Export limit exceeded: 364243 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-1120 1 Steema Software 1 Teechart Pro 2026-04-23 N/A
The (1) Import.LoadFromURL and (2) Export.asText.SaveToFile functions in TeeChart Pro ActiveX control (TeeChart7.ocx) allow remote attackers to download a crafted .tee file to an arbitrary location. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-1594 1 Asterisk 1 Asterisk 2026-04-23 N/A
The handle_response function in chan_sip.c in Asterisk before 1.2.17 and 1.4.x before 1.4.2 allows remote attackers to cause a denial of service (crash) via a SIP Response code 0 in a SIP packet.
CVE-2007-1674 1 Landesk 1 Landesk Management Suite 2026-04-23 N/A
Stack-based buffer overflow in the Alert Service (aolnsrvr.exe) in LANDesk Management Suite 8.7 allows remote attackers to execute arbitrary code via a crafted packet to port 65535/UDP.
CVE-2007-1724 1 Reactos 1 Reactos 2026-04-23 N/A
Unspecified vulnerability in ReactOS 0.3.1 has unknown impact and attack vectors, related to a fix for "dozens of win32k bugs and failures," in which the fix itself introduces a vulnerability, possibly related to user-mode and kernel-mode copy failures.
CVE-2007-1811 1 Chapi 1 Tiny Event 2026-04-23 N/A
SQL injection vulnerability in index.php in the Tiny Event (tinyevent) 1.01 and earlier module for Xoops allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action.
CVE-2007-2425 1 Blackdot 1 Imageview 2026-04-23 N/A
Directory traversal vulnerability in fileview.php in Imageview 5.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the album parameter.
CVE-2007-2520 1 Frank Mancuso 1 Mynews 2026-04-23 N/A
SQL injection vulnerability in admin.php in MyNews 0.10, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the authacc cookie.
CVE-2007-2606 1 Firebirdsql 1 Firebird 2026-04-23 N/A
Multiple buffer overflows in Firebird 2.1 allow attackers to trigger memory corruption and possibly have other unspecified impact via certain input processed by (1) config\ConfigFile.cpp or (2) msgs\check_msgs.epp. NOTE: if ConfigFile.cpp reads a configuration file with restrictive permissions, then the ConfigFile.cpp vector may not cross privilege boundaries and perhaps should not be included in CVE.
CVE-2007-3183 1 Vincent Hor 1 Calendarix 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Calendarix 0.7.20070307, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) month and (2) year parameters to calendar.php and the (3) search string to cal_search.php.
CVE-2007-3244 1 Bbpress 1 Bbpress 2026-04-23 N/A
SQL injection vulnerability in bb-includes/formatting-functions.php in bbPress before 0.8.1 might allow remote attackers to execute arbitrary SQL commands via unspecified vectors to forums/bb-edit.php, as demonstrated by a PRE element, aka the "quircky slashes bug."
CVE-2007-3298 1 Spey 1 Spey 2026-04-23 N/A
SQL injection vulnerability in Spey before 0.4.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to MessageProcessor.cc and possibly other components.
CVE-2007-3362 3 Ageet, Htc, Microsoft 3 Agephone, Hytn, Windows Mobile 2026-04-23 N/A
ageet AGEphone before 1.6.2, running on Windows Mobile 5 on the HTC HyTN Pocket PC device, allows remote attackers to (1) cause a denial of service (call disruption and device hang) via a SIP message with a malformed header and (2) cause a denial of service (call disruption, false ring indication, and device outage) via a SIP message with a malformed SDP delimiter.
CVE-2007-3965 1 Ufmod 1 Ufmod Xm Player Library 2026-04-23 N/A
Unspecified vulnerability in uFMOD before 1.2.5 has unknown impact and attack vectors, possibly related to malformed files, and possibly an integer signedness error for relative note instruments.
CVE-2007-4082 1 Alstrasoft 1 Article Manager Pro 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in contact_author.php AlstraSoft Article Manager Pro allows remote attackers to inject arbitrary web script or HTML via the userid parameter.
CVE-2007-4167 1 Al-caricatier 1 Al-caricatier 2026-04-23 N/A
PHP remote file inclusion vulnerability in cat_viewed.php in AL-Caricatier 2.5 allows remote attackers to execute arbitrary PHP code via a URL in the CatName parameter.
CVE-2007-4590 1 Hp 3 Dynrootdisk, Hp-ux, Ignite-ux 2026-04-23 N/A
The get_system_info command in Ignite-UX C.7.0 through C.7.3, and DynRootDisk (DRD) A.1.0.16.417 through A.2.0.0.592, on HP-UX B.11.11, B.11.23, and B.11.31 does not inform local users of networking changes made by the command, which has unknown impact and attack vectors.
CVE-2007-1051 1 Comodo 1 Comodo Firewall Pro 2026-04-23 N/A
Comodo Firewall Pro (formerly Comodo Personal Firewall) 2.4.17.183 and earlier uses a weak cryptographic hashing function (CRC32) to identify trusted modules, which allows local users to bypass security protections by substituting modified modules that have the same CRC32 value.
CVE-2007-4667 1 Firebirdsql 1 Firebird 2026-04-23 N/A
Unspecified vulnerability in the Services API in Firebird before 2.0.2 allows remote attackers to cause a denial of service, aka CORE-1149.
CVE-2007-3178 1 Zindizayn Okul Web Sistemi 1 Zindizayn Okul Web Sistemi 2026-04-23 N/A
Multiple SQL injection vulnerabilities in Zindizayn Okul Web Sistemi 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id or (2) pass parameter to (a) mezungiris.asp or (b) ogretmenkontrol.asp.
CVE-2007-2828 1 Johntp 1 Adsense-deluxe 2026-04-23 N/A
Cross-site request forgery (CSRF) vulnerability in adsense-deluxe.php in the AdSense-Deluxe 0.x plugin for WordPress allows remote attackers to perform unspecified actions as arbitrary users via unspecified vectors.