Export limit exceeded: 29907 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29907 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-3612 | 1 Visual Irc | 1 Visual Irc | 2026-04-23 | N/A |
| Stack-based buffer overflow in Visual IRC (ViRC) 2.0 allows remote IRC servers to execute arbitrary code via a long response to a JOIN command. | ||||
| CVE-2007-3613 | 1 Sap | 1 Internet Graphics Server | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in ADM:GETLOGFILE in SAP Internet Graphics Service (IGS) allows remote attackers to inject arbitrary web script or HTML via the PARAMS parameter. | ||||
| CVE-2006-6342 | 1 Klf-design | 1 Klf-realty | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in KLF-DESIGN (aka Kim L. Fraser) KLF-REALTY allow remote attackers to execute arbitrary SQL commands via the (1) category and (2) agent parameters in (a) search_listing.asp, and the (3) property_id parameter in (b) detail.asp. | ||||
| CVE-2007-3614 | 1 Sap | 1 Sap Db | 2026-04-23 | N/A |
| Multiple stack-based buffer overflows in waHTTP.exe (aka the SAP DB Web Server) in SAP DB, possibly 7.3 through 7.5, allow remote attackers to execute arbitrary code via (1) a certain cookie value; (2) a certain additional parameter, related to sapdbwa_GetQueryString; and other unspecified vectors related to "numerous other fields." | ||||
| CVE-2007-3615 | 2 Microsoft, Sap | 3 All Windows, Internet Communication Manager, Sap Web Application Server | 2026-04-23 | N/A |
| Internet Communication Manager (aka ICMAN.exe or ICM) in SAP NetWeaver Application Server 6.x and 7.x, possibly only on Windows, allows remote attackers to cause a denial of service (process crash) via a URI of a certain length that contains a sap-isc-key parameter, related to configuration of a web cache. | ||||
| CVE-2007-3616 | 1 Vtiger | 1 Vtiger Crm | 2026-04-23 | N/A |
| index.php in vtiger CRM before 5.0.3 allows remote authenticated users to perform administrative changes to arbitrary profile settings via a certain profilePrivileges action in the Users module. | ||||
| CVE-2007-3617 | 1 Vtiger | 1 Vtiger Crm | 2026-04-23 | N/A |
| The report module in vtiger CRM before 5.0.3 does not properly apply security rules, which allows remote authenticated users to read arbitrary private module entries. | ||||
| CVE-2007-3619 | 1 Maia Mailguard | 1 Maia Mailguard | 2026-04-23 | N/A |
| Directory traversal vulnerability in login.php in Maia Mailguard 1.0.2 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter. | ||||
| CVE-2007-3620 | 1 Maia Mailguard | 1 Maia Mailguard | 2026-04-23 | N/A |
| Multiple directory traversal vulnerabilities in Maia Mailguard 1.0.2 and earlier might allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) prevlang and (2) super parameters to (a) php/login.php; the (3) charset parameter to (a) php/login.php, (b) php/internal-init.php, and (c) php/xlogin.php; the (4) lang parameter to (b) php/internal-init.php; and the (5) language parameter to (c) php/xlogin.php. | ||||
| CVE-2007-3621 | 1 Asteridex | 1 Asteridex | 2026-04-23 | N/A |
| Multiple CRLF injection vulnerabilities in callboth.php in AsteriDex 3.0 and earlier allow remote attackers to inject arbitrary shell commands via the (1) IN and (2) OUT parameters. | ||||
| CVE-2007-3622 | 1 Alt-n | 1 Mdaemon | 2026-04-23 | N/A |
| Unspecified vulnerability in DomainPOP in Alt-N Technologies MDaemon before 9.61 allows remote attackers to cause a denial of service (crash) via malformed messages. | ||||
| CVE-2007-3623 | 1 Hitachi | 4 Jp1-hicommand Device Manager, Jp1-hicommand Global Link Availability Manager, Jp1-hicommand Replication Monitor and 1 more | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the Hitachi JP1/HiCommand Device Manager, Tiered Storage Manager, Replication Monitor, and GlobalLink Availability Manager before 20070528 allows remote attackers to inject arbitrary web script or HTML via the Expect HTTP header. | ||||
| CVE-2007-3624 | 1 Sap | 1 Sap Message Server | 2026-04-23 | N/A |
| Heap-based buffer overflow in the Message HTTP Server in SAP Message Server allows remote attackers to execute arbitrary code via a long string in the group parameter to /msgserver/html/group. | ||||
| CVE-2007-3625 | 1 Citrix | 1 Metaframe Presentation Server | 2026-04-23 | N/A |
| The Program Neighborhood Agent in Citrix Presentation Server Clients for 32-bit Windows before 10.100 allows remote attackers to cause a denial of service (agent exit) via a certain request that uses content redirection and a long pathname. | ||||
| CVE-2007-3643 | 1 Av Scripts | 1 Av Arcade | 2026-04-23 | N/A |
| admin/index.php in AV Arcade 2.1b grants administrative privileges when the ava_userid cookie value is 1, which allows remote attackers to perform certain administrative actions. | ||||
| CVE-2007-3663 | 1 Media Player Classic | 1 Media Player Classic | 2026-04-23 | N/A |
| Divide-by-zero error in Media Player Classic (MPC) 6.4.9.0 allows user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted MPA file. | ||||
| CVE-2007-3644 | 1 Freebsd | 1 Libarchive | 2026-04-23 | N/A |
| archive_read_support_format_tar.c in libarchive before 2.2.4 allows user-assisted remote attackers to cause a denial of service (infinite loop) via (1) an end-of-file condition within a pax extension header or (2) a malformed pax extension header in an (a) PAX or a (b) TAR archive. | ||||
| CVE-2007-3645 | 1 Freebsd | 1 Libarchive | 2026-04-23 | N/A |
| archive_read_support_format_tar.c in libarchive before 2.2.4 allows user-assisted remote attackers to cause a denial of service (crash) via (1) an end-of-file condition within a tar header that follows a pax extension header or (2) a malformed pax extension header in an (a) PAX or a (b) TAR archive, which results in a NULL pointer dereference, a different issue than CVE-2007-3644. | ||||
| CVE-2007-3646 | 1 Flashgamescript | 1 Flashgamescript | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in FlashGameScript 1.7 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter in a member action. | ||||
| CVE-2007-3647 | 1 Zoneo-soft | 1 Phptraffica | 2026-04-23 | N/A |
| The isloggedin function in Php/login.inc.php in phpTrafficA 1.4.3 and earlier allows remote attackers to bypass authentication and obtain administrative access by setting the username cookie to "traffic." NOTE: some of these details are obtained from third party information. | ||||