Total
29947 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-0432 | 1 Bea | 1 Aqualogic Service Bus | 2026-04-23 | N/A |
| BEA AquaLogic Service Bus 2.0, 2.1, and 2.5 does not properly reject malformed request messages to a proxy service, which might allow remote attackers to bypass authorization policies and route requests to back-end services or conduct other unauthorized activities. | ||||
| CVE-2007-0434 | 1 Bea | 1 Aqualogic Enterprise Security | 2026-04-23 | N/A |
| BEA AquaLogic Enterprise Security 2.0 through 2.0 SP2, 2.1 through 2.1 SP1, and 2.2 does not properly set the severity level of audit events when the system load is high, which might make it easier for attackers to avoid detection. | ||||
| CVE-2007-0443 | 1 Gracenote | 1 Cddbcontrol Activex Control | 2026-04-23 | N/A |
| Multiple buffer overflows in the CDDBControl ActiveX control in Gracenote CDDB before 20070418 allow remote attackers to execute arbitrary code via long values for certain Proxy configuration parameters. | ||||
| CVE-2007-0489 | 1 Visohotlink | 1 Visohotlink | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in includes/functions.visohotlink.php in VisoHotlink 1.01 and possibly earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| CVE-2007-2002 | 1 Inoutmailinglistmanager | 1 Inoutmailinglistmanager | 2026-04-23 | N/A |
| InoutMailingListManager 3.1 and earlier allows remote attackers to access certain restricted functionality, and upload and execute arbitrary PHP code, by setting an arbitrary admin cookie. | ||||
| CVE-2007-0470 | 1 Sun | 2 Solaris, Sunos | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 10 allow local users to gain uucp account privileges via unspecified vectors. | ||||
| CVE-2007-4148 | 1 Visionsoft | 1 Audit | 2026-04-23 | N/A |
| Heap-based buffer overflow in the Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0 allows remote attackers to cause a denial of service (persistent daemon crashes) or execute arbitrary code via a long filename in a "LOG." command. | ||||
| CVE-2007-1108 | 1 Cs-gallery | 1 Cs-gallery | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in index.php in Christian Schneider CS-Gallery 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the album parameter during a securealbum todo action. | ||||
| CVE-2007-1110 | 1 Activecalendar | 1 Activecalendar | 2026-04-23 | N/A |
| Directory traversal vulnerability in data/showcode.php in ActiveCalendar 1.2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. | ||||
| CVE-2007-1187 | 1 Web-app.org | 1 Webapp | 2026-04-23 | N/A |
| WebAPP before 0.9.9.5 allows remote authenticated users, without admin privileges, to obtain sensitive information via (1) the Forum Archive feature and (2) Recent Searches. | ||||
| CVE-2007-1180 | 1 Web-app.org | 1 Webapp | 2026-04-23 | N/A |
| WebAPP before 0.9.9.5 does not check referrers in certain forms, which might facilitate remote cross-site request forgery (CSRF) attacks or have other unknown impact. | ||||
| CVE-2007-1195 | 1 Dxmsoft | 1 Xm Easy Personal Ftp Server | 2026-04-23 | N/A |
| Multiple buffer overflows in XM Easy Personal FTP Server 5.3.0 allow remote attackers to execute arbitrary code via unspecified vectors. NOTE: this issue might overlap CVE-2006-2225, CVE-2006-2226, or CVE-2006-5728. | ||||
| CVE-2007-1260 | 1 Webmod | 1 Webmod | 2026-04-23 | N/A |
| Stack-based buffer overflow in the connectHandle function in server.cpp in WebMod 0.48 allows remote attackers to execute arbitrary code via a long string in the Content-Length HTTP header. | ||||
| CVE-2007-1271 | 1 Vmware | 1 Esx | 2026-04-23 | N/A |
| Buffer overflow in VMware ESX Server 3.0.0 and 3.0.1 might allow attackers to gain privileges or cause a denial of service (application crash) via unspecified vectors. | ||||
| CVE-2007-1328 | 1 Bernard Joly | 1 Bj Webring | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in formulaire.php in Bernard JOLY BJ Webring allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter related to the add link menu. | ||||
| CVE-2007-1339 | 1 Monitor-line | 1 Links Management | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in Links Management Application 1.0 allows remote attackers to execute arbitrary SQL commands via the lcnt parameter. | ||||
| CVE-2007-1340 | 1 Weltennetz | 1 News-letterman | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in eintrag.php in Weltennetz News-Letterman 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the sqllog parameter. | ||||
| CVE-2007-1385 | 1 Joris Guisson | 1 Ktorrent | 2026-04-23 | N/A |
| chunkcounter.cpp in KTorrent before 2.1.2 allows remote attackers to cause a denial of service (crash) and heap corruption via a negative or large idx value. | ||||
| CVE-2007-1390 | 1 Dynaliens | 1 Dynaliens | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in dynaliens 2.0 and 2.1 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) recherche.php3 or (2) ajouter.php3. | ||||
| CVE-2007-1392 | 1 Netforo | 1 Netforo | 2026-04-23 | N/A |
| Directory traversal vulnerability in down.php in netForo! 0.1g allows remote attackers to read arbitrary files via a .. (dot dot) in the file_to_download parameter. | ||||