CVE-2007-0xxx

There are 985 CVE in this subgroup.
Last updated: 
← Back to 2007
ID Summary Flags Max Score
CVE-2007-0001 The file watch implementation in the audit subsystem (auditctl -w) in the Red Hat Enterprise Linux (...
S
CVE-2007-0002 Multiple heap-based buffer overflows in WordPerfect Document importer/exporter (libwpd) before 0.8.9...
CVE-2007-0003 pam_unix.so in Linux-PAM 0.99.7.0 allows context-dependent attackers to log into accounts whose pass...
CVE-2007-0004 The NFS client implementation in the kernel in Red Hat Enterprise Linux (RHEL) 3, when a filesystem ...
CVE-2007-0005 Multiple buffer overflows in the (1) read and (2) write handlers in the Omnikey CardMan 4040 driver ...
S
CVE-2007-0006 The key serial number collision avoidance code in the key_alloc_serial function in Linux kernel 2.6....
CVE-2007-0007 gnucash 2.0.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on th...
S
CVE-2007-0008 Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as ...
S
CVE-2007-0009 Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3...
CVE-2007-0010 The GdkPixbufLoader function in GIMP ToolKit (GTK+) in GTK 2 (gtk2) before 2.4.13 allows context-dep...
CVE-2007-0011 The web portal interface in Citrix Access Gateway (aka Citrix Advanced Access Control) before Advanc...
S
CVE-2007-0012 Sun JRE 5.0 before update 14 allows remote attackers to cause a denial of service (Internet Explorer...
CVE-2007-0014 ChainKey Java Code Protection allows attackers to decompile Java class files via a Java class loader...
CVE-2007-0015 Buffer overflow in Apple QuickTime 7.1.3 allows remote attackers to execute arbitrary code via a lon...
E S
CVE-2007-0016 Stack-based buffer overflow in MoviePlay 4.76 allows remote attackers to execute arbitrary code via ...
E
CVE-2007-0017 Multiple format string vulnerabilities in (1) the cdio_log_handler function in modules/access/cdda/a...
E S
CVE-2007-0018 Stack-based buffer overflow in the NCTAudioFile2.AudioFile ActiveX control (NCTAudioFile2.dll), as u...
CVE-2007-0019 Multiple heap-based buffer overflows in rumpusd in Rumpus 5.1 and earlier (1) allow remote authentic...
E
CVE-2007-0020 Heap-based buffer overflow in the SFTP protocol handler for Panic Transmit (Transmit.app) up to 3.5....
E
CVE-2007-0021 Format string vulnerability in Apple iChat 3.1.6 allows remote attackers to cause a denial of servic...
E
CVE-2007-0022 Untrusted search path vulnerability in writeconfig in Apple Mac OS X 10.4.8 allows local users to ga...
E
CVE-2007-0023 The CFUserNotificationSendRequest function in UserNotificationCenter.app in Apple Mac OS X 10.4.8, w...
E
CVE-2007-0024 Integer overflow in the Vector Markup Language (VML) implementation (vgx.dll) in Microsoft Internet ...
S
CVE-2007-0025 The MFC component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1 and Visual Studio .NET 2000, 2...
CVE-2007-0026 The OLE Dialog component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1 allows user-assisted re...
CVE-2007-0027 Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows remote attackers ...
S
CVE-2007-0028 Microsoft Excel 2000, 2002, 2003, Viewer 2003, Office 2004 for Mac, and Office v.X for Mac does not ...
S
CVE-2007-0029 Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted rem...
CVE-2007-0030 Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted rem...
S
CVE-2007-0031 Heap-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X fo...
S
CVE-2007-0032 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2007-0033 Microsoft Outlook 2002 and 2003 allows user-assisted remote attackers to execute arbitrary code via ...
CVE-2007-0034 Buffer overflow in the Advanced Search (Finder.exe) feature of Microsoft Outlook 2000, 2002, and 200...
CVE-2007-0035 Word (or Word Viewer) in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, 2004 for Mac, and Works Suite ...
CVE-2007-0036 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2007-0037 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2007-0038 Stack-based buffer overflow in the animated cursor code in Microsoft Windows 2000 SP4 through Vista ...
CVE-2007-0039 The Exchange Collaboration Data Objects (EXCDO) functionality in Microsoft Exchange Server 2000 SP3,...
S
CVE-2007-0040 The LDAP service in Windows Active Directory in Microsoft Windows 2000 Server SP4, Server 2003 SP1 a...
CVE-2007-0041 The PE Loader service in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 200...
CVE-2007-0042 Interpretation conflict in ASP.NET in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, X...
CVE-2007-0043 The Just In Time (JIT) Compiler service in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 20...
CVE-2007-0044 Adobe Acrobat Reader Plugin before 8.0.0 for the Firefox, Internet Explorer, and Opera web browsers ...
E S
CVE-2007-0045 Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and...
E S
CVE-2007-0046 Double free vulnerability in the Adobe Acrobat Reader Plugin before 8.0.0, as used in Mozilla Firefo...
E S
CVE-2007-0047 CRLF injection vulnerability in Adobe Acrobat Reader Plugin before 8.0.0, when used with the Microso...
CVE-2007-0048 Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x ...
E S
CVE-2007-0049 Geckovich TaskTracker Pro 1.5 and earlier allows remote attackers to add administrative or other acc...
E
CVE-2007-0050 PHP remote file inclusion vulnerability in index.php in OpenPinboard 2.0 allows remote attackers to ...
E
CVE-2007-0051 Format string vulnerability in Apple iPhoto 6.0.5 (316), and other versions before 6.0.6, allows rem...
E
CVE-2007-0052 SQL injection vulnerability in haberdetay.asp in Vizayn Haber allows remote attackers to execute arb...
E
CVE-2007-0053 SQL injection vulnerability in detail.asp in ASP SiteWare autoDealer 2.0 and earlier allows remote a...
E
CVE-2007-0054 Cross-site scripting (XSS) vulnerability in gbrowse.php in Belchior Foundry vCard PRO allows remote ...
