Export limit exceeded: 348072 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (348072 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-0271 | 1 Oracle | 1 Database Server | 2026-04-23 | N/A |
| Unspecified vulnerability in Oracle Database 9.0.1.5 and 9.2.0.7 has unknown impact and attack vectors related to the Log Miner component and sys.dbms_log_mnr privileges, aka DB04. NOTE: Oracle has not disputed a reliable researcher claim that this is a buffer overflow in the ADD_LOGFILE procedure for the SYS.DBMS_LOGMNR package that allows code execution. | ||||
| CVE-2007-0272 | 1 Oracle | 1 Database Server | 2026-04-23 | N/A |
| Multiple buffer overflows in MDSYS.MD in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 allows remote authenticated users to cause a denial of service (crash) or execute arbitrary code via unspecified vectors involving certain public procedures, aka DB05. | ||||
| CVE-2007-2096 | 1 Hinton Design | 1 Phphd Download System | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in common.php in Hinton Design PHPHD Download System (phphd_downloads) allows remote attackers to execute arbitrary PHP code via a URL in the phphd_real_path parameter. NOTE: this issue may be present in versions from 2006. | ||||
| CVE-2007-0274 | 1 Oracle | 1 Database Server | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in Oracle Database 9.2.0.7 and 10.1.0.5 have unknown impact and attack vectors related to (1) Export and sys.dbms_logrep_util (DB08), and (2) Oracle Streams and sys.dbms_capture_adm_internal privileges (DB09). NOTE: Oracle has not disputed reliable researcher claims that DB08 is for a buffer overflow in the GET_OBJECT_NAME procedure in the DBMS_LOGREP_UTIL package, and DB09 is for buffer overflows in the CREATE_CAPTURE, ALTER_CAPTURE, and ABORT_TABLE_INSTANTIATION procedures in SYS.DBMS_CAPTURE_ADM_INTERNAL. | ||||
| CVE-2007-2935 | 1 Fundanemt | 1 Fundanemt | 2026-04-23 | N/A |
| core/spellcheck/spellcheck.php in Fundanemt before 2.2.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the dict parameter. | ||||
| CVE-2007-0279 | 1 Oracle | 2 E-business Suite, Http Server | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in Oracle HTTP Server 9.2.0.8 and Oracle E-Business Suite and Applications 11.5.10CU2 have unknown impact and attack vectors, aka (1) OHS01, (2) OHS02, (3) OHS05, (4) OHS06, and (5) OHS07. | ||||
| CVE-2007-0280 | 1 Oracle | 3 Application Server, Collaboration Suite, Http Server | 2026-04-23 | N/A |
| Unspecified vulnerability in Oracle HTTP Server 9.0.1.5, Application Server 9.0.4.3, 10.1.2.0.0, 10.1.2.0.2, and 10.1.2.2; and Collaboration Suite 9.0.4.2 and 10.1.2; has unknown impact and attack vectors related to the Oracle Process Mgmt & Notification component, aka OPMN01. NOTE: as of 20070123, Oracle has not disputed claims by a reliable researcher that OPMN01 is for a buffer overflow in Oracle Notification Service (ONS). | ||||
| CVE-2007-2097 | 1 Openconcept | 1 Back-end Cms | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in OpenConcept Back-End CMS 0.4.7 allow remote attackers to execute arbitrary PHP code via a URL in the includes_path parameter to (1) click.php or (2) pollcollector.php in htdocs/; or (3) index.php, (4) articlepages.php, (5) articles.php, (6) articleform.php, (7) articlesections.php, (8) createArticlesPage.php, (9) guestbook.php, (10) helpguide.php, (11) helpguideeditor.php, (12) links.php, (13) upload.php, (14) sitestatistics.php, (15) nav.php, (16) tpl_upload.php, (17) linksections, or (18) pophelp.php in htdocs/site-admin/; different vectors than CVE-2006-5076. NOTE: this issue is disputed by a third party, who states that $includes_path is defined before use | ||||
| CVE-2007-0287 | 1 Oracle | 2 Application Server, Collaboration Suite | 2026-04-23 | N/A |
| Unspecified vulnerability in Oracle Application Server 9.0.4.3, 10.1.2.0.0, and 10.1.2.0.2; and Collaboration Suite 9.0.4.2 and 10.1.2; has unknown impact and attack vectors related to Containers for J2EE, aka OC4J08. | ||||
| CVE-2007-0288 | 1 Oracle | 1 Application Server | 2026-04-23 | N/A |
| Unspecified vulnerability in Oracle Application Server 10.1.4.0 has unknown impact and attack vectors related to Oracle Internet Directory, aka OID01. | ||||
| CVE-2007-0289 | 1 Oracle | 1 Application Server | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in Oracle Collaboration Suite 9.0.4.2 have unknown impact and attack vectors related to Oracle Containers for J2EE, aka (1) OC4J01, (2) OC4J05, and (3) OC4J06. | ||||
| CVE-2007-2098 | 1 Wabbit | 1 Wabbit Php Gallery | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in showpic.php in Wabbit PHP Gallery 0.9 allow remote attackers to inject arbitrary web script or HTML via the (1) pic and (2) gal parameters. | ||||
| CVE-2007-0290 | 1 Oracle | 1 E-business Suite | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10CU2 have unknown impact and attack vectors related to (1) Application Object Library (APPS01), (2) Human Resources (APPS03), (3) Payables (APPS04), (4) Trading Community Architecture (APPS05), and (5) Web Applications Desktop Integrator (APPS06). | ||||
| CVE-2007-2099 | 1 Openconcept | 1 Back-end Cms | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in htdocs/php.php in OpenConcept Back-End CMS 0.4.7 allows remote attackers to inject arbitrary web script or HTML via the page[] parameter. | ||||
| CVE-2007-2936 | 1 Frequency Clock | 1 Frequency Clock | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Frequency Clock 0.1b (Beta 0.1) allow remote attackers to execute arbitrary PHP code via a URL in the securelib parameter to (1) conf.php or (2) cp2.php. | ||||
| CVE-2007-0291 | 1 Oracle | 1 E-business Suite | 2026-04-23 | N/A |
| Unspecified vulnerability in Oracle E-Business Suite and Applications 6.2.3 has unknown impact and attack vectors related to Oracle Exchange, aka APPS02. | ||||
| CVE-2007-0292 | 1 Oracle | 1 Enterprise Manager | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in Oracle Enterprise Manager 10.1.0.5 have unknown impact and attack vectors related to Oracle Agent, aka (1) EM01 and (2) EM02. NOTE: EM05 might be related to CVE-2007-0222. | ||||
| CVE-2007-0293 | 1 Oracle | 1 Enterprise Manager | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in Oracle Enterprise Manager 10.1.0.5 and 10.2.0.1 have unknown impact and attack vectors related to (1) Oracle Agent (EM03) and (2) EM04 and (3) EM05 in Enterprise Manager Console. NOTE: EM05 might be related to CVE-2007-0222. | ||||
| CVE-2007-0296 | 1 Oracle | 2 Enterpriseone, Peoplesoft Enterprise | 2026-04-23 | N/A |
| Unspecified vulnerability in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.13, 8.47.11, and 8.48.06 has unknown impact and attack vectors in PeopleTools, aka PSE02. | ||||
| CVE-2007-0305 | 1 Okulsistem Okul Web | 1 Otomasyon Sistemi | 2026-04-23 | N/A |
| SQL injection vulnerability in etkinlikbak.asp in Okul Web Otomasyon Sistemi 4.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||