Export limit exceeded: 357798 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (357798 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-5398 | 2 Redhat, Samba | 3 Enterprise Linux, Rhel Eus, Samba | 2026-04-23 | N/A |
| Stack-based buffer overflow in the reply_netbios_packet function in nmbd/nmbd_packets.c in nmbd in Samba 3.0.0 through 3.0.26a, when operating as a WINS server, allows remote attackers to execute arbitrary code via crafted WINS Name Registration requests followed by a WINS Name Query request. | ||||
| CVE-2007-5397 | 1 Activepdf | 1 Server | 2026-04-23 | N/A |
| Heap-based buffer overflow in the activePDF Server service (aka APServer.exe) in activePDF Server 3.8.4 and 3.8.5.14, and possibly other versions before 3.8.6.16, allows remote attackers to execute arbitrary code via a packet with a size field that is less than the actual size of the data. | ||||
| CVE-2007-5396 | 1 Miranda-im | 1 Miranda Im | 2026-04-23 | N/A |
| Format string vulnerability in the ext_yahoo_contact_added function in yahoo.c in Miranda IM 0.7.1 allows remote attackers to execute arbitrary code via a Y7 Buddy Authorization packet with format string specifiers in the contact Yahoo! handle (who). | ||||
| CVE-2007-5395 | 2 Abiword, Link Grammar | 2 Abiword Link Grammar, Link Grammar | 2026-04-23 | N/A |
| Stack-based buffer overflow in the separate_word function in tokenize.c in Link Grammar 4.1b and possibly other versions, as used in AbiWord Link Grammar 4.2.4, allows remote attackers to execute arbitrary code via a long word, as reachable through the separate_sentence function. | ||||
| CVE-2007-5394 | 1 Adobe | 1 Pagemaker | 2026-04-23 | N/A |
| Stack-based buffer overflow in AldFs32.dll in Adobe PageMaker 7.0.1 and 7.0.2 allows user-assisted remote attackers to execute arbitrary code via a .PMD file with a crafted font structure, a different vulnerability than CVE-2007-5169 and CVE-2007-6432. | ||||
| CVE-2007-5240 | 2 Redhat, Sun | 4 Rhel Extras, Jdk, Jre and 1 more | 2026-04-23 | N/A |
| Visual truncation vulnerability in the Java Runtime Environment in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier allows remote attackers to circumvent display of the untrusted-code warning banner by creating a window larger than the workstation screen. | ||||
| CVE-2007-5241 | 1 Hp | 1 Openvms | 2026-04-23 | N/A |
| Buffer overflow in NET$CSMACD.EXE in HP OpenVMS 8.3 and earlier allows local users to cause a denial of service (machine crash) via the "MCR MCL SHOW CSMA-CD Port * All" command, which overwrites a Non-Paged Pool Packet. | ||||
| CVE-2007-5242 | 1 Hp | 1 Openvms | 2026-04-23 | N/A |
| Unspecified vulnerability in (1) SYS$EI1000.EXE and (2) SYS$EI1000_MON.EXE in HP OpenVMS 8.3 and earlier allows remote attackers to cause a denial of service (machine crash) via an "oversize" packet, which is not properly discarded if "the device has no remaining buffers after receipt of the first buffer segment." | ||||
| CVE-2007-5243 | 1 Borland Software | 1 Interbase | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 through 8.1.0.253, and WI 5.1.1.680 through 8.1.0.257, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the (a) SVC_attach or (b) INET_connect function, (2) a long create request on TCP port 3050 to the (c) isc_create_database or (d) jrd8_create_database function, (3) a long attach request on TCP port 3050 to the (e) isc_attach_database or (f) PWD_db_aliased function, or unspecified vectors involving the (4) jrd8_attach_database or (5) expand_filename2 function. | ||||
| CVE-2007-5244 | 1 Borland Software | 1 Interbase | 2026-04-23 | N/A |
| Stack-based buffer overflow in Borland InterBase LI 8.0.0.53 through 8.1.0.253 on Linux, and possibly unspecified versions on Solaris, allows remote attackers to execute arbitrary code via a long attach request on TCP port 3050 to the open_marker_file function. | ||||
