Export limit exceeded: 29845 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29845 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-0029 | 1 Microsoft | 4 Excel, Excel Viewer, Office and 1 more | 2025-04-09 | N/A |
| Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a malformed string, aka "Excel Malformed String Vulnerability." | ||||
| CVE-2007-0030 | 1 Microsoft | 4 Excel, Excel Viewer, Office and 1 more | 2025-04-09 | N/A |
| Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via an Excel file with an out-of-range Column field in certain BIFF8 record types, which references arbitrary memory. | ||||
| CVE-2007-0026 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2025-04-09 | N/A |
| The OLE Dialog component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1 allows user-assisted remote attackers to execute arbitrary code via an RTF file with a malformed OLE object that triggers memory corruption. | ||||
| CVE-2007-0033 | 1 Microsoft | 2 Office, Outlook | 2025-04-09 | N/A |
| Microsoft Outlook 2002 and 2003 allows user-assisted remote attackers to execute arbitrary code via a malformed VEVENT record in an .iCal meeting request or ICS file. | ||||
| CVE-2007-0046 | 2 Adobe, Redhat | 2 Acrobat Reader, Rhel Extras | 2025-04-09 | N/A |
| Double free vulnerability in the Adobe Acrobat Reader Plugin before 8.0.0, as used in Mozilla Firefox 1.5.0.7, allows remote attackers to execute arbitrary code by causing an error via a javascript: URI call to document.write in the (1) FDF, (2) XML, or (3) XFDF AJAX request parameters. | ||||
| CVE-2007-0047 | 1 Adobe | 1 Acrobat Reader | 2025-04-09 | N/A |
| CRLF injection vulnerability in Adobe Acrobat Reader Plugin before 8.0.0, when used with the Microsoft.XMLHTTP ActiveX object in Internet Explorer, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the javascript: URI in the (1) FDF, (2) XML, or (3) XFDF AJAX request parameters. | ||||
| CVE-2007-0048 | 1 Adobe | 3 Acrobat, Acrobat 3d, Acrobat Reader | 2025-04-09 | N/A |
| Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, when used with Internet Explorer, Google Chrome, or Opera, allows remote attackers to cause a denial of service (memory consumption) via a long sequence of # (hash) characters appended to a PDF URL, related to a "cross-site scripting issue." | ||||
| CVE-2007-0054 | 1 Belchior Foundry | 1 Vcard Pro | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in gbrowse.php in Belchior Foundry vCard PRO allows remote attackers to inject arbitrary web script or HTML via the sortby parameter. | ||||
| CVE-2007-0056 | 1 Ashopsoftware | 2 Ashop Administration Panel, Ashop Deluxe | 2025-04-09 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in AShop Deluxe 4.5 and AShop Administration Panel allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to (a) ashop/catalogue.php and (b) ashop/basket.php, the (2) exp parameter to ashop/catalogue.php, the (3) searchstring parameter to (c) ashop/search.php, the (4) checkout and (5) action parameters to (d) ashop/shipping.php, the cat parameter to (f) cart-path/admin/editcatalogue.php, and the (7) resultpage parameter to (g) cart-path/admin/salesadmin.php. | ||||
| CVE-2006-5861 | 1 Citrix | 2 Metaframe, Metaframe Presentation Server | 2025-04-09 | N/A |
| The Independent Management Architecture (IMA) service (ImaSrv.exe) in Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote attackers to cause a denial of service (service exit) via a crafted packet that causes the service to access an unmapped memory address and triggers an unhandled exception. | ||||
| CVE-2007-0358 | 1 Hp | 1 Jetdirect Firmware | 2025-04-09 | N/A |
| Unspecified vulnerability in the FTP server implementation in HP Jetdirect firmware x.20.nn through x.24.nn allows remote attackers to cause a denial of service via unknown vectors. | ||||
| CVE-2007-0362 | 1 Freshreader | 1 Freshreader | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in the RSS feed component in FreshReader before 1.0.07010600 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to tag attributes. | ||||
| CVE-2007-0363 | 1 Openads | 1 Openads | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in admin-search.php in (1) Openads for PostgreSQL (aka phpPgAds) before 2.0.10 and (2) Openads (aka phpAdsNew) before 2.0.10 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. | ||||
| CVE-2007-0361 | 1 Comscripts | 1 Phpmyphorum | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in mep/frame.php in PHPMyphorum 1.5a allows remote attackers to execute arbitrary PHP code via a URL in the chem parameter. | ||||
| CVE-2007-0366 | 1 Maxum Development Corporation | 1 Rumpus Ftp Server | 2025-04-09 | N/A |
| Untrusted search path vulnerability in Rumpus 5.1 and earlier allows local users to gain privileges via a modified PATH that points to a malicious ipfw program. | ||||
| CVE-2007-0367 | 1 Maxum Development Corporation | 1 Rumpus Ftp Server | 2025-04-09 | N/A |
| Rumpus 5.1 and earlier has weak permissions for certain files and directories under /usr/local/Rumpus, including the configuration file, which allows local users to have an unknown impact by creating, modifying, or deleting files. | ||||
| CVE-2007-0369 | 1 Phpbp | 1 Phpbp | 2025-04-09 | N/A |
| SQL injection vulnerability in phpBP RC3 (2.204) and earlier allows remote attackers to execute arbitrary SQL commands via the comment forum. | ||||
| CVE-2007-0374 | 2 Joomla, Mambo | 2 Joomla, Mambo | 2025-04-09 | N/A |
| SQL injection vulnerability in (1) Joomla! 1.0.11 and 1.5 Beta, and (2) Mambo 4.6.1, allows remote attackers to execute arbitrary SQL commands via the id parameter when cancelling content editing. | ||||
| CVE-2007-0376 | 1 Virtuemart | 1 Virtuemart | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in Virtuemart 1.0.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2007-0378 | 1 Docman | 1 Docman | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in DocMan 1.3 RC2 allow attackers to execute arbitrary SQL commands via unspecified vectors. | ||||