPath parameter to FileManager.asp. | ||||
| CVE-2009-4186 | 2 Apple, Microsoft | 2 Safari, Windows | 2026-04-23 | N/A |
| Stack consumption vulnerability in Apple Safari 4.0.3 on Windows allows remote attackers to cause a denial of service (application crash) via a long URI value (aka url) in the Cascading Style Sheets (CSS) background property. | ||||
| CVE-2009-4202 | 2 Joomla, Omilenitsolutions | 2 Joomla\!, Com Omphotogallery | 2026-04-23 | N/A |
| Directory traversal vulnerability in the Omilen Photo Gallery (com_omphotogallery) component Beta 0.5 for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the controller parameter to index.php. | ||||
| CVE-2007-3683 | 1 Aigaion | 1 Aigaion | 2026-04-23 | N/A |
| SQL injection vulnerability in pagetopic.php in Aigaion 1.3.3 and earlier allows remote attackers to execute arbitrary SQL commands via the topic_id parameter. | ||||
| CVE-2007-3687 | 1 Infernotechnologies | 1 Rpg Inferno | 2026-04-23 | N/A |
| SQL injection vulnerability in inferno.php in the Inferno Technologies RPG Inferno 2.4 and earlier, a vBulletin module, allows remote authenticated attackers to execute arbitrary SQL commands via the id parameter in a ScanMember do action. | ||||
| CVE-2007-3560 | 1 Esqlanelapse | 1 Esqlanelapse | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in Esqlanelapse before 2.6 have unknown impact and attack vectors. | ||||
| CVE-2007-3695 | 1 Broadcom | 1 Erwin Process Modeler | 2026-04-23 | N/A |
| Buffer overflow in LICRCMD.EXE in CA ERwin Process Modeler (formerly AllFusion Process Modeler) 7.1 allows attackers to execute arbitrary code via a long filename. NOTE: the researcher does not suggest any circumstances in which the filename would come from an untrusted source, and therefore perhaps the issue does not cross privilege boundaries and should not be included in CVE. | ||||
| CVE-2007-3696 | 1 Broadcom | 1 Erwin Data Model Validator | 2026-04-23 | N/A |
| CA ERwin Data Model Validator (formerly AllFusion Data Model Validator) allows remote attackers to (1) cause a denial of service (application hang) via a malformed .EXP database file and (2) cause a denial of service (aaplication crash) via a crafted .EXP database file, which triggers a NULL dereference. | ||||
| CVE-2007-3699 | 1 Symantec | 13 Antivirus Scan Engine, Brightmail Antispam, Client Security and 10 more | 2026-04-23 | N/A |
| The Decomposer component in multiple Symantec products allows remote attackers to cause a denial of service (infinite loop) via a certain value in the PACK_SIZE field of a RAR archive file header. | ||||
| CVE-2007-5252 | 1 Netsupport | 2 Netsupport Manager Client, Netsupport School Student | 2026-04-23 | N/A |
| Buffer overflow in NetSupport Manager (NSM) Client 10.00 and 10.20, and NetSupport School Student (NSS) 9.00, allows remote NSM servers to cause a denial of service or possibly execute arbitrary code via crafted data in the configuration exchange phase of an initial connection setup. NOTE: a vendor statement, which is too vague to be sure that it is for this particular issue, says that only a denial of service is possible. | ||||
| CVE-2007-3701 | 2 3com, Tippingpoint | 2 Tippingpoint Ips Tos, Tipping Point | 2026-04-23 | N/A |
| TippingPoint IPS before 20070710 does not properly handle a hex-encoded alternate Unicode '/' (slash) character, which might allow remote attackers to send certain network traffic and avoid detection, as demonstrated by a cmd.exe attack. | ||||
| CVE-2008-3361 | 1 Intellitamper | 1 Intellitamper | 2026-04-23 | N/A |
| Stack-based buffer overflow in IntelliTamper 2.07 allows remote web sites to execute arbitrary code via a long HTTP Server header. | ||||
| CVE-2008-6476 | 1 Dotnetblogengine | 1 Blogengine.net | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in blog/search.aspx in BlogEngine.NET allows remote attackers to inject arbitrary web script or HTML via the q parameter. | ||||
| CVE-2007-3703 | 1 Zenturi | 1 Zenturi Programchecker | 2026-04-23 | N/A |
| Stack-based buffer overflow in a certain ActiveX control in sasatl.dll 1.5.0.531 in Zenturi Program Checker (ProgramChecker) Pro allows remote attackers to execute arbitrary code via a long argument to the Fill method. NOTE: this is probably a different issue than CVE-2007-2987. | ||||
| CVE-2009-2308 | 2 Punbb, Punres | 2 Punbb, Affiliates Mod | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in affiliates.php in the Affiliation (aka Affiliates) module 1.1.0 and earlier for PunBB allow remote attackers to execute arbitrary SQL commands via the (1) in or (2) out parameter. | ||||
| CVE-2007-4270 | 1 Ibm | 1 Db2 Universal Database | 2026-04-23 | N/A |
| Multiple race conditions in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to gain root privileges via a symlink attack on certain files. | ||||
| CVE-2007-3708 | 1 Codeigniter | 1 Codeigniter | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in CodeIgniter 1.5.3 before 20070626 allows remote attackers to inject arbitrary web script or HTML via (1) String.fromCharCode and (2) malformed nested tag manipulations in an unspecified component, related to insufficient sanitization by the xss_clean function. | ||||