Export limit exceeded: 350469 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 350469 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (350469 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-0742 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| The WebFoundation framework in Apple Mac OS X 10.3.9 and earlier allows subdomain cookies to be accessed by the parent domain, which allows remote attackers to obtain sensitive information. | ||||
| CVE-2007-0741 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| Buffer overflow in natd in network_cmds in Apple Mac OS X 10.3.9 through 10.4.9, when Internet Sharing is enabled, allows remote attackers to execute arbitrary code via malformed RTSP packets. | ||||
| CVE-2007-0740 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| Alias Manager in Apple Mac OS X 10.3.9 and 10.4.9 does not display files with the same name in mounted disk images that have the same name, which might allow user-assisted attackers to trick a user into executing malicious files. | ||||
| CVE-2007-0739 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| The Login Window in Apple Mac OS X 10.4 through 10.4.9 displays the software update window beneath the loginwindow authentication dialog in certain circumstances related to running scheduled tasks, which allows local users to bypass authentication controls. | ||||
| CVE-2007-0418 | 1 Bea | 1 Weblogic Server | 2026-04-23 | N/A |
| BEA WebLogic Server 7.0 through 7.0 SP6, 8.1 through 8.1 SP5, 9.0, and 9.1 does not enforce a security policy that declares permissions for EJB methods that have array parameters, which allows remote attackers to obtain unauthorized access to these methods. | ||||
| CVE-2007-0419 | 1 Bea | 1 Weblogic Server | 2026-04-23 | N/A |
| The BEA WebLogic Server proxy plug-in before June 2006 for the Apache HTTP Server does not properly handle protocol errors, which allows remote attackers to cause a denial of service (server outage). | ||||
| CVE-2007-0420 | 1 Bea | 1 Weblogic Server | 2026-04-23 | N/A |
| BEA WebLogic Server 9.0, 9.1, and 9.2 Gold allows remote attackers to obtain sensitive information via malformed HTTP requests, which reveal data from previous requests. | ||||
| CVE-2007-0422 | 1 Bea | 1 Weblogic Server | 2026-04-23 | N/A |
| BEA WebLogic Server 9.0, 9.1, and 9.2 Gold, when running on Solaris 9, allows remote attackers to cause a denial of service (server inaccessibility) via manipulated socket connections. | ||||
| CVE-2007-0423 | 1 Oracle | 1 Weblogic Portal | 2026-04-23 | N/A |
| BEA WebLogic Portal 9.2 does not properly handle when an administrator deletes entitlements for a role, which causes other role entitlements to be "inadvertently affected," which has an unknown impact. | ||||
| CVE-2006-5927 | 1 Asp Scripter | 2 Easy Portal, Live Support | 2026-04-23 | N/A |
| SQL injection vulnerability in cpLogin.asp in ASP Scripter Easy Portal 1.4 and Live Support 1.3 allows remote attackers to execute arbitrary SQL commands via the Password parameter. | ||||
| CVE-2008-5664 | 1 Realtek | 1 Realtek Media Player | 2026-04-23 | N/A |
| Stack-based buffer overflow in Realtek Media Player (aka Realtek Sound Manager, RtlRack, or rtlrack.exe) 1.15.0.0 allows remote attackers to execute arbitrary code via a crafted playlist (PLA) file. | ||||
| CVE-2008-7126 | 1 Microfocus | 1 Visibroker | 2026-04-23 | N/A |
| Integer overflow in osagent.exe in Borland VisiBroker Smart Agent 08.00.00.C1.03 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet with a large string length value to UDP port 14000, which triggers a heap-based buffer overflow. | ||||
| CVE-2007-0444 | 1 Citrix | 2 Metaframe, Metaframe Presentation Server | 2026-04-23 | N/A |
| Stack-based buffer overflow in the print provider library (cpprov.dll) in Citrix Presentation Server 4.0, MetaFrame Presentation Server 3.0, and MetaFrame XP 1.0 allows local users and remote attackers to execute arbitrary code via long arguments to the (1) EnumPrintersW and (2) OpenPrinter functions. | ||||
| CVE-2007-0445 | 1 Kaspersky Lab | 2 Kaspersky Anti-virus, Kaspersky Internet Security | 2026-04-23 | N/A |
| Heap-based buffer overflow in the arj.ppl module in the OnDemand Scanner in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows remote attackers to execute arbitrary code via crafted ARJ archives. | ||||
| CVE-2007-0446 | 1 Hp | 3 Mercury Loadrunner Agent, Mercury Monitor Over Firewall, Mercury Performance Center Agent | 2026-04-23 | N/A |
| Stack-based buffer overflow in magentproc.exe for Hewlett-Packard Mercury LoadRunner Agent 8.0 and 8.1, Performance Center Agent 8.0 and 8.1, and Monitor over Firewall 8.1 allows remote attackers to execute arbitrary code via a packet with a long server_ip_name field to TCP port 54345, which triggers the overflow in mchan.dll. | ||||
| CVE-2007-0447 | 1 Symantec | 13 Antivirus Scan Engine, Brightmail Antispam, Client Security and 10 more | 2026-04-23 | N/A |
| Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives. | ||||
| CVE-2007-0448 | 1 Php | 1 Php | 2026-04-23 | N/A |
| The fopen function in PHP 5.2.0 does not properly handle invalid URI handlers, which allows context-dependent attackers to bypass safe_mode restrictions and read arbitrary files via a file path specified with an invalid URI, as demonstrated via the srpath URI. | ||||
| CVE-2007-0449 | 1 Broadcom | 5 Brightstor Arcserve Backup Laptops Desktops, Brightstor Mobile Backup, Business Protection Suite and 2 more | 2026-04-23 | N/A |
| Multiple buffer overflows in LGSERVER.EXE in CA BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.1 SP1, Mobile Backup r4.0, Desktop and Business Protection Suite r2, and Desktop Management Suite (DMS) r11.0 and r11.1 allow remote attackers to execute arbitrary code via crafted packets to TCP port (1) 1900 or (2) 2200. | ||||
| CVE-2006-5928 | 1 Phpjobscheduler | 1 Phpjobscheduler | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Phpjobscheduler 3.0 allow remote attackers to execute arbitrary PHP code via a URL in the installed_config_file parameter to (1) add-modify.php, (2) delete.php, (3) modify.php, and (4) phpjobscheduler.php. | ||||
| CVE-2007-0451 | 2 Apache, Redhat | 2 Spamassassin, Enterprise Linux | 2026-04-23 | N/A |
| Apache SpamAssassin before 3.1.8 allows remote attackers to cause a denial of service via long URLs in malformed HTML, which triggers "massive memory usage." | ||||