Total
29916 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-3506 | 1 Freetype | 1 Freetype | 2026-04-23 | N/A |
| The ft_bitmap_assure_buffer function in src/base/ftbimap.c in FreeType 2.3.3 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors involving bitmap fonts, related to a "memory buffer overwrite bug." | ||||
| CVE-2007-3507 | 1 Flac123 | 1 Flac123 | 2026-04-23 | N/A |
| Stack-based buffer overflow in the local__vcentry_parse_value function in vorbiscomment.c in flac123 (aka flac-tools or flac) before 0.0.10 allows user-assisted remote attackers to execute arbitrary code via a large comment value_length. | ||||
| CVE-2007-3509 | 1 Symantec | 1 Veritas Backup Exec | 2026-04-23 | N/A |
| Heap-based buffer overflow in the RPC subsystem in Symantec Backup Exec for Windows Servers 10.0, 10d, and 11d allows remote attackers to cause a denial of service (process exit) and possibly execute arbitrary code via crafted ncacn_ip_tcp requests. | ||||
| CVE-2007-3518 | 1 Hispah | 1 Youtube Clone Script | 2026-04-23 | N/A |
| SQL injection vulnerability in msg.php in HispaH YouTube Clone Script (youtubeclone) allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2007-3520 | 1 Easybe | 1 1-2-3 Music Store | 2026-04-23 | N/A |
| SQL injection vulnerability in process.php in Easybe 1-2-3 Music Store allows remote attackers to execute arbitrary SQL commands via the CategoryID parameter. | ||||
| CVE-2007-3525 | 1 Ripe Website Manager | 1 Ripe Website Manager | 2026-04-23 | N/A |
| Ripe Website Manager 0.8.9 and earlier allows remote attackers to obtain configuration information via a direct request to includes/phpinfo.php, which calls the phpinfo function. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-2119 | 1 Oracle | 2 Application Server, Database Server | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in boundary_rules.jsp in the Administration Front End for Oracle Enterprise (Ultra) Search, as used in Database Server 9.2.0.8, 10.1.0.5, and 10.2.0.2, and in Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2.0 allows remote attackers to inject arbitrary HTML or web script via the EXPTYPE parameter, aka SES01. | ||||
| CVE-2007-2123 | 1 Oracle | 1 Application Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.3 up to 10.1.3.2.0, 10.1.2 up to 10.1.2.2.0, and 9.0.4.3 has unknown impact and attack vectors, aka AS04. | ||||
| CVE-2007-2129 | 1 Oracle | 1 Enterprise Manager | 2026-04-23 | N/A |
| Unspecified vulnerability in the Agent component in Oracle Enterprise Manager 9.2.0.8 has unknown impact and remote attack vectors, aka EM01. | ||||
| CVE-2007-3596 | 1 Izzysoft | 1 Phpvideopro | 2026-04-23 | N/A |
| inc/vul_check.inc in phpVideoPro before 0.8.8 permits non-alphanumeric characters in the sess_id parameter, which has unknown impact and remote attack vectors, probably cross-site scripting (XSS). | ||||
| CVE-2007-3579 | 1 Phpids | 1 Phpids | 2026-04-23 | N/A |
| PHPIDS before 20070703 does not properly handle setting the .text property of a SCRIPT element before its attachment to the DOM, which allows remote attackers to inject arbitrary web script. | ||||
| CVE-2007-2131 | 1 Oracle | 1 Peoplesoft Enterprise | 2026-04-23 | N/A |
| Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterprise 8.22.14, 8.47.12, and 8.48.08 has unknown impact and attack vectors, aka PSE01. | ||||
| CVE-2007-2132 | 1 Oracle | 1 Peoplesoft Enterprise | 2026-04-23 | N/A |
| Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise 8.47.12 and 8.48.08 has unknown impact and attack vectors, aka PSE02. | ||||
| CVE-2007-3660 | 1 Nonnoi Solutions | 1 Asp Barcode | 2026-04-23 | N/A |
| The Nonnoi ASP/Barcode ActiveX control (nonnoi_ASPBarcode.dll) allows remote attackers to overwrite arbitrary files via an argument to the SaveBarcode function. | ||||
| CVE-2007-3622 | 1 Alt-n | 1 Mdaemon | 2026-04-23 | N/A |
| Unspecified vulnerability in DomainPOP in Alt-N Technologies MDaemon before 9.61 allows remote attackers to cause a denial of service (crash) via malformed messages. | ||||
| CVE-2007-3659 | 1 Freewrl | 1 Freewrl | 2026-04-23 | N/A |
| Buffer overflow in the doBrowserAction function in FreeWRL 1.19.3 allows local users to execute arbitrary code via a crafted BROWSER environment variable. NOTE: it is not clear whether this issue crosses privilege boundaries. | ||||
| CVE-2007-2133 | 1 Oracle | 1 Peoplesoft Enterprise | 2026-04-23 | N/A |
| Unspecified vulnerability in the PeopleSoft Enterprise Human Capital Management component in Oracle PeopleSoft Enterprise 8.9 has unknown impact and attack vectors, aka PSEHCM01. | ||||
| CVE-2007-3628 | 1 Pear | 1 Structures Datagrid Datasource Mdb2 | 2026-04-23 | N/A |
| Unspecified vulnerability in the fetch function in MDB2.php in PEAR Structures-DataGrid-DataSource-MDB2 0.1.9 and earlier allows attackers to "manipulate the generated sorting queries." | ||||
| CVE-2007-2134 | 1 Oracle | 1 Enterpriseone | 2026-04-23 | N/A |
| Unspecified vulnerability in the HTML Server in Oracle JD Edwards EnterpriseOne SP23_Q1 and 8.96.I1 has unknown impact and local attack vectors, aka JDE01. | ||||
| CVE-2007-3636 | 1 Squirrelmail | 2 Gpg Plugin, Squirrelmail | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in the G/PGP (GPG) Plugin 2.1 for Squirrelmail allow remote attackers to execute arbitrary commands via unspecified vectors. NOTE: this information is based upon a vague pre-advisory from a reliable researcher. | ||||