Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-1444 1 Netperf 1 Netperf 2026-04-23 N/A
netserver in netperf 2.4.3 allows local users to overwrite arbitrary files via a symlink attack on /tmp/netperf.debug.
CVE-2007-0199 1 Cisco 1 Ios 2026-04-23 N/A
The Data-link Switching (DLSw) feature in Cisco IOS 11.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via "an invalid value in a DLSw message... during the capabilities exchange."
CVE-2007-1500 1 Gentoo 1 Linux 2026-04-23 N/A
The Linux Security Auditing Tool (LSAT) allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using /tmp/lsat1.lsat.
CVE-2007-2462 1 Cisco 2 Adaptive Security Appliance Software, Pix 2026-04-23 N/A
Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 before 7.2(2)8, when using Layer 2 Tunneling Protocol (L2TP) or Remote Management Access, allows remote attackers to bypass LDAP authentication and gain privileges via unknown vectors.
CVE-2006-7174 1 Phpbb 1 Dimension 2026-04-23 N/A
PHP remote file inclusion vulnerability in includes/functions.php in the Dimension module of phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. NOTE: this may be the same issue as CVE-2006-5235.
CVE-2007-0257 1 Grsecurity 1 Grsecurity Kernel Patch 2026-04-23 7.8 High
Unspecified vulnerability in the expand_stack function in grsecurity PaX allows local users to gain privileges via unspecified vectors. NOTE: the grsecurity developer has disputed this issue, stating that "the function they claim the vulnerability to be in is a trivial function, which can, and has been, easily checked for any supposed vulnerabilities." The developer also cites a past disclosure that was not proven. As of 20070120, the original researcher has released demonstration code
CVE-2007-0246 1 Gforge 1 Gforge 2026-04-23 N/A
plugins/scmcvs/www/cvsweb.php in the CVSWeb CGI in GForge 4.5.16 before 20070524, aka gforge-plugin-scmcvs, allows remote attackers to execute arbitrary commands via shell metacharacters in the PATH_INFO.
CVE-2007-0366 1 Maxum Development Corporation 1 Rumpus Ftp Server 2026-04-23 N/A
Untrusted search path vulnerability in Rumpus 5.1 and earlier allows local users to gain privileges via a modified PATH that points to a malicious ipfw program.
CVE-2007-0248 1 Squid 1 Squid 2026-04-23 N/A
The aclMatchExternal function in Squid before 2.6.STABLE7 allows remote attackers to cause a denial of service (crash) by causing an external_acl queue overload, which triggers an infinite loop.
CVE-2007-0258 2 Fastilo, Opensolution 2 Fastilo, Quick.car 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in (1) Fastilo 2.0 and (2) Open Solution Quick.Cart 2.0 allows remote attackers to inject arbitrary web script or HTML via the p parameter. NOTE: some of these details are obtained from third party information.
CVE-2007-0260 1 Naig 1 Naig 2026-04-23 N/A
PHP remote file inclusion vulnerability in index.php in Naig 0.5.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the this_path parameter. NOTE: a reliable third party disputes this vulnerability because this_path is defined before use
CVE-2007-0261 1 Snews 1 Snews 2026-04-23 N/A
snews.php in sNews 1.5.30 and earlier does not properly exit when authentication fails, which allows remote attackers to perform unauthorized administrative actions, as demonstrated by changing an administrative password via the changeup task, and by uploading PHP code via the imagefile parameter.
CVE-2007-0276 1 Oracle 1 Database Server 2026-04-23 N/A
Multiple unspecified vulnerabilities in Oracle Database 8.1.7.4 and 9.0.1.5 have unknown impact and attack vectors related to (1) Advanced Security Option and oklist or okdstry (DB10), (2) Oracle Net Services (DB13), and (3) Recovery Manager and oklist (DB16).
CVE-2007-0277 1 Oracle 1 Database Server 2026-04-23 N/A
Unspecified vulnerability in Oracle Database client-only 10.1.0.4 has unknown impact and attack vectors related to the Export component and expdp or impdp, aka DB11.
CVE-2007-0278 1 Oracle 1 Database Server 2026-04-23 N/A
Multiple unspecified vulnerabilities in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.5 have unknown impact and attack vectors related to (1) NLS Runtime and lmsgen (DB12), and (2) Oracle Text and ctxkbtc (DB14).
CVE-2007-0282 1 Oracle 3 Application Server, Collaboration Suite, Http Server 2026-04-23 N/A
Unspecified vulnerability in Oracle HTTP Server 9.0.1.5, Application Server 9.0.4.2 and 10.1.2.0.0, and Collaboration Suite 9.0.4.2 has unknown impact and attack vectors related to the Oracle Process Mgmt & Notification component, aka OPMN02.
CVE-2007-0283 1 Oracle 2 Application Server, Collaboration Suite 2026-04-23 N/A
Unspecified vulnerability in Oracle Application Server 9.0.4.3 and Collaboration Suite 9.0.4.2 has unknown impact and attack vectors related to Oracle Containers for J2EE, aka OC4J02.
CVE-2007-0284 1 Oracle 2 Application Server, Collaboration Suite 2026-04-23 N/A
Multiple unspecified vulnerabilities in Oracle Application Server 9.0.4.3 and 10.1.2.0.0, and Collaboration Suite 9.0.4.2, have unknown impact and attack vectors related to Oracle Containers for J2EE, aka (1) OC4J03 and (2) OC4J04.
CVE-2007-0285 1 Oracle 3 Application Server, Collaboration Suite, E-business Suite 2026-04-23 N/A
Unspecified vulnerability in Oracle Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2; Collaboration Suite 9.0.4.2 and 10.1.2; and E-Business Suite and Applications 11.5.10CU2 has unknown impact and attack vectors related to Oracle Reports Developer, aka REP01.
CVE-2007-0286 1 Oracle 2 Application Server, Collaboration Suite 2026-04-23 N/A
Unspecified vulnerability in Oracle Application Server 10.1.2.0.2 and 10.1.3.0, and Collaboration Suite 10.1.2, has unknown impact and attack vectors related to Containers for J2EE, aka OC4J07.