Export limit exceeded: 349275 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (349275 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-1750 | 1 Microsoft | 5 Internet Explorer, Windows 2000, Windows 2003 Server and 2 more | 2026-04-23 | N/A |
| Unspecified vulnerability in Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code via a crafted Cascading Style Sheets (CSS) tag that triggers memory corruption. | ||||
| CVE-2007-1751 | 1 Microsoft | 5 Internet Explorer, Windows 2000, Windows 2003 Server and 2 more | 2026-04-23 | N/A |
| Microsoft Internet Explorer 5.01, 6, and 7 allows remote attackers to execute arbitrary code by causing Internet Explorer to access an uninitialized or deleted object, related to prototype variables and table cells, aka "Uninitialized Memory Corruption Vulnerability." | ||||
| CVE-2007-1756 | 1 Microsoft | 3 Excel, Excel Viewer, Office | 2026-04-23 | N/A |
| Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, and Office Excel 2007 does not properly validate version information, which allows user-assisted remote attackers to execute arbitrary code via a crafted Excel file, aka "Calculation Error Vulnerability". | ||||
| CVE-2007-1762 | 1 Mozilla | 1 Firefox | 2026-04-23 | N/A |
| Mozilla Firefox 2.0.0.1 through 2.0.0.3 does not canonicalize URLs before checking them against the phishing site blacklist, which allows remote attackers to bypass phishing protection via multiple / (slash) characters in the URL. | ||||
| CVE-2007-1763 | 1 Microsoft | 1 Windows Vista | 2026-04-23 | N/A |
| The ATI kernel driver (atikmdag.sys) in Microsoft Windows Vista allows user-assisted remote attackers to cause a denial of service (crash) via a crafted JPG image, as demonstrated by a slideshow, possibly due to a buffer overflow. | ||||
| CVE-2007-1770 | 1 Esri | 1 Arcsde | 2026-04-23 | N/A |
| Buffer overflow in the ArcSDE service (giomgr) in Environmental Systems Research Institute (ESRI) ArcGIS before 9.2 Service Pack 2, when using three tiered ArcSDE configurations, allows remote attackers to cause a denial of service (giomgr crash) and execute arbitrary code via long parameters in crafted requests. | ||||
| CVE-2007-1772 | 1 Hp | 1 Jetdirect | 2026-04-23 | N/A |
| The FTP service in HP JetDirect print servers allows remote attackers to cause a denial of service (engine crash) via a RETR command with a long pathname. | ||||
| CVE-2007-1767 | 1 Aol | 1 Aol Client Software | 2026-04-23 | N/A |
| Unspecified vulnerability in (1) Deskbar.dll and (2) Toolbar.dll in AOL 9.0 before February 2007 allows remote attackers to cause a denial of service (browser crash) via unknown vectors. | ||||
| CVE-2007-1768 | 1 Mephisto | 2 Mephisto, Mephisto Edge | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in app/helpers/application_helper.rb in Mephisto 0.7.3 and Mephisto Edge 20070325 allows remote attackers to inject arbitrary web script or HTML via the author name field in a comment. | ||||
| CVE-2007-1785 | 2 Broadcom, Ca | 2 Brightstor Arcserve Backup, Brightstor Arcserve Backup | 2026-04-23 | N/A |
| The RPC service in mediasvr.exe in CA BrightStor ARCserve Backup 11.5 SP2 build 4237 allows remote attackers to execute arbitrary code via crafted xdr_handle_t data in RPC packets, which is used in calculating an address for a function call, as demonstrated using the 191 (0xbf) RPC request. | ||||
| CVE-2007-1787 | 1 Softerra | 1 Time-assistant | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in lib/timesheet.class.php in Softerra Time-Assistant 6.2 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) inc_dir or (2) lib_dir parameter. | ||||
| CVE-2007-1786 | 1 Hitachi | 5 Cosminexus Collaboration Portal, Groupmax Collaboration Portal, Groupmax Collaboration Web Client and 2 more | 2026-04-23 | N/A |
| SQL injection vulnerability in Hitachi Collaboration - Online Community Management 01-00 through 01-30, as used in Groupmax Collaboration Portal, Groupmax Collaboration Web Client, uCosminexus Collaboration Portal, Cosminexus Collaboration Portal, and uCosminexus Content Manager, allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2007-1788 | 1 Flyspray | 1 Flyspray | 2026-04-23 | N/A |
| Flyspray 0.9.9, when output_buffering is disabled or "set to a low value," allows remote attackers to bypass authentication via a crafted post request. | ||||
| CVE-2007-1792 | 1 Symantec | 2 Mail Security, Mail Security 8820 Appliance | 2026-04-23 | N/A |
| libdayzero.dll in the Filter Hub Service (filter-hub.exe) in Symantec Mail Security for SMTP before 5.0.1 Patch 181 and Mail Security Appliance before 5.0.0-36 allows remote attackers to cause a denial of service (crash) via a crafted executable attachment in an e-mail, involving the detection of "PE-Shield v0.2" and "ASPack v1.00-1.08.02". | ||||
| CVE-2007-1794 | 2 Mozilla, Sun | 3 Mozilla, Solaris, Sunos | 2026-04-23 | N/A |
| The Javascript engine in Mozilla 1.7 and earlier on Sun Solaris 8, 9, and 10 might allow remote attackers to execute arbitrary code via vectors involving garbage collection that causes deletion of a temporary object that is still being used. NOTE: this issue might be related to CVE-2006-3805. | ||||
| CVE-2007-1795 | 1 Jccorp | 1 Urlshrink | 2026-04-23 | N/A |
| JCcorp URLshrink 1.3.1 allows remote attackers to execute arbitrary PHP code via the email address field in an HTML link. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-1796 | 1 Jccorp | 1 Urlshrink | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in JCcorp URLshrink before 1.3.2 have unspecified attack vectors and impact. | ||||
| CVE-2007-1791 | 1 Alexscriptengine | 1 Picture-engine | 2026-04-23 | N/A |
| SQL injection vulnerability in wall.php in Picture-Engine 1.2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the cat parameter. | ||||
| CVE-2007-1798 | 1 Ibm | 1 Aix | 2026-04-23 | N/A |
| Buffer overflow in the drmgr command in IBM AIX 5.2 and 5.3 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long path name. | ||||
| CVE-2007-1799 | 1 Joris Guisson | 1 Ktorrent | 2026-04-23 | N/A |
| Directory traversal vulnerability in torrent.cpp in KTorrent before 2.1.3 only checks for the ".." string, which allows remote attackers to overwrite arbitrary files via modified ".." sequences in a torrent filename, as demonstrated by "../" sequences, due to an incomplete fix for CVE-2007-1384. | ||||