Export limit exceeded: 29847 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29847 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-0975 | 1 Apache Stats | 1 Apache Stats | 2025-04-09 | N/A |
| Variable extraction vulnerability in Ian Bezanson Apache Stats before 0.0.3 beta allows attackers to overwrite critical variables, with unknown impact, when the extract function is used on the _REQUEST superglobal array. | ||||
| CVE-2007-0977 | 1 Ibm | 1 Lotus Domino | 2025-04-09 | N/A |
| IBM Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores HTTPPassword hashes from names.nsf in a manner accessible through Readviewentries and OpenDocument requests to the defaultview view, a different vector than CVE-2005-2428. | ||||
| CVE-2007-0978 | 1 Ibm | 1 Aix | 2025-04-09 | N/A |
| Buffer overflow in swcons in IBM AIX 5.3 allows local users to gain privileges via long input data. | ||||
| CVE-2007-0999 | 2 Gnome, Redhat | 2 Ekiga, Enterprise Linux | 2025-04-09 | N/A |
| Format string vulnerability in Ekiga 2.0.3, and probably other versions, allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2007-1006. | ||||
| CVE-2007-1004 | 1 Mozilla | 1 Firefox | 2025-04-09 | N/A |
| Mozilla Firefox might allow remote attackers to conduct spoofing and phishing attacks by writing to an about:blank tab and overlaying the location bar. | ||||
| CVE-2007-1002 | 2 Evolution, Redhat | 2 Shared Memo, Enterprise Linux | 2025-04-09 | N/A |
| Format string vulnerability in the write_html function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier versions, allows user-assisted remote attackers to execute arbitrary code via format specifiers in the categories of a crafted shared memo. | ||||
| CVE-2007-1003 | 2 Redhat, X.org | 2 Enterprise Linux, X11 | 2025-04-09 | N/A |
| Integer overflow in ALLOCATE_LOCAL in the ProcXCMiscGetXIDList function in the XC-MISC extension in the X.Org X11 server (xserver) 7.1-1.1.0, and other versions before 20070403, allows remote authenticated users to execute arbitrary code via a large expression, which results in memory corruption. | ||||
| CVE-2007-1011 | 1 Vs-gastebuch | 1 Vs-gastebuch | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in functions_inc.php in VS-Gastebuch 1.5.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the gb_pfad parameter. | ||||
| CVE-2007-1013 | 1 Virtualsystem | 1 Htaccess Passwort Generator | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in generate.php in VirtualSystem Htaccess Passwort Generator 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the ht_pfad parameter. | ||||
| CVE-2007-1007 | 2 Ekiga, Redhat | 3 Ekiga, Enterprise Linux, Enterprise Linux Desktop | 2025-04-09 | N/A |
| Format string vulnerability in GnomeMeeting 1.0.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the name, which is not properly handled in a call to the gnomemeeting_log_insert function. | ||||
| CVE-2007-1008 | 1 Apple | 1 Itunes | 2025-04-09 | N/A |
| Apple iTunes 7.0.2 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted XML list of radio stations, which results in memory corruption. NOTE: iTunes retrieves the XML document from a static URL, which requires an attacker to perform DNS spoofing or man-in-the-middle attacks for exploitation. | ||||
| CVE-2007-1015 | 1 Aktueldownload | 1 Aktueldownload Haber Script | 2025-04-09 | N/A |
| SQL injection vulnerability in HaberDetay.asp in Aktueldownload Haber script allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2007-1019 | 1 Webspell | 1 Webspell | 2025-04-09 | N/A |
| SQL injection vulnerability in news.php in webSPELL 4.01.02, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands via the showonly parameter to index.php, a different vector than CVE-2006-5388. | ||||
| CVE-2007-1021 | 1 Xfairguy | 1 Codeavalanche News | 2025-04-09 | N/A |
| SQL injection vulnerability in inc_listnews.asp in CodeAvalanche News 1.x allows remote attackers to execute arbitrary SQL commands via the CAT_ID parameter. | ||||
| CVE-2007-1020 | 1 Cedstat | 1 Cedstat | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in CedStat 1.31 allows remote attackers to inject arbitrary web script or HTML via the hier parameter. | ||||
| CVE-2007-1022 | 1 Turuncu Portal | 1 Turuncu Portal | 2025-04-09 | N/A |
| SQL injection vulnerability in h_goster.asp in Turuncu Portal 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-1028 | 1 Barry Jaspan | 1 Image Pager | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in the Barry Jaspan Image Pager 4.7.x-1.x-dev and 5.x-1.x-dev before 2007-02-08 module for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to HTML entities and the IMG element. | ||||
| CVE-2007-1030 | 1 Niels Provos | 1 Libevent | 2025-04-09 | N/A |
| Niels Provos libevent 1.2 and 1.2a allows remote attackers to cause a denial of service (infinite loop) via a DNS response containing a label pointer that references its own offset. | ||||
| CVE-2007-1029 | 1 Quicksoft | 1 Easymail Objects | 2025-04-09 | N/A |
| Stack-based buffer overflow in the Connect method in the IMAP4 component in Quiksoft EasyMail Objects before 6.5 allows remote attackers to execute arbitrary code via a long host name. | ||||
| CVE-2007-1038 | 1 Shemes.com | 1 Grabit | 2025-04-09 | N/A |
| Shemes.com Grabit 1.5.3, and possibly earlier, allows remote attackers to cause a denial of service (application crash) via a .nzb file with a subject field containing ';' (semicolon) characters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||