Export limit exceeded: 362544 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (362544 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-0951 | 1 Fullaspsite | 1 Asp Hosting Site | 2026-04-23 | N/A |
| SQL injection vulnerability in listmain.asp in Fullaspsite ASP Hosting Site allows remote attackers to execute arbitrary SQL commands via the cat parameter. | ||||
| CVE-2007-0934 | 1 Microsoft | 1 Visio | 2026-04-23 | N/A |
| Unspecified vulnerability in Microsoft Visio 2002 allows remote user-assisted attackers to execute arbitrary code via a Visio (.VSD, VSS, .VST) file with a crafted version number that triggers memory corruption. | ||||
| CVE-2007-0933 | 2 D-link, Microsoft | 2 Dwl-g650\+, Windows Xp | 2026-04-23 | N/A |
| Buffer overflow in the wireless driver 6.0.0.18 for D-Link DWL-G650+ (Rev. A1) on Windows XP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a beacon frame with a long TIM Information Element. | ||||
| CVE-2007-0932 | 2 Alcatel-lucent, Aruba | 2 Omniaccess Wireless, Mobility Controller | 2026-04-23 | N/A |
| The (1) Aruba Mobility Controllers 200, 600, 2400, and 6000 and (2) Alcatel-Lucent OmniAccess Wireless 43xx and 6000 do not properly implement authentication and privilege assignment for the guest account, which allows remote attackers to access administrative interfaces or the WLAN. | ||||
| CVE-2007-0930 | 1 Apache Stats | 1 Apache Stats | 2026-04-23 | N/A |
| Variable extract vulnerability in Apache Stats before 0.0.3beta allows attackers to modify arbitrary variables and conduct attacks via unknown vectors involving the use of PHP's extract function. | ||||
| CVE-2007-0929 | 1 Guillaume Fontaine | 1 Php Rrd Browser | 2026-04-23 | N/A |
| Directory traversal vulnerability in php rrd browser before 0.2.1 allows remote attackers to read arbitrary files via ".." sequences in the p parameter. | ||||
| CVE-2007-0927 | 1 Utorrent | 1 Utorrent | 2026-04-23 | N/A |
| Heap-based buffer overflow in uTorrent 1.6 allows remote attackers to execute arbitrary code via a torrent file with a crafted announce header. | ||||
| CVE-2007-0926 | 1 Kvguestbook | 1 Kvguestbook | 2026-04-23 | N/A |
| The dologin function in guestbook.php in KvGuestbook 1.0 Beta allows remote attackers to gain administrative privileges, probably via modified $mysql['pass'] and $gbpass variables. | ||||
| CVE-2007-0925 | 1 Communityserver.org | 1 Community Server | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in search/SearchResults.aspx in Community Server allows remote attackers to inject arbitrary web script or HTML via the q parameter. | ||||
| CVE-2007-0924 | 1 Till Gerken | 1 Phppolls | 2026-04-23 | N/A |
| Till Gerken phpPolls 1.0.3 allows remote attackers to bypass authentication and perform certain administrative actions via a direct request to phpPollAdmin.php3. NOTE: this issue might subsume CVE-2006-3764. | ||||
| CVE-2007-0923 | 1 Radical Technologies | 1 Portal Search | 2026-04-23 | N/A |
| buscador/buscador.htm in Portal Search allows remote attackers to obtain sensitive information (business logic) via a query string composed of a search for certain characters. | ||||
| CVE-2007-0922 | 1 Radical Technologies | 1 Portal Search | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in buscador/buscador.htm in Portal Search allows remote attackers to inject arbitrary web script or HTML via the query string. | ||||
| CVE-2007-0921 | 1 Radical Technologies | 1 Portal Search | 2026-04-23 | N/A |
| Portal Search allows remote attackers to redirect a URL to an arbitrary web site by placing the URL in the query string to the top-level URI. | ||||
| CVE-2007-0920 | 1 Philboard | 1 Philboard | 2026-04-23 | N/A |
| SQL injection vulnerability in philboard_forum.asp in Philboard 1.14 and earlier allows remote attackers to execute arbitrary SQL commands via the forumid parameter. | ||||
| CVE-2007-0918 | 1 Cisco | 1 Ios | 2026-04-23 | N/A |
| The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash and traffic loss) via unspecified manipulations that are not properly handled by the regular expression feature, as demonstrated using the 3123.0 (Netbus Pro Traffic) signature. | ||||
| CVE-2007-0917 | 1 Cisco | 1 Ios | 2026-04-23 | N/A |
| The Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XE to 12.3T allows remote attackers to bypass IPS signatures that use regular expressions via fragmented packets. | ||||
| CVE-2007-0916 | 1 Hp | 1 Hp-ux | 2026-04-23 | N/A |
| Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors. | ||||
| CVE-2007-0915 | 1 Hp | 1 Hp-ux | 2026-04-23 | N/A |
| Distributed SLS daemon (SLSd) on HP-UX B.11.11 allows remote attackers to overwrite arbitrary files and gain privileges via a crafted RPC request. | ||||
| CVE-2007-0914 | 1 Sun | 1 Solaris | 2026-04-23 | N/A |
| Race condition in the TCP subsystem for Solaris 10 allows remote attackers to cause a denial of service (system panic) via unknown vectors. | ||||
| CVE-2007-0912 | 1 Jportal | 1 Jportal Web Server | 2026-04-23 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in admin/admin.adm.php in Jportal 2.3.1, and possibly earlier, allows remote attackers to perform privileged actions as administrators by tricking the admin into accessing a URL with modified arguments to admin/admin.adm.php. | ||||