Total
29923 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-2179 | 1 Raiden Professional Servers | 1 Raidenftpd | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in IXceedCompression in XceddZipLib (RaidenFTPD.dll) in RaidenFTPD 2.4 allow remote attackers to cause a denial of service (crash) via unspecified vectors involving the (1) CalculateCrc, (2) Compress, and (3) Uncompress functions, which result in a NULL pointer dereference. | ||||
| CVE-2007-2720 | 1 Group-office | 1 Group-office Groupware | 2026-04-23 | N/A |
| Group-Office before 2.16-13 does not properly validate user IDs, which allows remote attackers to obtain sensitive information via certain requests for (1) message.php and (2) messages.php in modules/email/. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-2182 | 1 Maran | 1 Php Forum | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in forum_write.php in Maran PHP Forum allows remote attackers to upload and execute arbitrary PHP files via a trailing %00 in a filename in the page parameter. | ||||
| CVE-2007-2183 | 1 Php-ring | 1 Webring System | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in PHP-Ring Webring System (aka uPHP_ring_website) 0.9 allows remote attackers to execute arbitrary SQL commands via the ring parameter. | ||||
| CVE-2007-1389 | 1 Dynaliens | 1 Dynaliens | 2026-04-23 | N/A |
| dynaliens 2.0 and 2.1 allows remote attackers to bypass authentication and perform certain privileged actions via a direct request for (1) validlien.php3 (2) supprlien.php3 (3) supprub.php3 (4) validlien.php3 (5) confsuppr.php3 (6) modiflien.php3, or (7) confmodif.php3 in admin/. | ||||
| CVE-2007-1392 | 1 Netforo | 1 Netforo | 2026-04-23 | N/A |
| Directory traversal vulnerability in down.php in netForo! 0.1g allows remote attackers to read arbitrary files via a .. (dot dot) in the file_to_download parameter. | ||||
| CVE-2007-2186 | 2 Foxit, Microsoft | 9 Pdf Reader, Windows 2000, Windows 2003 Server and 6 more | 2026-04-23 | N/A |
| Foxit Reader 2.0 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document. | ||||
| CVE-2007-2721 | 2 Jasper Jpeg-2000, Redhat | 2 Jasper Jpeg-2000, Enterprise Linux | 2026-04-23 | N/A |
| The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer JPEG-2000 library (libjasper) before 1.900 allows remote user-assisted attackers to cause a denial of service (crash) and possibly corrupt the heap via malformed image files, as originally demonstrated using imagemagick convert. | ||||
| CVE-2007-2188 | 1 Extremail | 1 Extremail | 2026-04-23 | N/A |
| eXtremail 2.1.1 and earlier does not verify the ID field (aka transaction id) in DNS responses, which makes it easier for remote attackers to conduct DNS spoofing. | ||||
| CVE-2007-1398 | 2 Linux, Snort | 2 Linux Kernel, Snort | 2026-04-23 | N/A |
| The frag3 preprocessor in Snort 2.6.1.1, 2.6.1.2, and 2.7.0 beta, when configured for inline use on Linux without the ip_conntrack module loaded, allows remote attackers to cause a denial of service (segmentation fault and application crash) via certain UDP packets produced by send_morefrag_packet and send_overlap_packet. | ||||
| CVE-2007-2193 | 1 Acd Systems | 2 Acdsee, Photo Editor | 2026-04-23 | N/A |
| Stack-based buffer overflow in the ID_X.apl plugin in ACDSee 9.0 Build 108, Pro 8.1 Build 99, and Photo Editor 4.0 Build 195 allows user-assisted remote attackers to execute arbitrary code via a crafted XPM file with a long section string. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-2725 | 1 Db Soft Lab | 1 Dewizardx | 2026-04-23 | N/A |
| The DB Software Laboratory DeWizardX (DEWizardAX.ocx) ActiveX control allows remote attackers to overwrite arbitrary files via the SaveToFile function. | ||||
| CVE-2007-1400 | 1 Plesh | 1 Plesh | 2026-04-23 | N/A |
| Plash permits sandboxed processes to open /dev/tty, which allows local users to escape sandbox restrictions and execute arbitrary commands by sending characters to a shell process on the same termimal via the TIOCSTI ioctl. | ||||
| CVE-2007-1402 | 1 Rediff | 1 Toolbar | 2026-04-23 | N/A |
| The Rediff Toolbar 2.0 ActiveX control in redifftoolbar.dll allows remote attackers to cause a denial of service via unspecified manipulations, possibly involving improper initialization or blank arguments. | ||||
| CVE-2007-2194 | 1 Gentoo | 1 Xnview | 2026-04-23 | N/A |
| Stack-based buffer overflow in XnView 1.90.3 allows user-assisted remote attackers to execute arbitrary code via a crafted XPM file with a long section string. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-1410 | 1 Gaziyapboz | 1 Game Portal | 2026-04-23 | N/A |
| SQL injection vulnerability in kategori.asp in GaziYapBoz Game Portal allows remote attackers to execute arbitrary SQL commands via the kategori parameter. | ||||
| CVE-2007-1411 | 1 Php | 1 Php | 2026-04-23 | N/A |
| Buffer overflow in PHP 4.4.6 and earlier, and unspecified PHP 5 versions, allows local and possibly remote attackers to execute arbitrary code via long server name arguments to the (1) mssql_connect and (2) mssql_pconnect functions. | ||||
| CVE-2007-2733 | 1 Jetbox | 1 Jetbox Cms | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in Jetbox CMS allows remote authenticated users with author privileges to upload arbitrary scripts via unspecified vectors, which can be accessed in webfiles/. NOTE: this issue might be a duplicate of CVE-2004-1448. | ||||
| CVE-2007-1423 | 1 Work System E-commerce | 1 Work System E-commerce | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in WORK system e-commerce 3.0.5 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the g_include parameter to include/include_top.php and certain other PHP scripts. | ||||
| CVE-2007-2734 | 1 3com | 8 3crtpx505-73, 3crx506-96, Tippingpoint 200 and 5 more | 2026-04-23 | N/A |
| The 3Com TippingPoint IPS do not properly handle certain full-width and half-width Unicode character encodings in an HTTP POST request, which might allow remote attackers to evade detection of HTTP traffic. | ||||