Filtered by NVD-CWE-Other
Total 29947 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2007-3023 1 Clam Anti-virus 1 Clamav 2026-04-23 N/A
unsp.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 does not properly calculate the end of a certain buffer, with unknown impact and remote attack vectors.
CVE-2007-3030 1 Microsoft 2 Excel, Excel Viewer 2026-04-23 N/A
Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and 2003 Viewer allows user-assisted remote attackers to execute arbitrary code via a malformed Excel file involving the "denoting [of] the start of a Workspace designation", which results in memory corruption, aka the "Workbook Memory Corruption Vulnerability".
CVE-2007-3038 1 Microsoft 1 Windows Vista 2026-04-23 N/A
The Teredo interface in Microsoft Windows Vista and Vista x64 Edition does not properly handle certain network traffic, which allows remote attackers to bypass firewall blocking rules and obtain sensitive information via crafted IPv6 traffic, aka "Windows Vista Firewall Blocking Rule Information Disclosure Vulnerability."
CVE-2007-2093 1 Limesoft 1 Limesoft Guestbook 2026-04-23 N/A
Direct static code injection vulnerability in index.php in Limesoft Guestbook (LS Simple Guestbook) 1.0 allows remote attackers to inject arbitrary PHP code into posts.txt via the message parameter.
CVE-2007-3079 1 Eqdkp 1 Eqdkp 2026-04-23 N/A
listmembers.php in EQdkp 1.3.2c and earlier allows remote attackers to obtain sensitive information via an invalid compare parameter, which reveals the path.
CVE-2007-2094 1 Anthologia 1 Anthologia 2026-04-23 N/A
PHP remote file inclusion vulnerability in index.php in Anthologia 0.5.2 allows remote attackers to execute arbitrary PHP code via a URL in the ads_file parameter.
CVE-2007-3075 1 Microsoft 1 Internet Explorer 2026-04-23 N/A
Directory traversal vulnerability in Microsoft Internet Explorer allows remote attackers to read arbitrary files via directory traversal sequences in a URI with a certain scheme, possibly related to "..%5C" (encoded backslash) sequences.
CVE-2007-3078 1 Aigaion 1 Aigaion 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Aigaion before 1.3.3 allow remote attackers to inject arbitrary web script or HTML via the title parameter (Authors and Publication titles) to (1) authoractions.php or (2) publicationactions.php.
CVE-2007-3100 1 Redhat 2 Enterprise Linux, Open Iscsi 2026-04-23 N/A
usr/log.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 uses a semaphore with insecure permissions (world-writable/world-readable) for managing log messages using shared memory, which allows local users to cause a denial of service (hang) by grabbing the semaphore.
CVE-2007-2101 1 Fac Guestbook 1 Fac Guestbook 2026-04-23 N/A
FAC Guestbook 3.01 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/gbdb.mdb. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-2102 1 My Little Homepage 1 My Little Weblog 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in weblog.php in my little weblog allows remote attackers to inject arbitrary web script or HTML via the id parameter, a different vector than CVE-2006-6087.
CVE-2007-3153 1 Daniel Stenberg 1 C-ares 2026-04-23 N/A
The ares_init:randomize_key function in c-ares, on platforms other than Windows, uses a weak facility for producing a random number sequence (Unix rand), which makes it easier for remote attackers to spoof DNS responses by guessing certain values.
CVE-2007-3155 1 Egroupware 1 Egroupware 2026-04-23 N/A
Unspecified vulnerability in eGroupWare before 1.2.107-2 has unknown impact and attack vectors related to ADOdb. NOTE: due to lack of details from the vendor, it is uncertain whether this issue is already covered by another CVE identifier.
CVE-2007-3191 1 Jffnms 1 Just For Fun Network Management System 2026-04-23 N/A
Just For Fun Network Management System (JFFNMS) 0.8.3 allows remote attackers to obtain configuration information via a direct request to admin/adm/test.php, which calls the phpinfo function.
CVE-2007-3193 1 Phpwiki 1 Phpwiki 2026-04-23 N/A
lib/WikiUser/LDAP.php in PhpWiki before 1.3.13p1, when the configuration lacks a nonzero PASSWORD_LENGTH_MINIMUM, might allow remote attackers to bypass authentication via an empty password, which causes ldap_bind to return true when used with certain LDAP implementations.
CVE-2007-0055 1 Fersch 1 Formbankserver 2026-04-23 N/A
Directory traversal vulnerability in formbankcgi.exe/AbfrageForm in Formbankserver 1.9 allows remote attackers to read arbitrary files via directory traversal sequences in the Name parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-3244 1 Bbpress 1 Bbpress 2026-04-23 N/A
SQL injection vulnerability in bb-includes/formatting-functions.php in bbPress before 0.8.1 might allow remote attackers to execute arbitrary SQL commands via unspecified vectors to forums/bb-edit.php, as demonstrated by a PRE element, aka the "quircky slashes bug."
CVE-2007-3257 2 Gnome, Redhat 2 Evolution, Enterprise Linux 2026-04-23 N/A
Camel (camel-imap-folder.c) in the mailer component for Evolution Data Server 1.11 allows remote IMAP servers to execute arbitrary code via a negative SEQUENCE value in GData, which is used as an array index.
CVE-2007-3322 1 Avaya 1 4602sw Ip Phone 2026-04-23 N/A
The Avaya 4602 SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware uses a constant media port number for calls, which allows remote attackers to cause a denial of service (audio quality loss) via a flood of packets to the RTP port.
CVE-2007-3327 1 Bughunter 1 Http Server 2026-04-23 N/A
httpsv.exe in HTTP Server 1.6.2 allows remote attackers to obtain sensitive information (script source code) via a URI with a trailing %20 (encoded space).