Export limit exceeded: 29935 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29935 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-0703 | 1 Webbuilder | 1 Webbuilder | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in library/StageLoader.php in WebBuilder 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[core][module_path] parameter. | ||||
| CVE-2007-1281 | 3 Kaspersky Lab, Linux, Microsoft | 3 Kaspersky Antivirus Engine, Linux Kernel, All Windows | 2026-04-23 | N/A |
| Kaspersky AntiVirus Engine 6.0.1.411 for Windows and 5.5-10 for Linux allows remote attackers to cause a denial of service (CPU consumption) via a crafted UPX compressed file with a negative offset, which triggers an infinite loop during decompression. | ||||
| CVE-2007-1286 | 2 Php, Redhat | 3 Php, Enterprise Linux, Rhel Stronghold | 2026-04-23 | N/A |
| Integer overflow in PHP 4.4.4 and earlier allows remote context-dependent attackers to execute arbitrary code via a long string to the unserialize function, which triggers the overflow in the ZVAL reference counter. | ||||
| CVE-2007-1289 | 1 Tyger | 1 Bug Tracking System | 2026-04-23 | N/A |
| SQL injection vulnerability in ViewBugs.php in Tyger Bug Tracking System (TygerBT) 1.1.3 allows remote attackers to execute arbitrary SQL commands via the s parameter. | ||||
| CVE-2007-1288 | 1 Webmobo | 1 Wbnews | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Webmobo WB News 1.4.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the config[installdir] parameter to (1) comment.php, (2) themes.php, (3) directory.php, and (4) sendmsg.php in admin/. | ||||
| CVE-2007-1291 | 1 Tyger | 1 Bug Tracking System | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Tyger Bug Tracking System (TygerBT) 1.1.3 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) Login.php and (2) Register.php. | ||||
| CVE-2006-4839 | 1 Sophos | 1 Sophos Anti-virus | 2026-04-23 | N/A |
| Sophos Anti-Virus 5.1 allows remote attackers to cause a denial of service (memory consumption) via a file that is compressed with Petite and contains a large number of sections. | ||||
| CVE-2006-5005 | 1 Ibm | 1 Aix | 2026-04-23 | N/A |
| Unspecified vulnerability in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary commands via unspecified vectors involving /etc/slip.login. | ||||
| CVE-2007-1033 | 1 Drupal | 1 Secure Site Module | 2026-04-23 | N/A |
| Unspecified vulnerability in the Secure site 4.7.x-1.x-dev and 5.x-1.x-dev module for Drupal allows remote attackers to bypass access restrictions via a crafted URL. | ||||
| CVE-2007-1324 | 1 Snapgear | 6 560, 580, 585 and 3 more | 2026-04-23 | N/A |
| SnapGear 560, 585, 580, 640, 710, and 720 appliances before the 3.1.4u5 firmware allow remote attackers to cause a denial of service (complete packet loss) via a packet flood, a different vulnerability than CVE-2006-4613. | ||||
| CVE-2007-2252 | 1 Exponent | 1 Exponent Cms | 2026-04-23 | N/A |
| Directory traversal vulnerability in iconspopup.php in Exponent CMS 0.96.6 Alpha and earlier allows remote attackers to obtain sensitive information via a .. (dot dot) in the icodir parameter. | ||||
| CVE-2007-1328 | 1 Bernard Joly | 1 Bj Webring | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in formulaire.php in Bernard JOLY BJ Webring allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter related to the add link menu. | ||||
| CVE-2007-1329 | 2 Ledgersmb, Sql-ledger | 2 Ledgersmb, Sql-ledger | 2026-04-23 | N/A |
| Directory traversal vulnerability in SQL-Ledger, and LedgerSMB before 1.1.5, allows remote attackers to read and overwrite arbitrary files, and execute arbitrary code, via . (dot) characters adjacent to (1) users and (2) users/members strings, which are removed by blacklisting functions that filter these strings and collapse into .. (dot dot) sequences. | ||||
| CVE-2007-1330 | 1 Comodo | 1 Comodo Firewall Pro | 2026-04-23 | N/A |
| Comodo Firewall Pro (CFP) (formerly Comodo Personal Firewall) 2.4.18.184 and earlier allows local users to bypass driver protections on the HKLM\SYSTEM\Software\Comodo\Personal Firewall registry key by guessing the name of a named pipe under \Device\NamedPipe\OLE and attempting to open it multiple times. | ||||
| CVE-2007-1331 | 1 Tks Banking Solutions | 1 Eportfolio | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in TKS Banking Solutions ePortfolio 1.0 Java allow remote attackers to inject arbitrary web script or HTML via unspecified vectors that bypass the client-side protection scheme, one of which may be the q parameter to the search program. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-1332 | 1 Tks Banking Solutions | 1 Eportfolio | 2026-04-23 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in TKS Banking Solutions ePortfolio 1.0 Java allow remote attackers to perform unspecified restricted actions in the context of certain accounts by bypassing the client-side protection scheme. | ||||
| CVE-2007-2398 | 2 Apple, Microsoft | 2 Safari, Windows 2003 Server | 2026-04-23 | N/A |
| Apple Safari 3.0.1 beta (522.12.12) on Windows allows remote attackers to modify the window title and address bar while filling the main window with arbitrary content by setting the location bar and using setTimeout() to create an event that modifies the window content, which could facilitate phishing attacks. | ||||
| CVE-2006-5006 | 1 Ibm | 1 Aix | 2026-04-23 | N/A |
| Buffer overflow in cfgmgr in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary code via a long directory path argument. | ||||
| CVE-2007-1340 | 1 Weltennetz | 1 News-letterman | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in eintrag.php in Weltennetz News-Letterman 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the sqllog parameter. | ||||
| CVE-2007-2971 | 1 Greg Neustaetter | 1 Gcards | 2026-04-23 | N/A |
| SQL injection vulnerability in getnewsitem.php in gCards 1.46 and earlier allows remote attackers to execute arbitrary SQL commands via the newsid parameter. | ||||