Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-3012 | 1 Fujitsu | 1 Primergy Bx300 | 2026-04-23 | N/A |
| The web interface in Fujitsu-Siemens Computers PRIMERGY BX300 Switch Blade allows remote attackers to obtain sensitive information by canceling the authentication dialog when accessing a sub-page, which still displays the form field contents of the sub-page, as demonstrated using (1) config/ip_management.htm and (2) config/snmp_config.htm. | ||||
| CVE-2008-1116 | 1 Rising Antivirus International | 1 Rising Web Scan Object | 2026-04-23 | N/A |
| Insecure method vulnerability in the Web Scan Object ActiveX control (OL2005.dll) in Rising Antivirus Online Scanner allows remote attackers to force the download and execution of arbitrary code by setting the BaseURL property and invoking the UpdateEngine method. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-5406 | 3 Autonomy, Ibm, Symantec | 3 Keyview, Lotus Notes, Mail Security | 2026-04-23 | N/A |
| kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, does not properly parse long tokens, which allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted .ag file. | ||||
| CVE-2007-3809 | 1 Prozilla | 1 Prozilla Directory Script | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Prozilla Directory Script allow remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action to directory.php, and other unspecified vectors. | ||||
| CVE-2007-5380 | 1 David Hansson | 1 Ruby On Rails | 2026-04-23 | N/A |
| Session fixation vulnerability in Rails before 1.2.4, as used for Ruby on Rails, allows remote attackers to hijack web sessions via unspecified vectors related to "URL-based sessions." | ||||
| CVE-2007-1266 | 1 Gnome | 1 Evolution | 2026-04-23 | N/A |
| Evolution 2.8.1 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Evolution from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message without detection. | ||||
| CVE-2007-0333 | 1 Agnitum | 1 Outpost Firewall | 2026-04-23 | N/A |
| Agnitum Outpost Firewall PRO 4.0 allows local users to bypass access restrictions and insert Trojan horse drivers into the product's installation directory by creating links using FileLinkInformation requests with the ZwSetInformationFile function, as demonstrated by modifying SandBox.sys. | ||||
| CVE-2007-3848 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-23 | N/A |
| Linux kernel 2.4.35 and other versions allows local users to send arbitrary signals to a child process that is running at higher privileges by causing a setuid-root parent process to die, which delivers an attacker-controlled parent process death signal (PR_SET_PDEATHSIG). | ||||
| CVE-2007-5361 | 1 Alcatel-lucent | 1 Omnipcx | 2026-04-23 | N/A |
| The Communication Server in Alcatel-Lucent OmniPCX Enterprise 7.1 and earlier caches an IP address during a TFTP request from an IP Touch phone, and uses this IP address as the destination for all subsequent VoIP packets to this phone, which allows remote attackers to cause a denial of service (loss of audio) or intercept voice communications via a crafted TFTP request containing the phone's MAC address in the filename. | ||||
| CVE-2007-2180 | 1 Nullsoft | 1 Winamp | 2026-04-23 | N/A |
| Buffer overflow in Nullsoft Winamp 5.3 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted WMV file. | ||||
| CVE-2007-1273 | 2 Navision, Netbsd | 2 Financials Server, Netbsd | 2026-04-23 | N/A |
| Integer overflow in the ktruser function in NetBSD-current before 20061022, NetBSD 3 and 3-0 before 20061024, and NetBSD 2 before 20070209, when the kernel is built with the COMPAT_FREEBSD or COMPAT_DARWIN option, allows local users to cause a denial of service and possibly gain privileges. | ||||
| CVE-2006-6139 | 1 Sisfo Kampus | 1 Sisfo Kampus | 2026-04-23 | N/A |
| Directory traversal vulnerability in downloadexcel.php in Sisfo Kampus 2006 (Semarang 3) allows remote attackers to read arbitrary files via the fn parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2008-1319 | 1 Versant | 1 Versant Object Database | 2026-04-23 | N/A |
| Untrusted search path and argument injection vulnerability in the VersantD service in Versant Object Database 7.0.1.3 and earlier, as used in Borland CaliberRM and probably other products, allows remote attackers to execute arbitrary commands via a request to TCP port 5019 with a modified VERSANT_ROOT field. | ||||
| CVE-2007-0337 | 1 Kgb | 1 Kgb | 2026-04-23 | N/A |
| Directory traversal vulnerability in sesskglogadmin.php in KGB 1.9 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the skinnn parameter, as demonstrated by invoking kg.php with a postek parameter containing PHP code, which is injected into a file in the kg directory, and then included by sesskglogadmin.php. | ||||
| CVE-2007-0338 | 1 Bolintech | 1 Dreamftp Server | 2026-04-23 | N/A |
| Heap-based buffer overflow in Dream FTP Server allows remote attackers to execute arbitrary code via a USER command with a large number of format string specifiers, which triggers the overflow during processing of the Server Log. | ||||
| CVE-2007-2784 | 1 Globus | 1 Globus Toolkit | 2026-04-23 | N/A |
| Unspecified vulnerability in globus-job-manager in Globus Toolkit 4.1.1 and earlier (globus_nexus-6.6 and earlier) allows remote attackers to cause a denial of service (resource exhaustion and system crash) via certain requests to temporary TCP ports for a GRAM2 job or its MPICH-G2 applications. | ||||
| CVE-2007-5242 | 1 Hp | 1 Openvms | 2026-04-23 | N/A |
| Unspecified vulnerability in (1) SYS$EI1000.EXE and (2) SYS$EI1000_MON.EXE in HP OpenVMS 8.3 and earlier allows remote attackers to cause a denial of service (machine crash) via an "oversize" packet, which is not properly discarded if "the device has no remaining buffers after receipt of the first buffer segment." | ||||
| CVE-2007-5079 | 1 Redhat | 2 Enterprise Linux, Linux | 2026-04-23 | N/A |
| Red Hat Enterprise Linux 4 does not properly compile and link gdm with tcp_wrappers on x86_64 platforms, which might allow remote attackers to bypass intended access restrictions. | ||||
| CVE-2007-4704 | 1 Apple | 1 Mac Os X | 2026-04-23 | N/A |
| The Application Firewall in Apple Mac OS X 10.5 does not apply changed settings to processes that are started by launchd until the processes are restarted, which might allow attackers to bypass intended access restrictions. | ||||
| CVE-2007-0339 | 1 Scriptme | 1 Sme Filemailer | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php (aka the login form) in Scriptme SMe FileMailer 1.21 allows remote attackers to execute arbitrary SQL commands via the Password field (ps parameter). NOTE: some of these details are obtained from third party information. | ||||