Export limit exceeded: 363335 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363335 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-0472 1 Smb4k 1 Smb4k 2026-04-23 N/A
Multiple race conditions in Smb4K before 0.8.0 allow local users to (1) modify arbitrary files via unspecified manipulations of Smb4K's lock file, which is not properly handled by the remove_lock_file function in core/smb4kfileio.cpp, and (2) add lines to the sudoers file via a symlink attack on temporary files, which isn't properly handled by the writeFile function in core/smb4kfileio.cpp.
CVE-2007-1077 1 Design4online 1 Userpages2 2026-04-23 N/A
SQL injection vulnerability in page.asp in Design4Online UserPages2 2.0 allows remote attackers to execute arbitrary SQL commands via the art_id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-2649 1 T-com 1 Speedport W 700v 2026-04-23 N/A
Deutsche Telekom (T-com) Speedport W 700v uses JavaScript delays for invalid authentication attempts to the CGI script, which allows remote attackers to bypass the delays and conduct brute-force attacks via direct calls to the authentication CGI script.
CVE-2007-2650 2 Clamav, Debian 2 Clamav, Debian Linux 2026-04-23 N/A
The OLE2 parser in Clam AntiVirus (ClamAV) allows remote attackers to cause a denial of service (resource consumption) via an OLE2 file with (1) a large property size or (2) a loop in the FAT file block chain that triggers an infinite loop, as demonstrated via a crafted DOC file.
CVE-2006-6879 1 Php-update 1 Php-update 2026-04-23 N/A
Unrestricted file upload vulnerability in admin/uploads.php in PHP-Update 2.7 and earlier allows remote authenticated users to upload arbitrary PHP scripts to the gfx/ and files/ directories via the userfile parameter.
CVE-2007-0473 1 Smb4k 1 Smb4k 2026-04-23 N/A
The writeFile function in core/smb4kfileio.cpp in Smb4K before 0.8.0 does not preserve /etc/sudoers permissions across modifications, which allows local users to obtain sensitive information (/etc/sudoers contents) by reading this file.
CVE-2007-2651 1 Voodoo Circle 1 Voodoo Circle 2026-04-23 N/A
Multiple off-by-one errors in VooDoo cIRCle before 1.1.beta27 allow remote attackers to cause a denial of service (connection loss) or possibly execute arbitrary code via a (1) DNS name response of the exact length as a buffer; or a long (2) channel name, (3) partyline channel name, or unspecified vectors in crafted BOTNET packets.
CVE-2007-2652 1 Free-sa 1 Free-sa 2026-04-23 N/A
Multiple unspecified vulnerabilities in Free-SA before 1.2.2 allow remote attackers to execute arbitrary code via unspecified vectors involving certain (1) sprintf and (2) vsprintf calls in (a) r_index.c, (b) r_reports.c, (c) r_topsites.c, (d) r_topuser.c, (e) r_typical.c, (f) r_userdatetime.c, and (g) r_users.c in reports/; and (h) w_fs.c, (i) w_internal.c, and (j) w_log_operations.c in work/, probably related to buffer overflows. NOTE: some of these details are obtained from third party information.
CVE-2006-5254 1 Mamboxchange 1 Extended Registration 2026-04-23 N/A
PHP remote file inclusion vulnerability in registration_detailed.inc.php in Mark Van Bellen Detailed User Registration (com_registration_detailed), aka regdetailed, 4.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVE-2007-2654 2 Suse, Xfsdump 8 Opensuse, Suse Linux, Suse Linux Openexchange Server and 5 more 2026-04-23 N/A
xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems.
CVE-2007-2655 1 Netwin 2 Surgemail, Webmail 2026-04-23 N/A
Unspecified vulnerability in NetWin Webmail 3.1s-1 in SurgeMail before 3.8i2 has unknown impact and remote attack vectors, possibly a format string vulnerability that allows remote code execution.
CVE-2006-5257 1 Ciamos 1 Ciamos Cms 2026-04-23 N/A
PHP remote file inclusion vulnerability in modules/forum/include/config.php in Ciamos Content Management System (CMS) 0.9.6b and earlier allows remote attackers to execute arbitrary PHP code via a URL in the module_cache_path parameter.
CVE-2007-2656 1 Hp 1 Hpqvwocx.dll 2026-04-23 N/A
Stack-based buffer overflow in the Hewlett-Packard (HP) Magview ActiveX control in hpqvwocx.dll 1.0.0.309 allows remote attackers to cause a denial of service (application crash) and possibly have other impact via a long argument to the DeleteProfile method.
CVE-2007-2657 1 Precisionid Barcode 1 Precisionid Barcode 2026-04-23 N/A
Unspecified vulnerability in the PrecisionID Barcode 1.3 ActiveX control in PrecisionID_DataMatrix.DLL allows remote attackers to cause a denial of service via a long argument to the SaveBarCode method.
CVE-2007-2658 1 Id Automation 1 Linear Barcode 2026-04-23 N/A
Unspecified vulnerability in the ID Automation Linear Barcode 1.6.0.5 ActiveX control in IDAutomationLinear6.dll allows remote attackers to cause a denial of service via a long argument to the SaveEnhWMF method.
CVE-2007-2659 1 Bugada Andrea 1 Php Advanced Transfer Manager 2026-04-23 N/A
Directory traversal vulnerability in index.php in PHP Advanced Transfer Manager (phpATM) 1.30 allows remote attackers to read arbitrary files and obtain script source code via a .. (dot dot) in the directory parameter in a downloadfile action.
CVE-2007-2661 1 Drumster 1 Blogme 2026-04-23 N/A
SQL injection vulnerability in archshow.asp in BlogMe 3.0 allows remote attackers to execute arbitrary SQL commands via the var parameter, a different vector than CVE-2006-5976.
CVE-2007-2662 1 Efestech Haber 1 Efestech Haber 2026-04-23 N/A
SQL injection vulnerability in EfesTECH Haber 5.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to the top-level URI.
CVE-2007-2666 2 Notepad\+\+, Scintilla 2 Notepad\+\+, Scintilla 2026-04-23 N/A
Stack-based buffer overflow in LexRuby.cxx (SciLexer.dll) in Scintilla 1.73, as used by notepad++ 4.1.1 and earlier, allows user-assisted remote attackers to execute arbitrary code via certain Ruby (.rb) files with long lines. NOTE: this was originally reported as a vulnerability in notepad++.
CVE-2007-2667 1 Db Soft Lab 1 Vimp X 2026-04-23 N/A
Buffer overflow in the DB Software Laboratory VImpX ActiveX control in VImpX.ocx 4.7.3 allows remote attackers to execute arbitrary code via a long LogFile parameter.