Export limit exceeded: 359347 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359347 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-2791 | 1 Hp | 1 Tru64 | 2026-04-23 | N/A |
| Unspecified vulnerability in the Secure Shell (SSH) in HP Tru64 UNIX 5.1B-4 and 5.1B-3 allows remote attackers to identify valid users via unspecified vectors, probably related to timing attacks and AuthInteractiveFailureRandomTimeout. | ||||
| CVE-2007-2792 | 1 Com Yanc | 1 Com Yanc | 2026-04-23 | N/A |
| SQL injection vulnerability in the Yet another Newsletter Component (aka YaNC or com_yanc) component before 1.5 beta 3 for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter to index.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-2793 | 1 Geeklog | 1 Geeklog | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in ImageImageMagick.php in Geeklog 2.x allows remote attackers to execute arbitrary PHP code via a URL in the glConf[path_system] parameter. | ||||
| CVE-2007-2795 | 1 Ipswitch | 1 Imail | 2026-04-23 | N/A |
| Multiple buffer overflows in Ipswitch IMail before 2006.21 allow remote attackers or authenticated users to execute arbitrary code via (1) the authentication feature in IMailsec.dll, which triggers heap corruption in the IMail Server, or (2) a long SUBSCRIBE IMAP command, which triggers a stack-based buffer overflow in the IMAP Daemon. | ||||
| CVE-2007-2796 | 1 Arris | 1 Cadant C3 Cmts | 2026-04-23 | N/A |
| Arris Cadant C3 CMTS allows remote attackers to cause a denial of service (service termination) via a malformed IP packet with an invalid IP option. | ||||
| CVE-2009-1057 | 1 Microsmarts | 1 Zipitfast\! | 2026-04-23 | N/A |
| MicroSmarts Enterprise ZipItFast! 3.0 allows remote attackers to execute arbitrary code via a crafted .zip file that triggers memory corruption, related to a "format string buffer overflow." NOTE: CVE has not investigated whether the specified file.zip file can be used for exploitation of this product. | ||||
| CVE-2007-2800 | 1 Eticket | 1 Eticket | 2026-04-23 | N/A |
| index.php in eTicket 1.5.5.1 and earlier allows remote attackers to obtain sensitive information via the (1) name[], (2) email[], (3) phone[], or (4) subject[] parameters, which reveals the installation path in the resulting error messages. | ||||
| CVE-2007-2801 | 1 Eticket | 1 Eticket | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in open.php in eTicket 1.5.5 and 1.5.5.1, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) err and (2) warn parameters. NOTE: the vendor disputes the significance of the issue, stating that "eTicket is not designed to work with register_globals On." | ||||
| CVE-2007-2802 | 1 Rm | 1 Rm Easymail Plus | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in cp/ps/Main/login/Login in RM EasyMail Plus allows remote attackers to inject arbitrary web script or HTML via the d parameter. | ||||
| CVE-2007-2803 | 1 Vizayn Urun | 1 Tanitim Sitesi | 2026-04-23 | N/A |
| SQL injection vulnerability in default.asp in Vizayn Urun Tanitim Sitesi 0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a haberdetay action. | ||||
| CVE-2007-2804 | 1 Candypress | 1 Candypress Store | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in scripts/prodList.asp in CandyPress Store 3.5.2.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) brand and (2) Msg parameters. | ||||
| CVE-2007-2805 | 1 Clientexec | 1 Clientexec | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in ClientExec (CE) 3.0 beta2, and possibly other versions, allow remote attackers to inject arbitrary web script or HTML via the (1) ticketID, (2) view, and (3) fuse parameters. | ||||
| CVE-2007-2806 | 1 Galix | 1 Galix | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in GaliX 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) galix_cat_detail, (2) galix_gal_detail, and (3) galix_cat_detail_sort parameters. | ||||
| CVE-2007-2808 | 2 Gnu, Yngve Svendsen | 2 Gnats, Gnatsweb | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in gnatsweb.pl in Gnatsweb 4.00 and Gnats 4.1.99 allows remote attackers to inject arbitrary web script or HTML via the database parameter. | ||||
| CVE-2007-2809 | 1 Opera | 1 Opera Browser | 2026-04-23 | N/A |
| Buffer overflow in the transfer manager in Opera before 9.21 for Windows allows user-assisted remote attackers to execute arbitrary code via a crafted torrent file. NOTE: due to the lack of details, it is not clear if this is the same issue as CVE-2007-2274. | ||||
| CVE-2007-2810 | 1 Gazi Download Portal | 1 Gazi Download Portal | 2026-04-23 | N/A |
| SQL injection vulnerability in down_indir.asp in Gazi Download Portal allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-2811 | 1 Osk | 1 Advance-flow | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in OSK Advance-Flow 4.41 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2007-2812 | 1 Hlstats | 1 Hlstats | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in hlstats.php in HLstats 1.35, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO or (2) the action parameter. | ||||
| CVE-2007-2813 | 1 Cisco | 1 Ios Transmission Control Protocol | 2026-04-23 | N/A |
| Cisco IOS 12.4 and earlier, when using the crypto packages and SSL support is enabled, allows remote attackers to cause a denial of service via a malformed (1) ClientHello, (2) ChangeCipherSpec, or (3) Finished message during an SSL session. | ||||
| CVE-2007-2817 | 1 Ol Bookmarks | 1 Ol Bookmarks | 2026-04-23 | N/A |
| SQL injection vulnerability in read/index.php in ol'bookmarks 0.7.4 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||