Search Results (363289 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-6510 1 Prowizard 1 Prowizard 4 Pc 2026-04-23 N/A
Multiple stack-based buffer overflows in ProWizard 4 PC (prowiz) 1.62 and earlier allow remote attackers to execute arbitrary code via a crafted file to the (1) AMOS-MusicBank, (2) FuzzacPacker, and (3) QuadraComposer rippers; and (4) have an unknown impact via a crafted file to the SkytPacker ripper.
CVE-2007-6511 1 Websense 1 Enterpise 2026-04-23 N/A
Websense Enterprise 6.3.1 allows remote attackers to bypass content filtering by visiting http URLs with a (1) RealPlayer G2, (2) MSMSGS, or (3) StoneHttpAgent User-Agent header, which results in a Non-HTTP categorization.
CVE-2007-6512 1 Php 1 Mysql Banner Exchange 2026-04-23 N/A
PHP MySQL Banner Exchange 2.2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database information via a direct request to inc/lib.inc.
CVE-2007-6513 1 Hp 1 Esupportdiagnostics 2026-04-23 N/A
HP eSupportDiagnostics ActiveX control (hpediag.dll) 1.0.11.0 exports dangerous methods, which allows remote attackers to (1) read arbitrary files via the ReadTextFile method, or (2) read arbitrary registry values via the ReadValue method.
CVE-2007-6540 1 Neuron 1 News 2026-04-23 N/A
SQL injection vulnerability in neuron news 1.0 allows remote attackers to execute arbitrary SQL commands via the q parameter to the default URI in patch/.
CVE-2007-6516 1 Ravware 1 Flic Activex Control 2026-04-23 N/A
Buffer overflow in RavWare Software MAS Flic ActiveX Control (masflc.ocx) 1.0.0.1 allows remote attackers to execute arbitrary code via a long FileName property.
CVE-2007-6517 1 Aeries 1 Aeries Browser Interface 2026-04-23 N/A
SQL injection vulnerability in the forget password section (LostPwd.asp) in Eagle Software Aeries Browser Interface (ABI) 3.7.9.17 allows remote attackers to execute arbitrary SQL commands via the EmailAddress parameter. NOTE: some of these details are obtained from third party information.
CVE-2007-6518 1 Woltlab 1 Burning Board Lite 2026-04-23 N/A
Multiple SQL injection vulnerabilities in search.php in WoltLab Burning Board (wBB) Lite 1.0.2 pl3e allow remote attackers to execute arbitrary SQL commands via the (1) showposts, (2) sortby, and (3) sortorder parameters.
CVE-2007-6519 1 Hp 1 Tru64 2026-04-23 N/A
Unspecified vulnerability in the File-on-File Mounting File System (FFM) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows local users to cause a denial of service (system crash) via unspecified vectors.
CVE-2007-6534 1 Microsoft 1 Publisher 2026-04-23 N/A
Multiple unspecified vulnerabilities in Microsoft Office Publisher allow user-assisted remote attackers to cause a denial of service (application crash) via a crafted PUB file, possibly involving wordart.
CVE-2007-6535 1 Yahoo 1 Toolbar 2026-04-23 N/A
Buffer overflow in the YShortcut ActiveX control in YShortcut.dll 2006.8.15.1 in Yahoo! Toolbar might allow attackers to execute arbitrary code via a long string to the IsTaggedBM method.
CVE-2007-6537 1 Winuae 1 Winuae 2026-04-23 N/A
Stack-based buffer overflow in the zfile_gunzip function in zfile.c in WinUAE 1.4.4 and earlier allows user-assisted remote attackers to execute arbitrary code via a long filename in a gzipped archive, such as a (1) gz, (2) adz, (3) roz, or (4) hdz archive in a compressed floppy disk image.
CVE-2007-6538 2 Moodle, Mrbs 2 Moodle, Mrbs 2026-04-23 N/A
SQL injection vulnerability in ing/blocks/mrbs/code/web/view_entry.php in the MRBS plugin for Moodle allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-6539 1 Idevspot 1 Isupport 2026-04-23 N/A
PHP local file inclusion vulnerability in index.php in IDevspot iSupport 1.8 allows remote attackers to include local files via the include_file parameter.
CVE-2007-6245 2 Adobe, Redhat 2 Flash Player, Rhel Extras 2026-04-23 N/A
Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 allows remote attackers to modify HTTP headers for client requests and conduct HTTP Request Splitting attacks.
CVE-2007-6243 2 Adobe, Redhat 2 Flash Player, Rhel Extras 2026-04-23 N/A
Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 does not sufficiently restrict the interpretation and usage of cross-domain policy files, which makes it easier for remote attackers to conduct cross-domain and cross-site scripting (XSS) attacks.
CVE-2007-6242 2 Adobe, Redhat 2 Flash Player, Rhel Extras 2026-04-23 N/A
Unspecified vulnerability in Adobe Flash Player 9.0.48.0 and earlier might allow remote attackers to execute arbitrary code via unknown vectors, related to "input validation errors."
CVE-2007-6241 1 Beehive Forum 1 Beehive Forum 2026-04-23 N/A
Multiple unspecified vulnerabilities in Beehive Forum 0.7.1 have unknown "critical" impact and attack vectors, different issues than CVE-2007-6014.
CVE-2007-6225 1 Sun 1 Solaris 2026-04-23 N/A
Unspecified vulnerability in Sun Solaris 10, when 64bit mode is used on the x86 platform, allows local users in a Linux (lx) branded zone to cause a denial of service (panic) via unspecified vectors.
CVE-2007-6223 1 Phpbb 1 Garage 2026-04-23 N/A
SQL injection vulnerability in garage.php in phpBB Garage 1.2.0 Beta3 allows remote attackers to execute arbitrary SQL commands via the make_id parameter in a search action in browse mode.