Export limit exceeded: 351129 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (351129 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-3298 | 1 Spey | 1 Spey | 2026-04-23 | N/A |
| SQL injection vulnerability in Spey before 0.4.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to MessageProcessor.cc and possibly other components. | ||||
| CVE-2007-3299 | 1 Awffull | 1 Awffull | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in AWFFull before 3.7.4, when AllSearchStr (aka the All Search Terms report) is enabled, allows remote attackers to inject arbitrary web script or HTML via a search string. | ||||
| CVE-2007-3300 | 1 F-secure | 6 F-secure Anti-virus, F-secure Anti-virus Linux Client Security, F-secure Anti-virus Linux Server Security and 3 more | 2026-04-23 | N/A |
| Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070619 allow remote attackers to bypass scanning via a crafted header in a (1) LHA or (2) RAR archive. | ||||
| CVE-2007-3301 | 1 Fusetalk | 1 Fusetalk | 2026-04-23 | N/A |
| SQL injection vulnerability in forum/include/error/autherror.cfm in FuseTalk allows remote attackers to execute arbitrary SQL commands via the errorcode parameter. NOTE: a patch may have been released privately between April and June 2007. NOTE: this issue may overlap CVE-2007-3273. | ||||
| CVE-2007-3302 | 2 Broadcom, Ca | 2 Etrust Intrusion Detection, Etrust Intrusion Detection | 2026-04-23 | N/A |
| The CallCode ActiveX control in caller.dll 3.0 before 20070713, and 3.0 SP1 before 3.0.5.81, in CA (formerly Computer Associates) eTrust Intrusion Detection allows remote attackers to load arbitrary DLLs on a client system, and execute code from these DLLs, via unspecified "scriptable functions." | ||||
| CVE-2007-3305 | 1 Cerulean Studios | 1 Trillian | 2026-04-23 | N/A |
| Heap-based buffer overflow in Cerulean Studios Trillian 3.x before 3.1.6.0 allows remote attackers to execute arbitrary code via a message sent through the MSN protocol, or possibly other protocols, with a crafted UTF-8 string, which triggers improper memory allocation for word wrapping when a window width is used as a buffer size, a different vulnerability than CVE-2007-2478. | ||||
| CVE-2007-3306 | 1 Ultrize | 1 Minibill | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in crontab/run_billing.php in MiniBill 1.2.5 allows remote attackers to execute arbitrary PHP code via a URL in the config[include_dir] parameter, a different vector than CVE-2006-4489. | ||||
| CVE-2007-3307 | 1 Solar Empire | 1 Solar Empire | 2026-04-23 | N/A |
| SQL injection vulnerability in game_listing.php in Solar Empire 2.9.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header. | ||||
| CVE-2007-3309 | 1 Simple Machines | 1 Simple Machines Forum | 2026-04-23 | N/A |
| Unspecified vulnerability in Simple Machines Forum (SMF) 1.1.2 allows remote attackers to execute arbitrary PHP code during (1) creation or (2) editing of a message. | ||||
| CVE-2007-3310 | 1 Tdizin | 1 Tdizin | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in arama.asp in TDizin allows remote attackers to inject arbitrary web script or HTML via the ara parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-3313 | 1 Efstratios Geroulis | 1 Jasmine Cms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Jasmine CMS 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the login_username parameter to login.php or (2) the item parameter to news.php. | ||||
| CVE-2007-3314 | 1 Altap | 2 Portable Executable Viewer, Servant Salamander | 2026-04-23 | N/A |
| Stack-based buffer overflow in peviewer.spl in Altap Servant Salamander 2.5 with Portable Executable Viewer 2.02 (English Trial), and 2.0 with Portable Executable Viewer 1.00 (English Trial), allows remote attackers to execute arbitrary code via a long PDB debug filename in a PE file. | ||||
| CVE-2007-3316 | 1 Videolan | 1 Vlc Media Player | 2026-04-23 | N/A |
| Multiple format string vulnerabilities in plugins in VideoLAN VLC Media Player before 0.8.6c allow remote attackers to cause a denial of service (crash) or execute arbitrary code via format string specifiers in (1) an Ogg/Vorbis file, (2) an Ogg/Theora file, (3) a CDDB entry for a CD Digital Audio (CDDA) file, or (4) Service Announce Protocol (SAP) multicast packets. | ||||
| CVE-2007-3317 | 1 Avaya | 1 One-x | 2026-04-23 | N/A |
| The Session Initiation Protocol (SIP) User Access Client (UAC) message parsing module in Avaya one-X Desktop Edition 2.1.0.70 and earlier allows remote attackers to cause a denial of service (device crash) via a malformed SIP message. | ||||
| CVE-2007-3322 | 1 Avaya | 1 4602sw Ip Phone | 2026-04-23 | N/A |
| The Avaya 4602 SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware uses a constant media port number for calls, which allows remote attackers to cause a denial of service (audio quality loss) via a flood of packets to the RTP port. | ||||
| CVE-2007-3325 | 1 Lms | 1 Lan Management System | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in lib/language.php in LAN Management System (LMS) 1.9.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _LIB_DIR parameter, a different vector than CVE-2007-1643 and CVE-2007-2205. | ||||
| CVE-2007-3326 | 1 Jelsoft | 1 Vbulletin | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in vBulletin 3.x.x allow remote attackers to redirect visitors to arbitrary local files via a .. (dot dot) in (1) the loc parameter to admincp/index.php and (2) the Hyperlink information URl field for post Topic in showthread.php, enabling cross-site scripting (XSS) and other attacks, a different vulnerability than CVE-2005-3025.2. | ||||
| CVE-2007-3327 | 1 Bughunter | 1 Http Server | 2026-04-23 | N/A |
| httpsv.exe in HTTP Server 1.6.2 allows remote attackers to obtain sensitive information (script source code) via a URI with a trailing %20 (encoded space). | ||||
| CVE-2007-3330 | 1 Stphp | 1 Easynews | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in STphp EasyNews PRO 4.0 allows remote attackers to inject arbitrary web script or HTML via a news post, which is stored in news/ without sanitization. | ||||
| CVE-2007-3331 | 1 Stphp | 1 Easynews | 2026-04-23 | N/A |
| Cross-site request forgery (CSRF) vulnerability in STphp EasyNews PRO 4.0 allows remote attackers to change the admin password via (1) a certain HTML form that is posted automatically by JavaScript or (2) a news post. | ||||