CVE-2007-0055 Directory traversal vulnerability in formbankcgi.exe/AbfrageForm in Formbankserver 1.9 allows remote...
E
CVE-2007-0056 Multiple cross-site scripting (XSS) vulnerabilities in AShop Deluxe 4.5 and AShop Administration Pan...
CVE-2007-0057 Cisco Clean Access (CCA) 3.6.x through 3.6.4.2 and 4.0.x through 4.0.3.2 does not properly configure...
S
CVE-2007-0058 Cisco Clean Access (CCA) 3.5.x through 3.5.9 and 3.6.x through 3.6.1.1 on the Clean Access Manager (...
CVE-2007-0059 Cross-zone scripting vulnerability in Apple Quicktime 3 to 7.1.3 allows remote user-assisted attacke...
E
CVE-2007-0060 Stack-based buffer overflow in the Message Queuing Server (Cam.exe) in CA (formerly Computer Associa...
CVE-2007-0061 The DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017,...
S
CVE-2007-0062 Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before 3.1.1; and the DHCP server in ...
S
CVE-2007-0063 Integer underflow in the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x befo...
S
CVE-2007-0064 Heap-based buffer overflow in Windows Media Format Runtime 7.1, 9, 9.5, 9.5 x64 Edition, 11, and Win...
CVE-2007-0065 Heap-based buffer overflow in Object Linking and Embedding (OLE) Automation in Microsoft Windows 200...
CVE-2007-0066 The kernel in Microsoft Windows 2000 SP4, XP SP2, and Server 2003, when ICMP Router Discovery Protoc...
S
CVE-2007-0067 Unspecified vulnerability in the Lotus Domino Web Server 6.0, 6.5.x before 6.5.6, and 7.0.x before 7...
S
CVE-2007-0068 IBM Lotus Domino 7.0.x before 7.0.3 does not revalidate the signature on a signed scheduled agent af...
CVE-2007-0069 Unspecified vulnerability in the kernel in Microsoft Windows XP SP2, Server 2003, and Vista allows r...
S
CVE-2007-0071 Integer overflow in Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows remot...
CVE-2007-0072 Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 all...
CVE-2007-0073 Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 all...
CVE-2007-0074 Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 all...
CVE-2007-0075 AspBB stores sensitive information under the web root with insufficient access control, which allows...
E
CVE-2007-0076 Openforum stores sensitive information under the web root with insufficient access control, which al...
E
CVE-2007-0077 lblog stores sensitive information under the web root with insufficient access control, which allows...
E
CVE-2007-0078 BattleBlog stores sensitive information under the web root with insufficient access control, which a...
E
CVE-2007-0079 rblog stores sensitive information under the web root with insufficient access control, which allows...
CVE-2007-0080 Buffer overflow in the SMB_Connect_Server function in FreeRadius 1.1.3 and earlier allows attackers ...
CVE-2007-0081 Sunbelt Kerio Personal Firewall (SKPF) 4.3.268 and 4.3.246, and possibly other versions allows local...
CVE-2007-0082 users_adm/start1.php in IMGallery 2.5 and earlier does not properly handle files with multiple exten...
E
CVE-2007-0083 Cross-site scripting (XSS) vulnerability in Nuked Klan 1.7 and earlier allows remote attackers to in...
CVE-2007-0084 Buffer overflow in the Windows NT Message Compiler (MC) 1.00.5239 on Microsoft Windows XP allows loc...
CVE-2007-0085 Unspecified vulnerability in sys/dev/pci/vga_pci.c in the VGA graphics driver for wscons in OpenBSD ...
S
CVE-2007-0086 The Apache HTTP Server, when accessed through a TCP connection with a large window size, allows remo...
CVE-2007-0087 Microsoft Internet Information Services (IIS), when accessed through a TCP connection with a large w...
CVE-2007-0088 Multiple directory traversal vulnerabilities in openmedia allow remote attackers to read arbitrary f...
CVE-2007-0089 jgbbs stores sensitive information under the web root with insufficient access control, which allows...
E
CVE-2007-0090 WineGlass stores sensitive information under the web root with insufficient access control, which al...
E
CVE-2007-0091 newsCMSlite stores sensitive information under the web root with insufficient access control, which ...
E
CVE-2007-0092 SQL injection vulnerability in productdetail.asp in E-SMARTCART 1.0 allows remote attackers to execu...
E
CVE-2007-0093 SQL injection vulnerability in page.php in Simple Web Content Management System allows remote attack...
E
CVE-2007-0094 Sven Moderow GuestBook 0.3a stores sensitive information under the web root with insufficient access...
E
CVE-2007-0095 phpMyAdmin 2.9.1.1 allows remote attackers to obtain sensitive information via a direct request for ...
E
CVE-2007-0096 CarbonCommunities stores sensitive information under the web root with insufficient access control, ...
E
CVE-2007-0097 Multiple stack-based buffer overflows in the (1) LoadTree and (2) ReadHeader functions in PAISO.DLL ...
E S
CVE-2007-0098 Directory traversal vulnerability in language.php in VerliAdmin 0.3 and earlier, when magic_quotes_g...
E
CVE-2007-0099 Race condition in the msxml3 module in Microsoft XML Core Services 3.0, as used in Internet Explorer...
S
CVE-2007-0100 The Perforce client does not restrict the set of files that it overwrites upon receiving a request f...
CVE-2007-0101 Cross-site request forgery (CSRF) vulnerability in SPINE allows remote attackers to perform unauthor...
S
CVE-2007-0102 The Adobe PDF specification 1.3, as implemented by Apple Mac OS X Preview, allows remote attackers t...
E S
CVE-2007-0103 The Adobe PDF specification 1.3, as implemented by Adobe Acrobat before 8.0.0, allows remote attacke...
E
CVE-2007-0104 The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3....
E
CVE-2007-0105 Stack-based buffer overflow in the CSAdmin service in Cisco Secure Access Control Server (ACS) for W...