| CVE-2007-5245 | 1 Firebirdsql | 1 Firebird | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in Firebird LI 1.5.3.4870 and 1.5.4.4910, and WI 1.5.3.4870 and 1.5.4.4910, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the SVC_attach function or (2) unspecified vectors involving the INET_connect function. | ||||
| CVE-2007-5248 | 2 Id Software, Take2games | 3 Doom 3, Quake 4, Prey | 2026-04-23 | N/A |
| Multiple format string vulnerabilities in the ID Software Doom 3 engine, as used by Doom 3 1.3.1 and earlier, Quake 4 1.4.2 and earlier, and Prey 1.3 and earlier, when Punkbuster (PB) is enabled, allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in (1) a PB_Y packet to the YPG server or (2) a PB_U packet to UCON. NOTE: this issue might be in Punkbuster itself, but there are insufficient details to be certain. | ||||
| CVE-2007-5250 | 1 Americasarmy | 2 America\'s Army, America\'s Army Special Forces | 2026-04-23 | N/A |
| The Windows dedicated server for the Unreal engine, as used by America's Army and America's Army Special Forces 2.8.2 and earlier, when Punkbuster (PB) is enabled, allows remote attackers to cause a denial of service (server hang) via packets containing 0x07 characters or other unspecified invalid characters. NOTE: this issue may overlap CVE-2007-4443. NOTE: this issue might be in Punkbuster itself, but there are insufficient details to be certain. | ||||
| CVE-2007-5251 | 1 Webhost Automation | 1 Helm Web Hosting Control Panel | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Helm 3.2.16 allow remote attackers to inject arbitrary web script or HTML via (1) the showOption parameter to domain.asp, or the (2) Folder or (3) StartPath parameter to FileManager.asp. | ||||
| CVE-2007-5252 | 1 Netsupport | 2 Netsupport Manager Client, Netsupport School Student | 2026-04-23 | N/A |
| Buffer overflow in NetSupport Manager (NSM) Client 10.00 and 10.20, and NetSupport School Student (NSS) 9.00, allows remote NSM servers to cause a denial of service or possibly execute arbitrary code via crafted data in the configuration exchange phase of an initial connection setup. NOTE: a vendor statement, which is too vague to be sure that it is for this particular issue, says that only a denial of service is possible. | ||||
| CVE-2007-5254 | 1 Virusblokada | 1 Vba32 Antivirus | 2026-04-23 | N/A |
| VirusBlokAda Vba32 AntiVirus 3.12.2 uses weak permissions (Everyone:Write) for its installation directory, which allows local users to gain privileges by replacing application programs, as demonstrated by replacing vba32ldr.exe. | ||||
| CVE-2007-5255 | 1 Google | 1 Mini Search Appliance | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Google Mini Search Appliance 3.4.14 allows remote attackers to inject arbitrary web script or HTML via the ie parameter to the /search URI. | ||||
| CVE-2007-5256 | 1 Mcdu | 1 Fsd | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in FSD 2.052 d9 and earlier, and FSFDT FSD 3.000 d9 and earlier, allow (1) remote attackers to execute arbitrary code via a long HELP command on TCP port 3010 to the sysuser::exechelp function in sysuser.cc and (2) remote authenticated users to execute arbitrary code via long commands on TCP port 6809 to the servinterface::sendmulticast function in servinterface.cc, as demonstrated by a PIcallsign command. | ||||
| CVE-2007-5257 | 1 Edraw | 1 Office Viewer Component | 2026-04-23 | N/A |
| Stack-based buffer overflow in the EDraw.OfficeViewer ActiveX control in officeviewer.ocx in EDraw Office Viewer Component 5.3.220.1 and earlier allows remote attackers to execute arbitrary code via long strings in the first and second arguments to the FtpDownloadFile method, a different vector than CVE-2007-4821 and CVE-2007-3169. | ||||
| CVE-2007-5258 | 1 Phpfreelog | 1 Phpfreelog | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in log.php in phpFreeLog alpha 0.2.0 allows remote attackers to include and execute arbitrary files via unspecified vectors. NOTE: the original disclosure is likely erroneous. | ||||