Export limit exceeded: 20040 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363151 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363151 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363151 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-1647 1 Moodle 1 Moodle 2026-04-23 N/A
Moodle 1.5.2 and earlier stores sensitive information under the web root with insufficient access control, and provides directory listings, which allows remote attackers to obtain user names, password hashes, and other sensitive information via a direct request for session (sess_*) files in moodledata/sessions/.
CVE-2007-1648 1 Dev0.de 1 0irc 2026-04-23 N/A
0irc 1345 build 20060823 allows remote attackers to cause a denial of service (application crash) by operating an IRC server that sends a long string to a client, which triggers a NULL pointer dereference.
CVE-2007-1649 1 Php 1 Php 2026-04-23 N/A
PHP 5.2.1 allows context-dependent attackers to read portions of heap memory by executing certain scripts with a serialized data input string beginning with S:, which does not properly track the number of input bytes being processed.
CVE-2007-1650 1 Pcapsipdump 1 Pcapsipdump 2026-04-23 N/A
pcapsipdump.cpp in pcapsipdump before 0.1.3 allows remote attackers to cause a denial of service (application crash) via a malformed SIP packet, which results in a NULL pointer dereference.
CVE-2007-1651 1 Openid 1 Openid 2026-04-23 N/A
Cross-site request forgery (CSRF) vulnerability in OpenID allows remote attackers to restore the login session of a user on an OpenID enabled site via unspecified vectors related to an arbitrary remote web site and cached tokens, after the user has signed into an OpenID server, logged into the OpenID enabled site, and then logged out of the OpenID enabled site.
CVE-2007-1652 1 Openid 1 Openid 2026-04-23 N/A
OpenID allows remote attackers to forcibly log a user into an OpenID enabled site, divulge the user's personal information to this site, and add it site to the trusted sites list via a crafted web page, related to cached tokens.
CVE-2007-1653 1 Glowworm 1 Glowworm 2026-04-23 N/A
GlowWorm FW before 1.5.3b4 allows remote attackers to cause a denial of service (kernel panic) via certain DNS responses that trigger infinite recursion in TrueDNS packet parsing, as originally observed with certain login.yahoo.com responses.
CVE-2007-1654 1 Netsieben 1 Netsieben Ssh Library 2026-04-23 N/A
Buffer overflow in the Ne7sshSftp::addOpenHandle function in ne7ssh_sftp.cpp in NetSieben SSH Library (ne7ssh) before 1.2.1 allows user-assisted remote SFTP servers to cause a denial of service (crash) or possibly execute arbitrary code via multiple file transfers, related to multiple open file handles in SFTP (1) put and (2) get operations.
CVE-2007-1655 1 Tinymux 1 Tinymux 2026-04-23 N/A
Buffer overflow in the fun_ladd function in funmath.cpp in TinyMUX before 20070126 might allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors related to lists of numbers.
CVE-2007-1656 1 Katalog Plyt Audio 1 Katalog Plyt Audio 2026-04-23 N/A
Multiple SQL injection vulnerabilities in index.php in Katalog Plyt Audio 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) fraza and (2) litera parameters, different vectors than CVE-2007-1612. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-1657 1 Python Software Foundation 1 Python 2026-04-23 N/A
Stack-based buffer overflow in the file_compress function in minigzip (Modules/zlib) in Python 2.5 allows context-dependent attackers to execute arbitrary code via a long file argument.
CVE-2007-1658 1 Microsoft 1 Windows Vista 2026-04-23 N/A
Windows Mail in Microsoft Windows Vista might allow user-assisted remote attackers to execute certain programs via a link to a (1) local file or (2) UNC share pathname in which there is a directory with the same base name as an executable program at the same level, as demonstrated using C:/windows/system32/winrm (winrm.cmd) and migwiz (migwiz.exe).
CVE-2007-1659 2 Pcre, Redhat 2 Pcre, Enterprise Linux 2026-04-23 N/A
Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via regex patterns containing unmatched "\Q\E" sequences with orphan "\E" codes.
CVE-2007-1660 2 Pcre, Redhat 2 Pcre, Enterprise Linux 2026-04-23 N/A
Perl-Compatible Regular Expression (PCRE) library before 7.0 does not properly calculate sizes for unspecified "multiple forms of character class", which triggers a buffer overflow that allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code.
CVE-2007-1661 2 Apple, Pcre 3 Mac Os X, Mac Os X Server, Perl-compatible Regular Expression Library 2026-04-23 N/A
Perl-Compatible Regular Expression (PCRE) library before 7.3 backtracks too far when matching certain input bytes against some regex patterns in non-UTF-8 mode, which allows context-dependent attackers to obtain sensitive information or cause a denial of service (crash), as demonstrated by the "\X?\d" and "\P{L}?\d" patterns.
CVE-2007-1663 2 Debian, Ekg 2 Debian Linux, Ekg 2026-04-23 N/A
Memory leak in the image message functionality in ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service.
CVE-2007-1664 2 Debian, Ekg 2 Debian Linux, Ekg 2026-04-23 N/A
ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service (NULL pointer dereference) via a vector related to the token OCR functionality.
CVE-2007-1665 2 Debian, Ekg 2 Debian Linux, Ekg 2026-04-23 N/A
Memory leak in the token OCR functionality in ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service.
CVE-2007-1666 1 Datarescue 1 Ida Pro 2026-04-23 N/A
The processor_request function in the debugger server for DataRescue IDA Pro 5.0 and 5.1 does not verify that authentication has taken place before invoking the perform_request function, which allows remote attackers to perform unauthorized actions.
CVE-2007-1667 4 Canonical, Debian, Redhat and 1 more 4 Ubuntu Linux, Debian Linux, Enterprise Linux and 1 more 2026-04-23 N/A
Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images with large or negative values that trigger a buffer overflow.