S
CVE-2007-0106 Cross-site scripting (XSS) vulnerability in the CSRF protection scheme in WordPress before 2.0.6 all...
S
CVE-2007-0107 WordPress before 2.0.6, when mbstring is enabled for PHP, decodes alternate character sets after esc...
E S
CVE-2007-0108 nwgina.dll in Novell Client 4.91 SP3 for Windows 2000/XP/2003 does not delete user profiles during a...
CVE-2007-0109 wp-login.php in WordPress 2.0.5 and earlier displays different error messages if a user exists or no...
CVE-2007-0110 Cross-site scripting (XSS) vulnerability in nidp/idff/sso in Novell Access Manager Identity Server b...
CVE-2007-0111 Buffer overflow in Resco Photo Viewer for PocketPC 4.11 and 6.01, as used in mobile devices running ...
CVE-2007-0112 SQL injection vulnerability in cats.asp in createauction allows remote attackers to execute arbitrar...
CVE-2007-0113 Buffer overflow in Packeteer PacketShaper PacketWise 8.x allows remote authenticated users to cause ...
E
CVE-2007-0114 Sun Java System Content Delivery Server 5.0 and 5.0 PU1 allows remote attackers to obtain sensitive ...
S
CVE-2007-0115 Static code injection vulnerability in Coppermine Photo Gallery 1.4.10 and earlier allows remote aut...
E
CVE-2007-0116 Digger Solutions Intranet Open Source (IOS) stores sensitive information under the web root with ins...
CVE-2007-0117 DiskManagementTool in the DiskManagement.framework 92.29 on Mac OS X 10.4.8 does not properly valida...
E
CVE-2007-0118 Multiple absolute path traversal vulnerabilities in EditTag 1.2 allow remote attackers to read arbit...
E
CVE-2007-0119 Multiple cross-site scripting (XSS) vulnerabilities in EditTag 1.2 allow remote attackers to inject ...
E
CVE-2007-0120 Acunetix Web Vulnerability Scanner (WVS) 4.0 Build 20060717 and earlier allows remote attackers to c...
E
CVE-2007-0121 Cross-site scripting (XSS) vulnerability in search.asp in RI Blog 1.3 allows remote attackers to inj...
E
CVE-2007-0122 Multiple SQL injection vulnerabilities in Coppermine Photo Gallery 1.4.10 and earlier allow remote a...
E
CVE-2007-0123 Unrestricted file upload vulnerability in Uber Uploader 4.2 allows remote attackers to upload and ex...
CVE-2007-0124 Unspecified vulnerability in Drupal before 4.6.11, and 4.7 before 4.7.5, when MySQL is used, allows ...
E S
CVE-2007-0125 Kaspersky Labs Antivirus Engine 6.0 for Windows and 5.5-10 for Linux before 20070102 enter an infini...
CVE-2007-0126 Heap-based buffer overflow in Opera 9.02 allows remote attackers to execute arbitrary code via a JPE...
S
CVE-2007-0127 The Javascript SVG support in Opera before 9.10 does not properly validate object types in a createS...
S
CVE-2007-0128 SQL injection vulnerability in info_book.asp in Digirez 3.4 and earlier allows remote attackers to e...
E
CVE-2007-0129 SQL injection vulnerability in main.asp in LocazoList 2.01a beta5 and earlier allows remote attacker...
E
CVE-2007-0130 SQL injection vulnerability in user.php in iGeneric iG Calendar 1.0 allows remote attackers to execu...
E
CVE-2007-0131 JAMWiki before 0.5.0 does not properly check permissions during moves of "read-only or admin-only to...
S
CVE-2007-0132 SQL injection vulnerability in compare_product.php in iGeneric iG Shop 1.4 allows remote attackers t...
E
CVE-2007-0133 Multiple SQL injection vulnerabilities in display_review.php in iGeneric iG Shop 1.4 and earlier all...
CVE-2007-0134 Multiple eval injection vulnerabilities in iGeneric iG Shop 1.0 allow remote attackers to execute ar...
E
CVE-2007-0135 PHP remote file inclusion vulnerability in inc/init.inc.php in Aratix 0.2.2 beta 11 and earlier, whe...
E
CVE-2007-0136 Multiple cross-site scripting (XSS) vulnerabilities in Drupal before 4.6.11, and 4.7 before 4.7.5, a...
S
CVE-2007-0137 Cross-site scripting (XSS) vulnerability in SimpleBoxes/SerendipityNZ Serene Bach 2.05R and earlier,...
S
CVE-2007-0138 formbankcgi.exe in Fersch Formbankserver 1.9, when the PATH_INFO begins with (1) AbfrageForm or (2) ...
CVE-2007-0139 Unspecified vulnerability in the DECnet-Plus 7.3-2 feature in DECnet/OSI 7.3-2 for OpenVMS ALPHA, an...
S
CVE-2007-0140 SQL injection vulnerability in down.asp in Kolayindir Download (Yenionline) allows remote attackers ...
E
CVE-2007-0141 Cross-site scripting (XSS) vulnerability in yald.php in Yet Another Link Directory 1.0 allows remote...
CVE-2007-0142 SQL injection vulnerability in orange.asp in ShopStoreNow E-commerce Shopping Cart allows remote att...
CVE-2007-0143 Multiple PHP remote file inclusion vulnerabilities in NUNE News Script 2.0pre2 allow remote attacker...
E
CVE-2007-0144 Cross-site scripting (XSS) vulnerability in search.asp in Digitizing Quote And Ordering System 1.0 a...
E
CVE-2007-0145 PHP remote file inclusion vulnerability in bn_smrep1.php in BinGoPHP News (BP News) 3.01 allows remo...
CVE-2007-0146 Multiple cross-site scripting (XSS) vulnerabilities in Fix and Chips CMS 1.0 allow remote attackers ...
CVE-2007-0147 Cuyahoga before 1.0.1 installs the FCKEditor component with an incorrect deny statement in a Web.con...
