Export limit exceeded: 350717 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 350717 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 350717 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (350717 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-1181 | 1 Web-app.org | 1 Webapp | 2026-04-23 | N/A |
| WebAPP before 0.9.9.5 passes (1) Unused Informations and (2) the username through Edit Profile forms, which has unknown impact and attack vectors. | ||||
| CVE-2007-1182 | 1 Web-app.org | 1 Webapp | 2026-04-23 | N/A |
| WebAPP before 0.9.9.5 allows remote Guest users to edit a Guest profile, which has unknown impact. | ||||
| CVE-2007-1183 | 1 Web-app.org | 1 Webapp | 2026-04-23 | N/A |
| WebAPP before 0.9.9.5 allows remote authenticated users to spoof another user's Real Name via whitespace, which has unknown impact and attack vectors. | ||||
| CVE-2007-1184 | 1 Web-app.org | 1 Webapp | 2026-04-23 | N/A |
| The default configuration of WebAPP before 0.9.9.5 has a CAPTCHA setting of "no," which makes it easier for automated programs to submit false data. | ||||
| CVE-2007-1185 | 1 Web-app.org | 1 Webapp | 2026-04-23 | N/A |
| The (1) Search, (2) Edit Profile, (3) Recommend, and (4) User Approval forms in WebAPP before 0.9.9.5 use hidden inputs, which has unknown impact and remote attack vectors. | ||||
| CVE-2007-1186 | 1 Web-app.org | 1 Webapp | 2026-04-23 | N/A |
| WebAPP before 0.9.9.5 does not "censor" the Latest Member real name, which has unknown impact. | ||||
| CVE-2007-1189 | 1 Bell Labs | 1 Plan 9 | 2026-04-23 | N/A |
| Integer overflow in the envwrite function in the Alcatel-Lucent Bell Labs Plan 9 kernel allows local users to overwrite certain memory addresses with kernel memory via a large n argument, as demonstrated by (1) modifying the iseve function to gain privileges and (2) making the devpermcheck function grant unrestricted device permissions. | ||||
| CVE-2007-1190 | 1 Bsalsa | 1 Embeddedwb Web Browser | 2026-04-23 | N/A |
| Unspecified vulnerability in the EmbeddedWB Web Browser ActiveX control allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-1191 | 1 Quicksilver | 1 Del.icio.us Module | 2026-04-23 | N/A |
| The Social Bookmarks (del.icio.us) plug-in 8F in Quicksilver writes usernames and passwords in plaintext to the /Library/Logs/Console/UID/Console.log file, which allows local users to obtain sensitive information by reading this file. | ||||
| CVE-2007-1193 | 1 Orangehrm | 1 Orangehrm | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in the Login page in OrangeHRM before 20070212 have unknown impact and attack vectors. | ||||
| CVE-2007-2124 | 1 Oracle | 1 Application Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.4.1.0 has unknown impact and remote attack vectors, aka AS05. | ||||
| CVE-2007-1206 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2026-04-23 | N/A |
| The Virtual DOS Machine (VDM) in the Windows Kernel in Microsoft Windows NT 4.0; 2000 SP4; XP SP2; Server 2003, 2003 SP1, and 2003 SP2; and Windows Vista before June 2006; uses insecure permissions (PAGE_READWRITE) for a physical memory view, which allows local users to gain privileges by modifying the "zero page" during a race condition before the view is unmapped. | ||||
| CVE-2007-1211 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2026-04-23 | N/A |
| Unspecified kernel GDI functions in Microsoft Windows 2000 SP4; XP SP2; and Server 2003 Gold, SP1, and SP2 allows user-assisted remote attackers to cause a denial of service (possibly persistent restart) via a crafted Windows Metafile (WMF) image that causes an invalid dereference of an offset in a kernel structure, a related issue to CVE-2005-4560. | ||||
| CVE-2007-1237 | 1 Bj Sintay | 1 Sitex | 2026-04-23 | N/A |
| sitex allows remote attackers to obtain potentially sensitive information via a ' (quote) value for certain parameters, as demonstrated by parameters used in forum and search, which forces a SQL error. | ||||
| CVE-2007-1213 | 1 Microsoft | 1 Windows 2000 | 2026-04-23 | N/A |
| The TrueType Fonts rasterizer in Microsoft Windows 2000 SP4 allows local users to gain privileges via crafted TrueType fonts, which result in an uninitialized function pointer. | ||||
| CVE-2007-1214 | 1 Microsoft | 2 Excel, Excel Viewer | 2026-04-23 | N/A |
| Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, and 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a crafted AutoFilter filter record in an Excel BIFF8 format XLS file, which triggers memory corruption. | ||||
| CVE-2007-1215 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Vista and 1 more | 2026-04-23 | N/A |
| Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via certain "color-related parameters" in crafted images. | ||||
| CVE-2007-1217 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-23 | N/A |
| Buffer overflow in the bufprint function in capiutil.c in libcapi, as used in Linux kernel 2.6.9 to 2.6.20 and isdn4k-utils, allows local users to cause a denial of service (crash) and possibly gain privileges via a crafted CAPI packet. | ||||
| CVE-2007-1218 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2026-04-23 | N/A |
| Off-by-one buffer overflow in the parse_elements function in the 802.11 printer code (print-802_11.c) for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted 802.11 frame. NOTE: this was originally referred to as heap-based, but it might be stack-based. | ||||
| CVE-2007-1219 | 1 Admin Phorum | 1 Admin Phorum | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in actions/del.php in Admin Phorum 3.3.1a allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter. | ||||