Export limit exceeded: 346620 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29902 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29902 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-0614 | 1 Apple | 3 Ichat, Instant Message Framework, Mac Os X | 2026-04-23 | N/A |
| The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMessage framework 428 in Apple Mac OS X 10.4.8 allows remote attackers to cause a denial of service (persistent application crash) via a crafted phsh hash attribute in a TXT key. | ||||
| CVE-2007-0616 | 1 Zenphoto | 1 Zenphoto | 2026-04-23 | N/A |
| Directory traversal vulnerability in zen/template-functions.php in zenphoto 1.0.4 up to 1.0.6 allows remote attackers to list arbitrary directories via ".." sequences in the album parameter to index.php. | ||||
| CVE-2007-0617 | 1 Earthlink | 1 Total Access | 2026-04-23 | N/A |
| The SpamBlocker.dll ActiveX control in Earthlink TotalAccess is marked "safe for scripting," which allows remote attackers to add arbitrary e-mail addresses and domains to the spam blocker whitelist via the (1) AddSenderToWhitelist and (2) AddDomainToWhitelist functions. | ||||
| CVE-2007-0618 | 1 Ibm | 1 Aix | 2026-04-23 | N/A |
| Unspecified vulnerability in (1) pop3d, (2) pop3ds, (3) imapd, and (4) imapds in IBM AIX 5.3.0 has unspecified impact and attack vectors, involving an "authentication vulnerability." | ||||
| CVE-2007-0619 | 1 Chmlib | 1 Chmlib | 2026-04-23 | N/A |
| chmlib before 0.39 allows user-assisted remote attackers to execute arbitrary code via a crafted page block length in a CHM file, which triggers memory corruption. | ||||
| CVE-2007-0620 | 1 Vlad Leont | 1 Fd Script | 2026-04-23 | N/A |
| download.php in FD Script 1.3.2 and earlier allows remote attackers to read source of files under the web document root with certain extensions, including .php, via a relative pathname in the fname parameter, as demonstrated by downloading config.php. | ||||
| CVE-2007-0622 | 1 Mybb | 1 Mybb | 2026-04-23 | N/A |
| Cross-site request forgery (CSRF) vulnerability in MyBB (aka MyBulletinBoard) 1.2.2 allows remote attackers to send messages to arbitrary users. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-0624 | 1 Maxdev | 1 Mdpro | 2026-04-23 | N/A |
| user.php in MAXdev MDPro 1.0.76 allows remote attackers to obtain the full path via a ' (quote) character, and possibly other invalid values, in the uname parameter in a userinfo operation. | ||||
| CVE-2007-0625 | 1 Nomachine | 1 Nx Server | 2026-04-23 | N/A |
| nxconfigure.sh in NoMachine NX Server before 2.1.0-18 does not validate the invoking user, which allows local users to modify server configuration keys in /usr/NX/etc/server.cfg, resulting in an unspecified denial of service. | ||||
| CVE-2007-0627 | 1 Michael Still | 1 Gtalkbot | 2026-04-23 | N/A |
| Michael Still gtalkbot before 1.2 places username and password arguments on the command line, which allows local users to obtain sensitive information by listing the process. | ||||
| CVE-2007-0628 | 1 Sun | 1 Java System Access Manager | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Access Manager 6.1, 6.2, 6 2005Q1 (6.3), and 7 2005Q4 (7.0) before 20070129 allow remote attackers to inject arbitrary web script or HTML via the (1) goto or (2) gx-charset parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-0630 | 1 X-dev | 1 Xnews | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in the generate_csv function in classes/class.news.php in X-dev xNews 1.3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id, (2) from, and (3) q parameters, different vectors than CVE-2007-0569. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2006-5945 | 1 Mginternet | 1 Car Site Manager | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in MGinternet Car Site Manager (CSM) allow remote attackers to execute arbitrary SQL commands via the (1) p parameter to (a) csm/asp/detail.asp, or the (2) l, (3) typ, or (4) loc parameter to (b) csm/asp/listings.asp. | ||||
| CVE-2007-0641 | 1 Shaffer Solutions Corp | 1 Dapcnfsd.dll | 2026-04-23 | N/A |
| Buffer overflow in the EnumPrintersA function in dapcnfsd.dll 0.6.4.0 in Shaffer Solutions (SSC) DiskAccess NFS Client allows remote attackers to execute arbitrary code via a long argument, an issue similar to CVE-2006-5854 and CVE-2007-0444. | ||||
| CVE-2007-0643 | 1 Bloodshed Software | 1 Dev-c\+\+ | 2026-04-23 | N/A |
| Stack-based buffer overflow in Bloodshed Dev-C++ 4.9.9.2 allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long line in a .cpp file. | ||||
| CVE-2007-0644 | 1 Apple | 1 Safari | 2026-04-23 | N/A |
| Format string vulnerability in Apple Safari 2.0.4 (419.3) allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in filenames that are not properly handled when calling the (1) NSLog and (2) NSBeginAlertSheet Apple AppKit functions. | ||||
| CVE-2007-0645 | 1 Apple | 1 Iphoto | 2026-04-23 | N/A |
| Format string vulnerability in iPhoto 6.0.5 allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in a filename, which is not properly handled when calling certain Apple AppKit functions. | ||||
| CVE-2007-0648 | 1 Cisco | 1 Ios | 2026-04-23 | N/A |
| Cisco IOS after 12.3(14)T, 12.3(8)YC1, 12.3(8)YG, and 12.4, with voice support and without Session Initiated Protocol (SIP) configured, allows remote attackers to cause a denial of service (crash) by sending a crafted packet to port 5060/UDP. | ||||
| CVE-2006-5947 | 1 Conxint | 1 Conxint Ftp Server | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in Conxint FTP Server 2.2.0603, and possibly earlier, allow remote attackers to read arbitrary files and list arbitrary directories via directory traversal sequences in (1) DIR (LIST or NLST) and (2) GET (RETR) commands. NOTE: the provenance of this information is unknown; details are obtained from third party sources. | ||||
| CVE-2007-0650 | 1 Makeindex | 1 Makeindex | 2026-04-23 | N/A |
| Buffer overflow in the open_sty function in mkind.c for makeindex 2.14 in teTeX might allow user-assisted remote attackers to overwrite files and possibly execute arbitrary code via a long filename. NOTE: other overflows exist but might not be exploitable, such as a heap-based overflow in the check_idx function. | ||||