S
CVE-2007-0148 Format string vulnerability in OmniGroup OmniWeb 5.5.1 allows remote attackers to cause a denial of ...
E S
CVE-2007-0149 EMembersPro 1.0 stores sensitive information under the web root with insufficient access control, wh...
CVE-2007-0150 Multiple PHP remote file inclusion vulnerabilities in index.php in Dayfox Blog allow remote attacker...
CVE-2007-0151 MitiSoft stores sensitive information under the web root with insufficient access control, which all...
CVE-2007-0152 OhhASP stores sensitive information under the web root with insufficient access control, which allow...
CVE-2007-0153 AJLogin 3.5 stores sensitive information under the web root with insufficient access control, which ...
CVE-2007-0154 Webulas stores sensitive information under the web root with insufficient access control, which allo...
CVE-2007-0155 HarikaOnline 2.0 stores sensitive information under the web root with insufficient access control, w...
CVE-2007-0156 M-Core stores the database under the web document root, which allows remote attackers to obtain sens...
CVE-2007-0157 Array index error in the uri_lookup function in the URI parser for neon 0.26.0 to 0.26.2, possibly o...
CVE-2007-0158 thttpd 2007 has buffer underflow....
CVE-2007-0159 Directory traversal vulnerability in the GeoIP_update_database_general function in libGeoIP/GeoIPUpd...
S
CVE-2007-0160 Stack-based buffer overflow in the LiveJournal support (hooks/ljhook.cc) in CenterICQ 4.9.11 through...
E
CVE-2007-0161 The PML Driver HPZ12 (HPZipm12.exe) in the HP all-in-one drivers, as used by multiple HP products, u...
E
CVE-2007-0162 Unsanity Application Enhancer (APE) 2.0.2 installs with insecure permissions for the (1) Application...
E
CVE-2007-0163 SecureKit Steganography 1.7.1 and 1.8 embeds password information in the carrier file, which allows ...
E
CVE-2007-0164 Camouflage 1.2.1 embeds password information in the carrier file, which allows remote attackers to b...
E
CVE-2007-0165 Unspecified vulnerability in libnsl in Sun Solaris 8 and 9 allows remote attackers to cause a denial...
S
CVE-2007-0166 The jail rc.d script in FreeBSD 5.3 up to 6.2 does not verify pathnames when writing to /var/log/con...
E
CVE-2007-0167 Multiple PHP file inclusion vulnerabilities in WGS-PPC (aka PPC Search Engine), as distributed with ...
E
CVE-2007-0168 The Tape Engine service in Computer Associates (CA) BrightStor ARCserve Backup 9.01 through 11.5, En...
E S
CVE-2007-0169 Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup 9.01 through 11.5, ...
E S
CVE-2007-0170 PHP remote file inclusion vulnerability in index.php in AllMyVisitors 0.4.0 allows remote attackers ...
E
CVE-2007-0171 PHP remote file inclusion vulnerability in index.php in AllMyLinks 0.5.0 and earlier allows remote a...
E
CVE-2007-0172 Multiple PHP remote file inclusion vulnerabilities in AllMyGuests 0.3.0 and earlier allow remote att...
E
CVE-2007-0173 Directory traversal vulnerability in index.php in L2J Statistik Script 0.09 and earlier, when regist...
E
CVE-2007-0174 Multiple stack-based multiple buffer overflows in the BRWOSSRE2UC.dll ActiveX Control in Sina UC2006...
E
CVE-2007-0175 Cross-site scripting (XSS) vulnerability in htsrv/login.php in b2evolution 1.8.6 allows remote attac...
CVE-2007-0176 Cross-site scripting (XSS) vulnerability in search/advanced_search.php in GForge 4.5.11 allows remot...
E
CVE-2007-0177 Cross-site scripting (XSS) vulnerability in the AJAX module in MediaWiki before 1.6.9, 1.7 before 1....
S
CVE-2007-0178 PHP remote file inclusion vulnerability in info.php in Easy Banner Pro 2.8 allows remote attackers t...
CVE-2007-0179 SQL injection vulnerability in comment.php in PHPKIT 1.6.1 R2 allows remote attackers to execute arb...
E
CVE-2007-0180 Stack-based buffer overflow in EF Commander 5.75 allows user-assisted attackers to execute arbitrary...
E S
CVE-2007-0181 PHP remote file inclusion vulnerability in include/common_function.php in magic photo storage websit...
E
CVE-2007-0182 Multiple PHP remote file inclusion vulnerabilities in magic photo storage website allow remote attac...
CVE-2007-0183 Cross-site scripting (XSS) vulnerability in /search in iPlanet Web Server 4.x allows remote attacker...
E S
CVE-2007-0184 Getahead Direct Web Remoting (DWR) before 1.1.4 allows attackers to obtain unauthorized access to pu...
CVE-2007-0185 Getahead Direct Web Remoting (DWR) before 1.1.4 allows attackers to cause a denial of service (memor...
S
CVE-2007-0186 Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass SSL VPN allow remote attackers to...
CVE-2007-0187 F5 FirePass 5.4 through 5.5.2 and 6.0 allows remote attackers to access restricted URLs via (1) a tr...
CVE-2007-0188 F5 FirePass 5.4 through 5.5.1 does not properly enforce host access restrictions when a client uses ...
CVE-2007-0189 PHP remote file inclusion vulnerability in index.php in GeoBB Georgian Bulletin Board allows remote ...
CVE-2007-0190 PHP remote file inclusion vulnerability in edit_address.php in edit-x ecommerce allows remote attack...
CVE-2007-0191 Cross-site scripting (XSS) vulnerability in admin.php in MKPortal allows remote attackers to inject ...
CVE-2007-0192 Cross-site request forgery (CSRF) vulnerability in the save_main operation in the ad_perms section i...
CVE-2007-0193 FON La Fonera routers do not properly limit DNS service access by unauthenticated clients, which all...
CVE-2007-0194 admin.php in MKPortal M1.1 RC1 allows remote attackers to obtain sensitive information via a direct ...
