Export limit exceeded: 364880 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-1868 | 1 Ibm | 1 Tivoli Provisioning Manager Os Deployment | 2026-04-23 | N/A |
| The management service in IBM Tivoli Provisioning Manager for OS Deployment before 5.1 Fix Pack 2 does not properly handle multipart/form-data in HTTP POST requests, which allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via crafted POST requests to port 8080/tcp or 443/tcp. | ||||
| CVE-2007-1869 | 1 Lighttpd | 1 Lighttpd | 2026-04-23 | N/A |
| lighttpd 1.4.12 and 1.4.13 allows remote attackers to cause a denial of service (cpu and resource consumption) by disconnecting while lighttpd is parsing CRLF sequences, which triggers an infinite loop and file descriptor consumption. | ||||
| CVE-2007-1870 | 1 Lighttpd | 1 Lighttpd | 2026-04-23 | N/A |
| lighttpd before 1.4.14 allows attackers to cause a denial of service (crash) via a request to a file whose mtime is 0, which results in a NULL pointer dereference. | ||||
| CVE-2007-2934 | 1 Windy Road | 1 Vistered Little | 2026-04-23 | N/A |
| Directory traversal vulnerability in skins/common.css.php in Vistered Little 1.6a allows remote attackers to read arbitrary files via a .. (dot dot) in the skin parameter. | ||||
| CVE-2007-2935 | 1 Fundanemt | 1 Fundanemt | 2026-04-23 | N/A |
| core/spellcheck/spellcheck.php in Fundanemt before 2.2.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the dict parameter. | ||||
| CVE-2007-2936 | 1 Frequency Clock | 1 Frequency Clock | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Frequency Clock 0.1b (Beta 0.1) allow remote attackers to execute arbitrary PHP code via a URL in the securelib parameter to (1) conf.php or (2) cp2.php. | ||||
| CVE-2007-2937 | 1 Troforum | 1 Troforum | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in admin/admin.php in TROforum 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the site_url parameter. | ||||
| CVE-2007-2939 | 1 Mazens Php Chat | 1 Mazens Php Chat | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Mazen's PHP Chat 3.0.0 allow remote attackers to execute arbitrary PHP code via a URL in the basepath parameter to (1) ITX.php, (2) IT_Error.php, or (3) IT.php in include/pear/. | ||||
| CVE-2007-2940 | 1 Flap | 1 Flap | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in FlaP 1.0b (1.0 Beta) allow remote attackers to execute arbitrary PHP code via a URL in the pachtofile parameter to (1) skin/html/table.php or (2) login.php. | ||||
| CVE-2007-2972 | 1 Avira | 2 Antivir, Av Pack | 2026-04-23 | N/A |
| The file parsing engine in Avira Antivir Antivirus before 7.04.00.24 allows remote attackers to cause a denial of service (application crash) via a crafted UPX compressed file, which triggers a divide-by-zero error. | ||||
| CVE-2007-2943 | 1 Webavis | 1 Webavis | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in class/class.php in Webavis 0.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the root parameter. | ||||
| CVE-2007-2973 | 1 Avira | 2 Antivir, Av Pack | 2026-04-23 | N/A |
| Avira Antivir Antivirus before 7.03.00.09 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed TAR archive. | ||||
| CVE-2007-2950 | 3 Centennial, Numara, Symantec | 3 Discovery, Asset Manager, Discovery | 2026-04-23 | N/A |
| Centennial Discovery 2006 Feature Pack 1, which is used by (1) Numara Asset Manager 8.0 and (2) Symantec Discovery 6.5, uses insecure permissions on certain directories, which allows local users to gain privileges. | ||||
| CVE-2009-3851 | 1 Sun | 1 Solaris | 2026-04-23 | N/A |
| Trusted Extensions in Sun Solaris 10 interferes with the operation of the xscreensaver-demo command for the XScreenSaver application, which makes it easier for physically proximate attackers to access an unattended workstation for which the intended screen locking did not occur, related to the "restart daemon." | ||||
| CVE-2007-2961 | 1 Filecloset | 1 Filecloset | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in FileCloset before 1.1.5 allows remote attackers to upload arbitrary PHP files via unspecified vectors. | ||||
| CVE-2007-2962 | 1 Particle Soft | 1 Particle Gallery | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in Particle Gallery 1.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the order parameter. | ||||
| CVE-2007-2963 | 1 Invision Power Services | 1 Invision Power Board | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Invision Power Board (IPB or IP.Board) 2.2.2, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via (1) module_bbcodeloader.php, (2) module_div.php, (3) module_email.php, (4) module_image.php, (5) module_link.php, or (6) the editorid parameter to module_table.php in jscripts/folder_rte_files/. NOTE: some details were obtained from third party sources. | ||||
| CVE-2007-2964 | 1 F-secure | 1 Policy Manager | 2026-04-23 | N/A |
| The fsmsh.dll host module in F-Secure Policy Manager Server 7.00 and earlier allows remote attackers to cause a denial of service (application crash) via NTFS reserved words in filenames in URLs. | ||||
| CVE-2007-2968 | 1 Cpcommerce | 1 Cpcommerce | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in register.php in cpCommerce 1.1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the name parameter (Full Name field). | ||||
| CVE-2007-2969 | 1 Wanewsletter | 1 Wanewsletter | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in newsletter.php in WAnewsletter 2.1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the waroot parameter. | ||||