Export limit exceeded: 20044 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363781 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363781 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-0337 1 Kgb 1 Kgb 2026-04-23 N/A
Directory traversal vulnerability in sesskglogadmin.php in KGB 1.9 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the skinnn parameter, as demonstrated by invoking kg.php with a postek parameter containing PHP code, which is injected into a file in the kg directory, and then included by sesskglogadmin.php.
CVE-2007-0336 1 Rixstep 1 Undercover 2026-04-23 N/A
Undercover.app/Contents/Resources/uc in Rixstep Undercover allows local users to overwrite arbitrary files, probably related to a race condition.
CVE-2007-0335 1 Jax Scripts 1 Jax Petition Book 2026-04-23 N/A
Multiple directory traversal vulnerabilities in Jax Petition Book 1.0.3.06 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the languagepack parameter to (1) jax_petitionbook.php or (2) smileys.php.
CVE-2007-0333 1 Agnitum 1 Outpost Firewall 2026-04-23 N/A
Agnitum Outpost Firewall PRO 4.0 allows local users to bypass access restrictions and insert Trojan horse drivers into the product's installation directory by creating links using FileLinkInformation requests with the ZwSetInformationFile function, as demonstrated by modifying SandBox.sys.
CVE-2007-0328 1 Macrovision 2 Flexnet Connect, Update Service 2026-04-23 N/A
The DWUpdateService ActiveX control in the agent (agent.exe) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allows remote attackers to execute arbitrary commands via (1) the Execute method, and obtain the exit status using (2) the GetExitCode method.
CVE-2007-0326 1 Photochannel 1 Pni Digital Media Upload Plugin Activex Control 2026-04-23 N/A
Multiple stack-based buffer overflows in the PhotoChannel Networks PNI Digital Media Photo Upload Plugin ActiveX control before 2.0.0.10, as used by multiple retailers, allow remote attackers to execute arbitrary code via unspecified vectors.
CVE-2007-0325 1 Trend Micro 2 Client-server-messaging Security, Officescan Corporate Edition 2026-04-23 N/A
Multiple buffer overflows in the Trend Micro OfficeScan Web-Deployment SetupINICtrl ActiveX control in OfficeScanSetupINI.dll, as used in OfficeScan 7.0 before Build 1344, OfficeScan 7.3 before Build 1241, and Client / Server / Messaging Security 3.0 before Build 1197, allow remote attackers to execute arbitrary code via a crafted HTML document.
CVE-2007-0324 1 Lizardtech 1 Djvu Browser Plug-in 2026-04-23 N/A
Multiple buffer overflows in the LizardTech DjVu Browser Plug-in before 6.1.1 allow remote attackers to execute arbitrary code via unspecified vectors.
CVE-2007-0323 1 Rim 1 Teamon Import Object Activex Control 2026-04-23 N/A
Buffer overflow in the SetLanguage function in Research In Motion (RIM) TeamOn Import Object ActiveX control (TOImport.dll) allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2007-0322 1 Intuit 1 Quickbooks 2026-04-23 N/A
Multiple stack-based buffer overflows in the Intuit QuickBooks Online Edition ActiveX control before 10 allow remote attackers to execute arbitrary code via unspecified vectors.
CVE-2007-0321 1 Macrovision 1 Flexnet Connect 2026-04-23 N/A
Buffer overflow in the Update Service Agent ActiveX Control in isusweb.dll for Macrovision FLEXnet Connect (formerly InstallShield Update Service) allows remote attackers to execute arbitrary code via the Download method.
CVE-2007-0320 1 Macrovision 1 Installfromtheweb 2026-04-23 N/A
Multiple buffer overflows in (a) an ActiveX control (iftw.dll) and (b) Netscape plug-in (npiftw32.dll) for Macrovision (formerly InstallShield) InstallFromTheWeb allow remote attackers to execute arbitrary code via crafted HTML documents.
CVE-2007-0319 1 Motive Incorporated 2 Self Service Manager, Service Activation Manager 2026-04-23 N/A
Multiple stack-based buffer overflows in the Motive ActiveEmailTest.EmailData (ActiveUtils EmailData) ActiveX control in ActiveUtils.dll in Motive Service Activation Manager 5.1 and Self Service Manager 5.1 and earlier allow remote attackers to execute arbitrary code via unspecified vectors.
CVE-2007-0318 1 Apple 1 Mac Os X 2026-04-23 N/A
The do_hfs_truncate function in Mac OS X 10.4.8 allows context-dependent attackers to cause a denial of service (kernel panic) via a crafted HFS+ filesystem in a DMG image, which causes an access of an invalid vnode structure during file removal.
CVE-2007-1015 1 Aktueldownload 1 Aktueldownload Haber Script 2026-04-23 N/A
SQL injection vulnerability in HaberDetay.asp in Aktueldownload Haber script allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-0317 1 Filezilla 1 Filezilla 2026-04-23 N/A
Format string vulnerability in the LogMessage function in FileZilla before 3.0.0-beta5 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted arguments. NOTE: some of these details are obtained from third party information.
CVE-2007-0313 1 Gonicus 1 Gonicus System Administration 2026-04-23 N/A
Unspecified vulnerability in GONICUS System Administration (GOsa) before 2.5.8 allows remote authenticated users to modify certain settings, including the admin password, via crafted POST requests.
CVE-2007-0312 1 Wcsimple Poll 1 Wcsimple Poll 2026-04-23 N/A
wcSimple Poll stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain password hashes via a direct request for password.txt.
CVE-2007-0310 1 Bmc 1 Remedy Action Request System 2026-04-23 N/A
BMC Remedy Action Request System 5.01.02 Patch 1267 generates different error messages for failed login attempts with a valid username than for those with an invalid username, which allows remote attackers to determine valid account names.
CVE-2007-0304 1 Mint 1 Haber Sistemi 2026-04-23 N/A
SQL injection vulnerability in duyuru.asp in MiNT Haber Sistemi 2.7 allows remote attackers to execute arbitrary SQL commands via the id parameter.