CVE-2007-0195 my.activation.php3 in F5 FirePass 5.4 through 5.5.1 and 6.0 displays different error messages for fa...
CVE-2007-0196 SQL injection vulnerability in admin_check_user.asp in Motionborg Web Real Estate 2.1 and earlier al...
E
CVE-2007-0197 Finder 10.4.6 on Apple Mac OS X 10.4.8 allows user-assisted remote attackers to cause a denial of se...
E
CVE-2007-0198 The JTapi Gateway process in Cisco Unified Contact Center Enterprise, Unified Contact Center Hosted,...
S
CVE-2007-0199 The Data-link Switching (DLSw) feature in Cisco IOS 11.0 through 12.4 allows remote attackers to cau...
S
CVE-2007-0200 PHP remote file inclusion vulnerability in template.php in Geoffrey Golliher Axiom Photo/News Galler...
E
CVE-2007-0201 Buffer overflow in the cmd_usr function in ftp-gw in TIS Internet Firewall Toolkit (FWTK) allows rem...
CVE-2007-0202 SQL injection vulnerability in index.php in @lex Guestbook 4.0.2 and earlier, when magic_quotes_gpc ...
E
CVE-2007-0203 Multiple unspecified vulnerabilities in phpMyAdmin before 2.9.2-rc1 have unknown impact and attack v...
S
CVE-2007-0204 Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.9.2-rc1 allow remote atta...
S
CVE-2007-0205 Directory traversal vulnerability in admin/skins.php for @lex Guestbook 4.0.2 and earlier allows rem...
E
CVE-2007-0206 Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, and 7.50 al...
CVE-2007-0207 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2007-0208 Microsoft Word in Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suite 2004 to 2006, and Office 200...
CVE-2007-0209 Microsoft Word in Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suite 2004 to 2006, and Office 200...
CVE-2007-0210 The Window Image Acquisition (WIA) Service in Microsoft Windows XP SP2 allows local users to gain pr...
CVE-2007-0211 The hardware detection functionality in the Windows Shell in Microsoft Windows XP SP2 and Profession...
CVE-2007-0212 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2007-0213 Microsoft Exchange Server 2000 SP3, 2003 SP1 and SP2, and 2007 does not properly decode certain MIME...
S
CVE-2007-0214 The HTML Help ActiveX control (Hhctrl.ocx) in Microsoft Windows 2000 SP3, XP SP2 and Professional, 2...
CVE-2007-0215 Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and 2003 Viewer allows ...
S
CVE-2007-0216 wkcvqd01.dll in Microsoft Works 6 File Converter, as used in Office 2003 SP2, Works 8.0, and Works S...
CVE-2007-0217 The wininet.dll FTP client code in Microsoft Internet Explorer 5.01 and 6 might allow remote attacke...
CVE-2007-0218 Microsoft Internet Explorer 5.01 and 6 allows remote attackers to execute arbitrary code by instanti...
CVE-2007-0219 Microsoft Internet Explorer 5.01, 6, and 7 uses certain COM objects from (1) Msb1fren.dll, (2) Htmlm...
CVE-2007-0220 Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 20...
S
CVE-2007-0221 Integer overflow in the IMAP (IMAP4) support in Microsoft Exchange Server 2000 SP3 allows remote att...
S
CVE-2007-0222 Directory traversal vulnerability in the EmChartBean server side component for Oracle Application Se...
S
CVE-2007-0223 SQL injection vulnerability in shared/code/cp_functions_downloads.php in Nicola Asuni All In One Con...
S
CVE-2007-0224 SQL injection vulnerability in shopgiftregsearch.asp in VP-ASP Shopping Cart 6.09 and earlier allows...
E
CVE-2007-0225 Cross-site scripting (XSS) vulnerability in shopcustadmin.asp in VP-ASP Shopping Cart 6.09 and earli...
E
CVE-2007-0226 SQL injection vulnerability in wbsearch.aspx in uniForum 4 and earlier allows remote attackers to ex...
E
CVE-2007-0227 slocate 3.1 does not properly manage database entries that specify names of files in protected direc...
CVE-2007-0228 The DataCollector service in EIQ Networks Network Security Analyzer allows remote attackers to cause...
E
CVE-2007-0229 Integer overflow in the ffs_mountfs function in Mac OS X 10.4.8 and FreeBSD 6.1 allows local users t...
E
CVE-2007-0230 PHP remote file inclusion vulnerability in install.php in CS-Cart 1.3.3 allows remote attackers to e...
CVE-2007-0231 Cross-site scripting (XSS) vulnerability in Movable Type (MT) 3.33, when nofollow is disabled and un...
CVE-2007-0232 PHP remote file inclusion vulnerability in routines/fieldValidation.php in Jshop Server 1.3 allows r...
E
CVE-2007-0233 wp-trackback.php in WordPress 2.0.6 and earlier does not properly unset variables when the input dat...
E
CVE-2007-0234 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-0243. Reason: This candida...
R
CVE-2007-0235 Stack-based buffer overflow in the glibtop_get_proc_map_s function in libgtop before 2.14.6 (libgtop...
CVE-2007-0236 Double free vulnerability in the _ATPsndrsp function in Apple Mac OS X 10.4.8, and possibly other ve...
E
CVE-2007-0237 The ndeb-binary feature in Lookup (lookup-el) allows local users to overwrite arbitrary files via a ...
S
CVE-2007-0238 Stack-based buffer overflow in filter\starcalc\scflt.cxx in the StarCalc parser in OpenOffice.org (O...
CVE-2007-0239 OpenOffice.org (OOo) Office Suite allows user-assisted remote attackers to execute arbitrary command...
CVE-2007-0240 Cross-site scripting (XSS) vulnerability in Zope 2.10.2 and earlier allows remote attackers to injec...
S
CVE-2007-0242 The UTF-8 decoder in codecs/qutfcodec.cpp in Qt 3.3.8 and 4.2.3 does not reject long UTF-8 sequences...
