Export limit exceeded: 364837 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 364837 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-3440 1 Snom 2 320 Sip Phone, Snom 320 Linux 2026-04-23 N/A
The Snom 320 SIP Phone, running snom320 linux 3.25, snom320-SIP 6.2.3, and snom320 jffs23.36, allows remote attackers to place calls to arbitrary phone numbers via certain requests to the web server on port 1800.
CVE-2007-3458 1 Sun 1 Solaris 2026-04-23 N/A
The libsldap library in Sun Solaris 8, 9, and 10 allows local users to cause a denial of service (Name Service Caching Daemon (nscd) crash) via unspecified vectors.
CVE-2006-6119 1 Mmgallery 1 Mmgallery 2026-04-23 N/A
mmgallery 1.55 allows remote attackers to obtain sensitive information via a direct request for thumbs.php, which reveals the installation path in various error messages.
CVE-2007-3442 1 Research In Motion Limited 1 Blackberry 7270 2026-04-23 N/A
Format string vulnerability on the Research in Motion BlackBerry 7270 before 4.0 SP1 Bundle 108 allows remote attackers to cause a denial of service (blocked call reception and calling) via format string specifiers in an SIP INVITE message that lacks a host name in the Contact header.
CVE-2007-3443 1 Research In Motion Limited 1 Blackberry 7270 2026-04-23 N/A
The Research in Motion BlackBerry 7270 before 4.0 SP1 Bundle 108 does not properly manage transaction states, which allows remote attackers to cause a denial of service (temporary device hang) by sending a certain SIP INVITE message, but not providing an ACK when the call is answered.
CVE-2007-3446 1 Bugmall 1 Shopping Cart 2026-04-23 N/A
BugMall Shopping Cart 2.5 and earlier has a default username "demo" and password "demo," which allows remote attackers to obtain login access.
CVE-2007-3451 1 Gorani Network 1 6alblog 2026-04-23 N/A
PHP remote file inclusion vulnerability in admin/index.php in 6ALBlog allows remote authenticated administrators to execute arbitrary PHP code via a URL in the pg parameter.
CVE-2007-3452 1 Edocstore 1 Edocstore 2026-04-23 N/A
SQL injection vulnerability in essentials/minutes/doc.php in eDocStore allows remote attackers to execute arbitrary SQL commands via the doc_id parameter in an inline action.
CVE-2007-3453 1 Papoo 1 Papoo 2026-04-23 N/A
SQL injection vulnerability in Papoo 3.6, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the selmenuid parameter to certain components.
CVE-2007-3460 1 Eva-web 1 Eva-web 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in index.php3 in EVA-Web 1.1 through 2.2 allow remote attackers to execute arbitrary PHP code via a URL in the (1) aide or (2) perso parameter.
CVE-2007-3461 1 Elkagroup 1 Image Gallery 2026-04-23 N/A
SQL injection vulnerability in property.php in elkagroup Image Gallery 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter.
CVE-2007-3464 1 Sofaware 1 Safe At Office 500 Utm 2026-04-23 N/A
Check Point SofaWare Safe@Office, with firmware before Embedded NGX 7.0.45 GA, does not require entry of the old password when changing the admin password, which might allow attackers to gain privileges by conducting a CSRF attack, making a password change on an unattended workstation, or other vectors.
CVE-2007-3465 1 Sofaware 1 Safe At Office 500 Utm 2026-04-23 N/A
Check Point SofaWare Safe@Office, with firmware before Embedded NGX 7.0.45 GA, has a certain default password.
CVE-2007-3534 1 Daniel Toma 1 Webchat 2026-04-23 N/A
SQL injection vulnerability in login.php in WebChat 0.78 allows remote attackers to execute arbitrary SQL commands via the rid parameter.
CVE-2007-3468 1 Videolan 1 Vlc Media Player 2026-04-23 N/A
input.c in VideoLAN VLC Media Player before 0.8.6c allows remote attackers to cause a denial of service (crash) via a crafted WAV file that causes an uninitialized i_nb_resamplers variable to be used.
CVE-2007-3483 1 Rim 1 Blackberry Enterprise Server 2026-04-23 N/A
Research in Motion BlackBerry Enterprise Server 4.0 through 4.1 has a default configuration that permits installation of arbitrary third-party applications on BlackBerry devices, which might facilitate loading of malware.
CVE-2007-3486 1 Altavista 1 Search Engine 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in AltaVista search engine allows remote attackers to inject arbitrary web script or HTML via the text parameter to the default URI.
CVE-2007-3489 1 Checkpoint 1 Vpn-1 Utm Edge 2026-04-23 N/A
Cross-site request forgery (CSRF) vulnerability in pop/WizU.html in the management interface in Check Point VPN-1 Edge X Embedded NGX 7.0.33x on the Check Point VPN-1 UTM Edge allows remote attackers to perform privileged actions as administrators, as demonstrated by a request with the swuuser and swupass parameters, which adds an administrator account. NOTE: the CSRF attack has no timing window because there is no logout capability in the management interface.
CVE-2007-3490 1 Microsoft 1 Excel 2026-04-23 N/A
Unspecified vulnerability in Microsoft Excel 2003 SP2 allows remote attackers to have an unknown impact via unspecified vectors, possibly related to the sheet name, as demonstrated by 2670.xls.
CVE-2007-3491 1 Progress 1 Openedge 2026-04-23 N/A
Buffer overflow in _mprosrv in Progress Software OpenEdge before 9.1E0422, and 10.x before 10.1B01, allows remote attackers to have an unknown impact via a malformed TCP/IP message.