Total
29888 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-2894 | 1 Bochs Project | 1 Bochs | 2025-04-09 | N/A |
| The emulated floppy disk controller in Bochs 2.3 allows local users of the guest operating system to cause a denial of service (virtual machine crash) via unspecified vectors, resulting in a divide-by-zero error. | ||||
| CVE-2007-0263 | 1 Total Commander | 1 Total Commander | 2025-04-09 | N/A |
| Unspecified vulnerability in Total Commander before 6.5.6 allows user-assisted remote attackers to delete arbitrary files and corrupt a filesystem via a crafted RAR file. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-1775 | 1 Jbrowser | 1 Jbrowser | 2025-04-09 | N/A |
| Unrestricted file upload vulnerability in upload.php3 in JBrowser 2.4 and earlier allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-1780 | 1 Overlay Weaver | 1 Overlay Weaver | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in the DHT shell (owdhtshell) in Overlay Weaver 0.5.9 to 0.5.11, when invoked with the -x option, allows remote attackers to inject arbitrary web script or HTML via fields in certain input forms. | ||||
| CVE-2007-2708 | 1 Feindt Computerservice | 1 News-script | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in newsadmin.php in Feindt Computerservice News (News-Script) 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the action parameter. | ||||
| CVE-2007-2896 | 2 Microsoft, Symantec | 2 All Windows, Enterprise Security Manager | 2025-04-09 | N/A |
| Race condition in the Symantec Enterprise Security Manager (ESM) 6.5.3 managers and agents on Windows before 20070524 allows remote attackers to cause a denial of service (CPU consumption and application hang) via certain network scans to ESM ports. | ||||
| CVE-2007-2784 | 1 Globus | 1 Globus Toolkit | 2025-04-09 | N/A |
| Unspecified vulnerability in globus-job-manager in Globus Toolkit 4.1.1 and earlier (globus_nexus-6.6 and earlier) allows remote attackers to cause a denial of service (resource exhaustion and system crash) via certain requests to temporary TCP ports for a GRAM2 job or its MPICH-G2 applications. | ||||
| CVE-2007-2285 | 1 Jack Slocum | 1 Ext Js | 2025-04-09 | N/A |
| Directory traversal vulnerability in examples/layout/feed-proxy.php in Jack Slocum Ext 1.0 alpha1 (Ext JS) allows remote attackers to read arbitrary files via a .. (dot dot) in the feed parameter. NOTE: analysis by third party researchers indicates that this issue might be platform dependent. | ||||
| CVE-2007-1521 | 1 Php | 1 Php | 2025-04-09 | N/A |
| Double free vulnerability in PHP before 4.4.7, and 5.x before 5.2.2, allows context-dependent attackers to execute arbitrary code by interrupting the session_regenerate_id function, as demonstrated by calling a userspace error handler or triggering a memory limit violation. | ||||
| CVE-2007-2770 | 1 Qualcomm | 1 Eudora | 2025-04-09 | N/A |
| Stack-based buffer overflow in Eudora 7.1 allows user-assisted, remote SMTP servers to execute arbitrary code via a long SMTP reply. NOTE: the user must click through a warning about a possible buffer overflow exploit to trigger this issue. | ||||
| CVE-2007-2160 | 1 Drupal | 1 Database Administration Module | 2025-04-09 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the Database Administration (dba) module 4.6.x-*, and before 4.7.x-1.2 in the 4.7.x-1.* series, for Drupal allow remote attackers to perform unauthorized actions as an arbitrary user, a related issue to CVE-2006-5476. | ||||
| CVE-2008-3350 | 1 The Kelleys | 1 Dnsmasq | 2025-04-09 | N/A |
| dnsmasq 2.43 allows remote attackers to cause a denial of service (daemon crash) by (1) sending a DHCPINFORM while lacking a DHCP lease, or (2) attempting to renew a nonexistent DHCP lease for an invalid subnet as an "unknown client," a different vulnerability than CVE-2008-3214. | ||||
| CVE-2007-2851 | 1 Lead Technologies | 1 Leadtools Raster Variant Object Library | 2025-04-09 | N/A |
| A certain ActiveX control in LeadTools Raster Variant Object Library (LTRVR14e.dll) 14.5.0.44 allows remote attackers to overwrite arbitrary files via the WriteDataToFile method. | ||||
| CVE-2007-1501 | 1 Avant Force | 1 Avant Browser | 2025-04-09 | N/A |
| Stack-based buffer overflow in Avant Browser 11.0 build 26 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long Content-Type HTTP header. | ||||
| CVE-2007-2866 | 1 Phpecho Cms | 1 Phpecho Cms | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in modules/admin/modules/gallery.php in PHPEcho CMS 2.0-rc1 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter and possibly other parameters. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-1653 | 1 Glowworm | 1 Glowworm | 2025-04-09 | N/A |
| GlowWorm FW before 1.5.3b4 allows remote attackers to cause a denial of service (kernel panic) via certain DNS responses that trigger infinite recursion in TrueDNS packet parsing, as originally observed with certain login.yahoo.com responses. | ||||
| CVE-2007-2323 | 1 Intervideo | 1 Home Theater | 2025-04-09 | N/A |
| Multiple buffer overflows in the WinDVDX ActiveX control in InterVideo Home Theater 2.1.13.0 and 2.5.13.58 allow remote attackers to execute arbitrary code via a long string argument to the (1) GetDiscType or (2) AddFileList method. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-1431 | 1 Pennmush | 1 Pennmush | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in PennMUSH 1.8.3 before 1.8.3p1 and 1.8.2 before 1.8.2p3 allow attackers to cause a denial of service (crash) related to the (1) speak and (2) buy functions. | ||||
| CVE-2007-1498 | 1 Mcafee | 2 Epolicy Orchestrator, Protectionpilot | 2025-04-09 | N/A |
| Multiple stack-based buffer overflows in the SiteManager.SiteMgr.1 ActiveX control (SiteManager.dll) in the ePO management console in McAfee ePolicy Orchestrator (ePO) before 3.6.1 Patch 1 and ProtectionPilot (PRP) before 1.5.0 HotFix allow remote attackers to execute arbitrary code via a long argument to the (1) ExportSiteList and (2) VerifyPackageCatalog functions, and (3) unspecified vectors involving a swprintf function call. | ||||
| CVE-2007-1702 | 1 Mambo | 1 Flatmenu | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in mod_flatmenu.php in the Flatmenu 1.07 and earlier Mambo module allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||