S
CVE-2007-0243 Buffer overflow in Sun JDK and Java Runtime Environment (JRE) 5.0 Update 9 and earlier, SDK and JRE ...
S
CVE-2007-0244 pptpgre.c in PoPToP Point to Point Tunneling Server (pptpd) before 1.3.4 allows remote attackers to ...
S
CVE-2007-0245 Heap-based buffer overflow in OpenOffice.org (OOo) 2.2.1 and earlier allows remote attackers to exec...
S
CVE-2007-0246 plugins/scmcvs/www/cvsweb.php in the CVSWeb CGI in GForge 4.5.16 before 20070524, aka gforge-plugin-...
S
CVE-2007-0247 squid/src/ftp.c in Squid before 2.6.STABLE7 allows remote FTP servers to cause a denial of service (...
CVE-2007-0248 The aclMatchExternal function in Squid before 2.6.STABLE7 allows remote attackers to cause a denial ...
S
CVE-2007-0249 Cross-site scripting (XSS) vulnerability in index.php in Nwom topsites 3.0 allows remote attackers t...
E
CVE-2007-0250 index.php in Nwom topsites 3.0 allows remote attackers to obtain potentially sensitive information v...
CVE-2007-0251 Integer underflow in the DecodeGRE function in src/decode.c in Snort 2.6.1.2 allows remote attackers...
CVE-2007-0252 Unspecified vulnerability in easy-content filemanager allows remote attackers to upload or modify ar...
CVE-2007-0253 Unspecified vulnerability in the grsecurity patch has unspecified impact and remote attack vectors, ...
CVE-2007-0254 Format string vulnerability in the errors_create_window function in errors.c in xine-ui allows attac...
CVE-2007-0255 XINE 0.99.4 allows user-assisted remote attackers to cause a denial of service (application crash) a...
CVE-2007-0256 VideoLAN VLC 0.8.6a allows remote attackers to cause a denial of service (application crash) via a c...
E
CVE-2007-0257 Unspecified vulnerability in the expand_stack function in grsecurity PaX allows local users to gain ...
CVE-2007-0258 Cross-site scripting (XSS) vulnerability in index.php in (1) Fastilo 2.0 and (2) Open Solution Quick...
E
CVE-2007-0259 Ezboxx Portal System Beta 0.7.6 and earlier allows remote attackers to obtain sensitive information ...
CVE-2007-0260 PHP remote file inclusion vulnerability in index.php in Naig 0.5.2 and earlier allows remote attacke...
E
CVE-2007-0261 snews.php in sNews 1.5.30 and earlier does not properly exit when authentication fails, which allows...
E
CVE-2007-0262 WordPress 2.0.6, and 2.1Alpha 3 (SVN:4662), does not properly verify that the m parameter value has ...
CVE-2007-0263 Unspecified vulnerability in Total Commander before 6.5.6 allows user-assisted remote attackers to d...
S
CVE-2007-0264 Buffer overflow in Winzip32.exe in WinZip 9.0 allows local users to cause a denial of service (appli...
CVE-2007-0265 Multiple cross-site scripting (XSS) vulnerabilities in Ezboxx Portal System Beta 0.7.6 and earlier a...
CVE-2007-0266 SQL injection vulnerability in boxx/ShowAppendix.asp in Ezboxx Portal System Beta 0.7.6 and earlier ...
CVE-2007-0267 The ufs_lookup function in the Mac OS X 10.4.8 and FreeBSD 6.1 kernels allows local users to cause a...
CVE-2007-0268 Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 have unknown ...
E S
CVE-2007-0269 Unspecified vulnerability in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown impact and ...
S
CVE-2007-0270 Buffer overflow in SYS.DBMS_DRS in Oracle Database 9.2.0.7 and 10.1.0.4 allows remote authenticated ...
S
CVE-2007-0271 Unspecified vulnerability in Oracle Database 9.0.1.5 and 9.2.0.7 has unknown impact and attack vecto...
S
CVE-2007-0272 Multiple buffer overflows in MDSYS.MD in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 all...
S
CVE-2007-0273 Unspecified vulnerability in Oracle Database 9.0.1.5, 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown im...
S
CVE-2007-0274 Multiple unspecified vulnerabilities in Oracle Database 9.2.0.7 and 10.1.0.5 have unknown impact and...
E S
CVE-2007-0275 Cross-site scripting (XSS) vulnerability in Oracle Reports Web Cartridge (RWCGI60) in the Workflow C...
S
CVE-2007-0276 Multiple unspecified vulnerabilities in Oracle Database 8.1.7.4 and 9.0.1.5 have unknown impact and ...
S
CVE-2007-0277 Unspecified vulnerability in Oracle Database client-only 10.1.0.4 has unknown impact and attack vect...
S
CVE-2007-0278 Multiple unspecified vulnerabilities in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.5 have...
S
CVE-2007-0279 Multiple unspecified vulnerabilities in Oracle HTTP Server 9.2.0.8 and Oracle E-Business Suite and A...
S
CVE-2007-0280 Unspecified vulnerability in Oracle HTTP Server 9.0.1.5, Application Server 9.0.4.3, 10.1.2.0.0, 10....
S
CVE-2007-0281 Multiple unspecified vulnerabilities in Oracle HTTP Server 9.0.1.5, 9.2.0.8, 10.1.0.5, and 10.2.0.3;...
S
CVE-2007-0282 Unspecified vulnerability in Oracle HTTP Server 9.0.1.5, Application Server 9.0.4.2 and 10.1.2.0.0, ...
S
CVE-2007-0283 Unspecified vulnerability in Oracle Application Server 9.0.4.3 and Collaboration Suite 9.0.4.2 has u...
S
CVE-2007-0284 Multiple unspecified vulnerabilities in Oracle Application Server 9.0.4.3 and 10.1.2.0.0, and Collab...
S
CVE-2007-0285 Unspecified vulnerability in Oracle Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2; Collaborat...
