Export limit exceeded: 364328 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-0740 1 Apple 1 Mac Os X 2026-04-23 N/A
Alias Manager in Apple Mac OS X 10.3.9 and 10.4.9 does not display files with the same name in mounted disk images that have the same name, which might allow user-assisted attackers to trick a user into executing malicious files.
CVE-2007-0741 1 Apple 1 Mac Os X 2026-04-23 N/A
Buffer overflow in natd in network_cmds in Apple Mac OS X 10.3.9 through 10.4.9, when Internet Sharing is enabled, allows remote attackers to execute arbitrary code via malformed RTSP packets.
CVE-2007-0742 1 Apple 1 Mac Os X 2026-04-23 N/A
The WebFoundation framework in Apple Mac OS X 10.3.9 and earlier allows subdomain cookies to be accessed by the parent domain, which allows remote attackers to obtain sensitive information.
CVE-2007-0744 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
SMB in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment when executing commands, which allows local users to gain privileges by setting unspecified environment variables.
CVE-2007-0746 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Heap-based buffer overflow in the VideoConference framework in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to execute arbitrary code via a "crafted SIP packet when initializing an audio/video conference".
CVE-2007-0748 1 Apple 2 Darwin Streaming Server, Mac Os X Server 2026-04-23 N/A
Heap-based buffer overflow in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allows remote attackers to execute arbitrary code via multiple trackID values in a SETUP RTSP request.
CVE-2007-0750 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Integer overflow in CoreGraphics in Apple Mac OS X 10.4 up to 10.4.9 allows remote user-assisted attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted PDF file.
CVE-2007-0751 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
A cleanup script in crontabs in Apple Mac OS X 10.3.9 and 10.4.9 might delete filesystems that have been mounted in /tmp, which might allow local users to cause a denial of service, related to the find command.
CVE-2007-0752 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
The PPP daemon (pppd) in Apple Mac OS X 10.4.8 checks ownership of the stdin file descriptor to determine if the invoker has sufficient privileges, which allows local users to load arbitrary plugins and gain root privileges by bypassing this check.
CVE-2007-0754 1 Apple 1 Quicktime 2026-04-23 N/A
Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted Sample Table Sample Descriptor (STSD) atom size in a QuickTime movie.
CVE-2007-1287 1 Php 1 Php 2026-04-23 N/A
A regression error in the phpinfo function in PHP 4.4.3 to 4.4.6, and PHP 6.0 in CVS, allows remote attackers to conduct cross-site scripting (XSS) attacks via GET, POST, or COOKIE array values, which are not escaped in the phpinfo output, as originally fixed for CVE-2005-3388.
CVE-2007-1294 1 Divx 1 Divx Web Player 2026-04-23 N/A
A certain ActiveX control in the DivXBrowserPlugin (npdivx32.dll) in DivX Web Player, as distributed with DivX Player 1.3.0, allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via large values to DivxWP.Resize, related to resizing images.
CVE-2007-1299 1 Mani Stats Reader 1 Mani Stats Reader 2026-04-23 N/A
PHP remote file inclusion vulnerability in index.php in Mani Stats Reader 1.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the ipath parameter.
CVE-2007-1303 1 Rrdbrowse 1 Rrdbrowse 2026-04-23 N/A
Directory traversal vulnerability in rb.cgi in RRDBrowse 1.6 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
CVE-2007-1305 1 Savas Place 1 Savas Guestbook 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in add2.php in Sava's Guestbook 23.11.2006 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) country, (3) email, and (4) website parameters.
CVE-2007-1306 1 Digium 1 Asterisk 2026-04-23 N/A
Asterisk 1.4 before 1.4.1 and 1.2 before 1.2.16 allows remote attackers to cause a denial of service (crash) by sending a Session Initiation Protocol (SIP) packet without a URI and SIP-version header, which results in a NULL pointer dereference.
CVE-2007-1324 1 Snapgear 6 560, 580, 585 and 3 more 2026-04-23 N/A
SnapGear 560, 585, 580, 640, 710, and 720 appliances before the 3.1.4u5 firmware allow remote attackers to cause a denial of service (complete packet loss) via a packet flood, a different vulnerability than CVE-2006-4613.
CVE-2007-1326 1 Serendipity 1 Serendipity 2026-04-23 N/A
SQL injection vulnerability in index.php in Serendipity 1.1.1 allows remote attackers to execute arbitrary SQL commands via the serendipity[multiCat][] parameter.
CVE-2007-1328 1 Bernard Joly 1 Bj Webring 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in formulaire.php in Bernard JOLY BJ Webring allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter related to the add link menu.
CVE-2007-1342 1 Jelsoft 1 Vbulletin 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in admincp/index.php in Jelsoft vBulletin 3.6.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the add rss url form.