Export limit exceeded: 29942 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29942 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-2166 | 1 Opensurveypilot | 1 Opensurveypilot | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in administration/user/lib/group.inc.php in OpenSurveyPilot (osp) 1.2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cfgPathToProjectAdmin parameter. | ||||
| CVE-2007-2168 | 1 Aimstats | 1 Aimstats | 2026-04-23 | N/A |
| Static code injection vulnerability in process.php in AimStats 3.2 and earlier allows remote attackers to inject PHP code into config.php via the databasehost parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-2169 | 1 Mozzers Subsystem | 1 Mozzers Subsystem | 2026-04-23 | N/A |
| Static code injection vulnerability in add.php in Mozzers SubSystem 1.0 allows remote attackers to inject PHP code into subs.php via the (1) Sub-name or (2) Sub-url field. NOTE: an earlier report indicated that the add action can be reached through a request to index.php. | ||||
| CVE-2007-2170 | 1 Oracle | 1 E-business Suite | 2026-04-23 | N/A |
| The APPLSYS.FND_DM_NODES package in Oracle E-Business Suite does not check for valid sessions, which allows remote attackers to delete arbitrary nodes. NOTE: due to lack of details from Oracle, it is not clear whether this issue is related to other CVE identifiers such as CVE-2007-2126, CVE-2007-2127, or CVE-2007-2128. | ||||
| CVE-2007-2171 | 1 Novell | 1 Groupwise | 2026-04-23 | N/A |
| Stack-based buffer overflow in the base64_decode function in GWINTER.exe in Novell GroupWise (GW) WebAccess before 7.0 SP2 allows remote attackers to execute arbitrary code via long base64 content in an HTTP Basic Authentication request. | ||||
| CVE-2007-2173 | 2 Double Precision Incorporated, Gentoo | 2 Courier-imap, Linux | 2026-04-23 | N/A |
| Eval injection vulnerability in (1) courier-imapd.indirect and (2) courier-pop3d.indirect in Courier-IMAP before 4.0.6-r2, and 4.1.x before 4.1.2-r1, on Gentoo Linux allows remote attackers to execute arbitrary commands via the XMAILDIR variable, related to the LOGINRUN variable. | ||||
| CVE-2007-2174 | 1 Checkpoint | 1 Zonealarm | 2026-04-23 | N/A |
| The IOCTL handling in srescan.sys in the ZoneAlarm Spyware Removal Engine (SRE) in Check Point ZoneAlarm before 5.0.156.0 allows local users to execute arbitrary code via certain IOCTL lrp parameter addresses. | ||||
| CVE-2007-2175 | 1 Apple | 1 Safari | 2026-04-23 | N/A |
| Apple QuickTime Java extensions (QTJava.dll), as used in Safari and other browsers, and when Java is enabled, allows remote attackers to execute arbitrary code via parameters to the toQTPointer method in quicktime.util.QTHandleRef, which can be used to modify arbitrary memory when creating QTPointerRef objects, as demonstrated during the "PWN 2 0WN" contest at CanSecWest 2007. | ||||
| CVE-2007-2177 | 1 Microgaming | 1 Download Helper Activex Control | 2026-04-23 | N/A |
| Stack-based buffer overflow in the Microgaming Download Helper ActiveX control (dlhelper.dll) before 7.2.0.19, and the WebHandler Class control, allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2007-2178 | 1 Objective Development | 1 Sharity | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in Objective Development Sharity before 3.3 allow remote attackers to cause a denial of service (daemon crash) via unspecified vectors. | ||||
| CVE-2007-2179 | 1 Raiden Professional Servers | 1 Raidenftpd | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in IXceedCompression in XceddZipLib (RaidenFTPD.dll) in RaidenFTPD 2.4 allow remote attackers to cause a denial of service (crash) via unspecified vectors involving the (1) CalculateCrc, (2) Compress, and (3) Uncompress functions, which result in a NULL pointer dereference. | ||||
| CVE-2007-2180 | 1 Nullsoft | 1 Winamp | 2026-04-23 | N/A |
| Buffer overflow in Nullsoft Winamp 5.3 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted WMV file. | ||||
| CVE-2007-2181 | 1 Webinsta | 1 Fm Manager | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in admin/login.php in Webinsta FM Manager 0.1.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the absolute_path parameter, a different product and vector than CVE-2005-0748. | ||||
| CVE-2007-2182 | 1 Maran | 1 Php Forum | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in forum_write.php in Maran PHP Forum allows remote attackers to upload and execute arbitrary PHP files via a trailing %00 in a filename in the page parameter. | ||||
| CVE-2007-2183 | 1 Php-ring | 1 Webring System | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in PHP-Ring Webring System (aka uPHP_ring_website) 0.9 allows remote attackers to execute arbitrary SQL commands via the ring parameter. | ||||
| CVE-2007-2184 | 1 Jchit | 1 Counter | 2026-04-23 | N/A |
| Directory traversal vulnerability in imgsrv.php in jchit counter 1.0.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the acc parameter. | ||||
| CVE-2007-2186 | 2 Foxit, Microsoft | 9 Pdf Reader, Windows 2000, Windows 2003 Server and 6 more | 2026-04-23 | N/A |
| Foxit Reader 2.0 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document. | ||||
| CVE-2007-2187 | 1 Extremail | 1 Extremail | 2026-04-23 | N/A |
| Stack-based buffer overflow in eXtremail 2.1.1 and earlier allows remote attackers to execute arbitrary code via a long DNS response. NOTE: this might be related to CVE-2006-6926. | ||||
| CVE-2007-2188 | 1 Extremail | 1 Extremail | 2026-04-23 | N/A |
| eXtremail 2.1.1 and earlier does not verify the ID field (aka transaction id) in DNS responses, which makes it easier for remote attackers to conduct DNS spoofing. | ||||
| CVE-2007-2189 | 1 Mx Smartor | 1 Full Album Pack | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in admin/admin_album_otf.php in the MX Smartor Full Album Pack (FAP) 2.0 RC1 module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | ||||