S
CVE-2007-0286 Unspecified vulnerability in Oracle Application Server 10.1.2.0.2 and 10.1.3.0, and Collaboration Su...
S
CVE-2007-0287 Unspecified vulnerability in Oracle Application Server 9.0.4.3, 10.1.2.0.0, and 10.1.2.0.2; and Coll...
S
CVE-2007-0288 Unspecified vulnerability in Oracle Application Server 10.1.4.0 has unknown impact and attack vector...
S
CVE-2007-0289 Multiple unspecified vulnerabilities in Oracle Collaboration Suite 9.0.4.2 have unknown impact and a...
S
CVE-2007-0290 Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10CU2 have unk...
S
CVE-2007-0291 Unspecified vulnerability in Oracle E-Business Suite and Applications 6.2.3 has unknown impact and a...
S
CVE-2007-0292 Multiple unspecified vulnerabilities in Oracle Enterprise Manager 10.1.0.5 have unknown impact and a...
E S
CVE-2007-0293 Multiple unspecified vulnerabilities in Oracle Enterprise Manager 10.1.0.5 and 10.2.0.1 have unknown...
S
CVE-2007-0294 Unspecified vulnerability in Oracle Enterprise Manager 10.2.0.1 has unknown impact and attack vector...
S
CVE-2007-0295 Unspecified vulnerability in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.13 and 8...
S
CVE-2007-0296 Unspecified vulnerability in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.13, 8.47...
S
CVE-2007-0297 Unspecified vulnerability in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.47.11 and 8...
S
CVE-2007-0298 PHP remote file inclusion vulnerability in show.php in LunarPoll, when register_globals is enabled, ...
E
CVE-2007-0299 Integer overflow in the byte_swap_sbin function in bsd/ufs/ufs/ufs_byte_order.c in Mac OS X 10.4.8 a...
CVE-2007-0300 PHP remote file inclusion vulnerability in i-accueil.php in TLM CMS 1.1 and earlier allows remote at...
E
CVE-2007-0301 PHP remote file inclusion vulnerability in _admin/admin_menu.php in FdWeB Espace Membre 2.1 and earl...
E
CVE-2007-0302 Multiple cross-site scripting (XSS) vulnerabilities in InstantASP 4.1.0 allow remote attackers to in...
CVE-2007-0303 Multiple unspecified vulnerabilities in Zina 1.0rc1 and earlier have unknown impact and attack vecto...
CVE-2007-0304 SQL injection vulnerability in duyuru.asp in MiNT Haber Sistemi 2.7 allows remote attackers to execu...
E
CVE-2007-0305 SQL injection vulnerability in etkinlikbak.asp in Okul Web Otomasyon Sistemi 4.0.1 allows remote att...
E
CVE-2007-0306 SQL injection vulnerability in visu_user.asp in Digiappz DigiAffiliate 1.4 and earlier allows remote...
E
CVE-2007-0307 PHP remote file inclusion vulnerability in include/common.php in Poplar Gedcom Viewer 2.0 and earlie...
E
CVE-2007-0308 Cross-site scripting (XSS) vulnerability in Plain Black WebGUI before 7.3.4 (beta) allows remote att...
S
CVE-2007-0309 SQL injection vulnerability in blocks/block-Old_Articles.php in Francisco Burzi PHP-Nuke 7.9 and ear...
E
CVE-2007-0310 BMC Remedy Action Request System 5.01.02 Patch 1267 generates different error messages for failed lo...
CVE-2007-0311 Texas Imperial Software WFTPD and WFTPD Pro Server 3.25 and earlier allow remote attackers to cause ...
E
CVE-2007-0312 wcSimple Poll stores sensitive information under the web root with insufficient access control, whic...
CVE-2007-0313 Unspecified vulnerability in GONICUS System Administration (GOsa) before 2.5.8 allows remote authent...
S
CVE-2007-0314 Multiple PHP remote file inclusion vulnerabilities in Article System 1.0 allow remote attackers to e...
E
CVE-2007-0315 Multiple buffer overflows in FileZilla before 2.2.30a allow remote attackers to execute arbitrary co...
S
CVE-2007-0316 Multiple SQL injection vulnerabilities in All In One Control Panel (AIOCP) 1.3.010 and earlier, when...
E
CVE-2007-0317 Format string vulnerability in the LogMessage function in FileZilla before 3.0.0-beta5 allows remote...
S
CVE-2007-0318 The do_hfs_truncate function in Mac OS X 10.4.8 allows context-dependent attackers to cause a denial...
CVE-2007-0319 Multiple stack-based buffer overflows in the Motive ActiveEmailTest.EmailData (ActiveUtils EmailData...
CVE-2007-0320 Multiple buffer overflows in (a) an ActiveX control (iftw.dll) and (b) Netscape plug-in (npiftw32.dl...
CVE-2007-0321 Buffer overflow in the Update Service Agent ActiveX Control in isusweb.dll for Macrovision FLEXnet C...
CVE-2007-0322 Multiple stack-based buffer overflows in the Intuit QuickBooks Online Edition ActiveX control before...
S
CVE-2007-0323 Buffer overflow in the SetLanguage function in Research In Motion (RIM) TeamOn Import Object ActiveX...
S
CVE-2007-0324 Multiple buffer overflows in the LizardTech DjVu Browser Plug-in before 6.1.1 allow remote attackers...
S
CVE-2007-0325 Multiple buffer overflows in the Trend Micro OfficeScan Web-Deployment SetupINICtrl ActiveX control ...
S
CVE-2007-0326 Multiple stack-based buffer overflows in the PhotoChannel Networks PNI Digital Media Photo Upload Pl...
S
CVE-2007-0328 The DWUpdateService ActiveX control in the agent (agent.exe) in Macrovision FLEXnet Connect 6.0 and ...
S
CVE-2007-0329 download.php in Joonas Viljanen JV2 Folder Gallery allows remote attackers to read sensitive files v...
