Export limit exceeded: 19677 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 359330 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359330 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-2869 | 2 Mozilla, Redhat | 2 Firefox, Enterprise Linux | 2026-04-23 | N/A |
| The form autocomplete feature in Mozilla Firefox 1.5.x before 1.5.0.12, 2.x before 2.0.0.4, and possibly earlier versions, allows remote attackers to cause a denial of service (persistent temporary CPU consumption) via a large number of characters in a submitted form. | ||||
| CVE-2007-2870 | 2 Mozilla, Redhat | 3 Firefox, Seamonkey, Enterprise Linux | 2026-04-23 | N/A |
| Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to bypass the same-origin policy and conduct cross-site scripting (XSS) and other attacks by using the addEventListener method to add an event listener for a site, which is executed in the context of that site. | ||||
| CVE-2007-2871 | 2 Mozilla, Redhat | 3 Firefox, Seamonkey, Enterprise Linux | 2026-04-23 | N/A |
| Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to spoof or hide the browser chrome, such as the location bar, by placing XUL popups outside of the browser's content pane. NOTE: this issue can be leveraged for phishing and other attacks. | ||||
| CVE-2007-2885 | 1 Microsoft | 1 Visual Database Tools Database Designer | 2026-04-23 | N/A |
| The NotSafe function in the MSVDTDatabaseDesigner7 ActiveX control in VDT70.DLL in Microsoft Visual Database Tools (MSVDT) Database Designer 7.0 allows remote attackers to cause a denial of service (Internet Explorer 6 crash) via a long argument. | ||||
| CVE-2007-2886 | 1 Nortel | 1 Communications Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the Nortel CS 1000 M media card in Enterprise VoIP-Core-CS 1000E, 1000M, and 1000S 04.50W before 20070523 in Meridian/CS 1000 allows remote attackers to cause a denial of service (card hang) via unspecified vectors. | ||||
| CVE-2007-2887 | 1 Forsnet | 1 Web Icerik Yonetim Sistemi | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Web Icerik Yonetim Sistemi (WIYS) 1.0 allows remote attackers to inject arbitrary web script or HTML via the No parameter in the Sayfa page. | ||||
| CVE-2007-2888 | 1 Ezb Systems | 1 Ultraiso | 2026-04-23 | N/A |
| Stack-based buffer overflow in UltraISO 8.6.2.2011 and earlier allows user-assisted remote attackers to execute arbitrary code via a long FILE string (filename) in a .cue file, a related issue to CVE-2007-2761. NOTE: some details are obtained from third party information. | ||||
| CVE-2007-2889 | 1 Dokeos | 1 Open Source Learning And Knowledge Management Tool | 2026-04-23 | N/A |
| SQL injection vulnerability in tracking/courseLog.php in Dokeos 1.6.5 and earlier allows remote attackers to execute arbitrary SQL commands via the scormcontopen parameter. | ||||
| CVE-2007-2890 | 1 Cpcommerce | 1 Cpcommerce | 2026-04-23 | N/A |
| SQL injection vulnerability in category.php in cpCommerce 1.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id_category parameter. | ||||
| CVE-2007-2891 | 1 Firmworx | 1 Firmworx | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in FirmWorX 0.1.2 allow remote attackers to execute arbitrary PHP code via a URL in the (1) bank_data[root] parameter to modules/bank/includes/design/main.inc.php, or the (2) fm_data[root] parameter to (a) includes/config/master.inc.php or (b) includes/functions/master.inc.php. | ||||
| CVE-2007-2892 | 1 Asp-nuke | 1 Asp-nuke | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in news.asp in ASP-Nuke 2.0.7 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-2893 | 1 Bochs Project | 1 Bochs | 2026-04-23 | N/A |
| Heap-based buffer overflow in the bx_ne2k_c::rx_frame function in iodev/ne2k.cc in the emulated NE2000 device in Bochs 2.3 allows local users of the guest operating system to write to arbitrary memory locations and gain privileges on the host operating system via vectors that cause TXCNT register values to exceed the device memory size, aka "RX Frame heap overflow." | ||||
| CVE-2007-2895 | 1 Lead Technologies | 1 Leadtools Raster Dialog File Object | 2026-04-23 | N/A |
| Buffer overflow in a certain ActiveX control in LTRDF14e.DLL 14.5.0.44 in LeadTools Raster Dialog File Object allows remote attackers to execute arbitrary code via a long Directory property value. | ||||
| CVE-2007-2896 | 2 Microsoft, Symantec | 2 All Windows, Enterprise Security Manager | 2026-04-23 | N/A |
| Race condition in the Symantec Enterprise Security Manager (ESM) 6.5.3 managers and agents on Windows before 20070524 allows remote attackers to cause a denial of service (CPU consumption and application hang) via certain network scans to ESM ports. | ||||
| CVE-2008-3076 | 1 Vim | 1 Vim | 2026-04-23 | N/A |
| The Netrw plugin 125 in netrw.vim in Vim 7.2a.10 allows user-assisted attackers to execute arbitrary code via shell metacharacters in filenames used by the execute and system functions within the (1) mz and (2) mc commands, as demonstrated by the netrw.v2 and netrw.v3 test cases. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2008-2712. | ||||
| CVE-2009-1061 | 2 Adobe, Redhat | 2 Acrobat Reader, Rhel Extras | 2026-04-23 | N/A |
| Unspecified vulnerability in Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 might allow remote attackers to execute arbitrary code via unknown attack vectors related to JBIG2 and "input validation," a different vulnerability than CVE-2009-0193 and CVE-2009-1062. | ||||
| CVE-2007-2761 | 1 Magiciso | 1 Magiciso | 2026-04-23 | N/A |
| Stack-based buffer overflow in MagicISO 5.4 build 239 and earlier allows remote attackers to execute arbitrary code via a long filename in a .cue file. | ||||
| CVE-2007-2760 | 1 Adempiere | 1 Adempiere | 2026-04-23 | N/A |
| The canUpdate function in model/MRole.java in Adempiere before 3.1.6 does not properly validate user roles, which allows remote authenticated read-only users to gain read-write privileges. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2009-1048 | 1 Snom | 10 Snom 300, Snom 300 Firmware, Snom 320 and 7 more | 2026-04-23 | 9.8 Critical |
| The web interface on the snom VoIP phones snom 300, snom 320, snom 360, snom 370, and snom 820 with firmware 6.5 before 6.5.20, 7.1 before 7.1.39, and 7.3 before 7.3.14 allows remote attackers to bypass authentication, and reconfigure the phone or make arbitrary use of the phone, via a (1) http or (2) https request with 127.0.0.1 in the Host header. | ||||
| CVE-2007-2751 | 1 Phpglossar | 1 Phpglossar | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in PHPGlossar 0.8 allow remote attackers to execute arbitrary PHP code via a URL in the format_menue parameter to (1) admin/inc/change_action.php or (2) admin/inc/add.php. | ||||