Total
29947 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-2011 | 1 Deskpro | 1 Deskpro | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in login.php in DeskPro 2.0.1 allows remote attackers to inject arbitrary web script or HTML via the username parameter. | ||||
| CVE-2007-2061 | 1 Afterlogic | 1 Mailbee Webmail | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in check_login.asp in AfterLogic MailBee WebMail Pro 3.4 allows remote attackers to inject arbitrary web script or HTML via the username parameter. | ||||
| CVE-2007-4178 | 1 Amg Soft | 1 Webdirector | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in WebDirector 2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the deslocal parameter. | ||||
| CVE-2007-2183 | 1 Php-ring | 1 Webring System | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in PHP-Ring Webring System (aka uPHP_ring_website) 0.9 allows remote attackers to execute arbitrary SQL commands via the ring parameter. | ||||
| CVE-2007-2208 | 1 Extreme Phpbb | 1 Extreme Phpbb | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Extreme PHPBB2 3.0 Pre Final allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter to (1) functions.php or (2) functions_portal.php in includes/. | ||||
| CVE-2007-2064 | 1 Actionpoll | 1 Actionpoll | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Robert Ladstaetter ActionPoll 1.1.0, and possibly 1.1.1, allow remote attackers to execute arbitrary PHP code via a URL in (1) the CONFIG_POLLDB parameter to actionpoll.php or (2) the CONFIG_DB parameter to db/DataReaderWriter.php, different vectors than CVE-2001-1297. | ||||
| CVE-2007-2074 | 1 Scramdisk 4 Linux | 1 Scramdisk 4 Linux | 2026-04-23 | N/A |
| Certain programs in containers in ScramDisk 4 Linux before 1.0-1 execute with SUID permissions, which allows local users to gain privileges via mounted containers. | ||||
| CVE-2007-2287 | 1 Comus | 1 Comus | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in accept.php in comus 2.0 Final allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter. | ||||
| CVE-2007-2079 | 1 Xampp | 1 Apache Distribution | 2026-04-23 | N/A |
| The ADONewConnection Connect function in adodb.php in XAMPP 1.6.0a and earlier for Windows uses untrusted input for the database server hostname, which allows remote attackers to trigger a library buffer overflow and execute arbitrary code via a long host parameter, or have other unspecified impact. NOTE: it could be argued that this is an issue in mssql_connect (CVE-2007-1411.1) in PHP, or an issue in the ADOdb Library, and the proper fix should be in one of these products; if so, then this should not be treated as a vulnerability in XAMPP. | ||||
| CVE-2007-2399 | 1 Apple | 3 Iphone Os, Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| WebKit in Apple Mac OS X 10.3.9, 10.4.9 and later, and iPhone before 1.0.1 performs an "invalid type conversion", which allows remote attackers to execute arbitrary code via unspecified frame sets that trigger memory corruption. | ||||
| CVE-2007-2403 | 1 Apple | 3 Cfnetwork, Mac Os X, Mac Os X Server | 2026-04-23 | N/A |
| CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 does not properly validate ftp: URIs, which allows remote attackers to trigger the transmission of arbitrary FTP commands to arbitrary FTP servers. | ||||
| CVE-2007-2410 | 1 Apple | 3 Mac Os X, Mac Os X Server, Webcore | 2026-04-23 | N/A |
| WebCore on Apple Mac OS X 10.3.9 and 10.4.10 retains properties of certain global objects when a new URL is visited in the same window, which allows remote attackers to conduct cross-site scripting (XSS) attacks. | ||||
| CVE-2007-2464 | 1 Cisco | 2 Adaptive Security Appliance Software, Pix | 2026-04-23 | N/A |
| Race condition in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)19, when using "clientless SSL VPNs," allows remote attackers to cause a denial of service (device reload) via "non-standard SSL sessions." | ||||
| CVE-2007-2839 | 1 Debian | 1 Gfax | 2026-04-23 | N/A |
| gfax 0.4.2 and probably other versions creates temporary files insecurely, which allows local users to execute arbitrary commands via unknown vectors. | ||||
| CVE-2007-2480 | 1 Linux | 1 Linux Kernel | 2026-04-23 | N/A |
| The _udp_lib_get_port function in net/ipv4/udp.c in Linux kernel 2.6.21 and earlier does not prevent a bind to a port with a local address when there is already a bind to that port with a wildcard local address, which might allow local users to intercept local traffic for daemons or other applications. | ||||
| CVE-2007-2513 | 1 Novell | 1 Groupwise | 2026-04-23 | N/A |
| Novell GroupWise 7 before SP2 20070524, and GroupWise 6 before 6.5 post-SP6 20070522, allows remote attackers to obtain credentials via a man-in-the-middle attack. | ||||
| CVE-2007-2536 | 1 Picozip | 1 Picozip | 2026-04-23 | N/A |
| PicoZip allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file. | ||||
| CVE-2007-2648 | 1 Clever Components | 1 Clever Database Comparer | 2026-04-23 | N/A |
| Stack-based buffer overflow in the Clever Database Comparer 2.2 ActiveX control (comparerax.ocx) allows remote attackers to execute arbitrary code via a long argument to the ConnectToDatabase function. | ||||
| CVE-2007-2682 | 2 Adobe, Apple | 2 Creative Suite, Mac Os X | 2026-04-23 | N/A |
| The installer for Adobe Version Cue CS3 Server on Apple Mac OS X, as used in Adobe Creative Suite 3 (CS3), does not re-enable the personal firewall after completing the product installation, which allows remote attackers to bypass intended firewall rules. | ||||
| CVE-2007-2685 | 1 Jetbox | 1 Jetbox Cms | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in index.php in Jetbox CMS 2.1 allow remote attackers to execute arbitrary SQL commands via the (1) view or (2) login parameter. | ||||