E
CVE-2007-0330 Buffer overflow in wsbho2k0.dll, as used by wsftpurl.exe, in Ipswitch WS_FTP 2007 Professional allow...
CVE-2007-0331 Cross-site scripting (XSS) vulnerability in liens.php3 in liens_dynamiques 2.1 allows remote attacke...
E
CVE-2007-0332 (1) admin/adminlien.php3 and (2) admin/modif.php3 in liens_dynamiques 2.1 do not require authenticat...
E
CVE-2007-0333 Agnitum Outpost Firewall PRO 4.0 allows local users to bypass access restrictions and insert Trojan ...
E
CVE-2007-0334 Unspecified vulnerability in the SIP module in InGate Firewall and SIParator before 4.5.1 allows rem...
S
CVE-2007-0335 Multiple directory traversal vulnerabilities in Jax Petition Book 1.0.3.06 allow remote attackers to...
CVE-2007-0336 Undercover.app/Contents/Resources/uc in Rixstep Undercover allows local users to overwrite arbitrary...
E
CVE-2007-0337 Directory traversal vulnerability in sesskglogadmin.php in KGB 1.9 and earlier allows remote attacke...
E
CVE-2007-0338 Heap-based buffer overflow in Dream FTP Server allows remote attackers to execute arbitrary code via...
E
CVE-2007-0339 SQL injection vulnerability in index.php (aka the login form) in Scriptme SMe FileMailer 1.21 allows...
E
CVE-2007-0340 SQL injection vulnerability in inc/header.inc.php in ThWboard 3.0b2.84-php5 and earlier allows remot...
E
CVE-2007-0341 Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.1 and earlier, when Microsoft Internet Ex...
E S
CVE-2007-0342 WebCore in Apple WebKit build 18794 allows remote attackers to cause a denial of service (null deref...
E
CVE-2007-0343 OpenBSD before 20070116 allows remote attackers to cause a denial of service (infinite loop and CPU ...
CVE-2007-0344 Multiple format string vulnerabilities in (1) _invitedToRoom: and (2) _invitedToDirectChat: in Collo...
E S
CVE-2007-0345 The (1) Activity Monitor.app/Contents/Resources/pmTool, (2) Keychain Access.app/Contents/Resources/k...
E
CVE-2007-0346 SQL injection vulnerability in index.php in SmE FileMailer 1.21 allows remote attackers to execute a...
E
CVE-2007-0347 The is_eow function in format.c in CVSTrac before 2.0.1 does not properly check for the "'" (quote) ...
S
CVE-2007-0348 Stack-based buffer overflow in the IASystemInfo.dll ActiveX control in (1) InterActual Player 2.60.1...
CVE-2007-0349 Directory traversal vulnerability in upgrade.php in nicecoder.com INDEXU 5.x allows remote attackers...
CVE-2007-0350 Multiple SQL injection vulnerabilities in (a) index.php and (b) dl.php in SmE FileMailer 1.21 and ea...
CVE-2007-0351 Microsoft Windows XP and Windows Server 2003 do not properly handle user logoff, which might allow l...
CVE-2007-0352 Stack-based buffer overflow in Microsoft Help Workshop 4.03.0002 allows user-assisted remote attacke...
E
CVE-2007-0353 Cross-site scripting (XSS) vulnerability in (1) index.php and (2) login.php in myBloggie 2.1.5 allow...
E
CVE-2007-0354 SQL injection vulnerability in email.php in MGB OpenSource Guestbook 0.5.4.5 and earlier allows remo...
E
CVE-2007-0355 Buffer overflow in the Apple Minimal SLP v2 Service Agent (slpd) in Mac OS X 10.4.11 and earlier, in...
E
CVE-2007-0356 The Common Controls Replacement Project (CCRP) FolderTreeview (FTV) ActiveX control (ccrpftv6.ocx) a...
E
CVE-2007-0357 Directory traversal vulnerability in the AVM IGD CTRL Service in Fritz!DSL 02.02.29 allows remote at...
CVE-2007-0358 Unspecified vulnerability in the FTP server implementation in HP Jetdirect firmware x.20.nn through ...
S
CVE-2007-0359 PHP remote file inclusion vulnerability in frontpage.php in Uberghey CMS 0.3.1 allows remote attacke...
E
CVE-2007-0360 PHP remote file inclusion vulnerability in lang/index.php in Oreon 1.2.3 RC4 and earlier allows remo...
E
CVE-2007-0361 PHP remote file inclusion vulnerability in mep/frame.php in PHPMyphorum 1.5a allows remote attackers...
E
CVE-2007-0362 Cross-site scripting (XSS) vulnerability in the RSS feed component in FreshReader before 1.0.0701060...
CVE-2007-0363 Cross-site scripting (XSS) vulnerability in admin-search.php in (1) Openads for PostgreSQL (aka phpP...
S
CVE-2007-0364 Multiple cross-site scripting (XSS) vulnerabilities in nicecoder.com INDEXU 5.3 and earlier allow re...
E
CVE-2007-0365 Multiple cross-site scripting (XSS) vulnerabilities in All In One Control Panel (AIOCP) 1.3.009 and ...
S
CVE-2007-0366 Untrusted search path vulnerability in Rumpus 5.1 and earlier allows local users to gain privileges ...
E
CVE-2007-0367 Rumpus 5.1 and earlier has weak permissions for certain files and directories under /usr/local/Rumpu...
E
CVE-2007-0368 Stack-based buffer overflow in mbse-bbs 0.70 and earlier allows local users to execute arbitrary cod...
E
CVE-2007-0369 SQL injection vulnerability in phpBP RC3 (2.204) and earlier allows remote attackers to execute arbi...
E
CVE-2007-0370 Unrestricted file upload vulnerability in index.php in phpBP RC3 (2.204) and earlier allows remote a...
E
CVE-2007-0371 A certain ActiveX control in the Common Controls Replacement Project (CCRP) CCRP BrowseDialog Server...
E
CVE-2007-0372 Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 7.9 allow remote attackers to exe...
E
CVE-2007-0373 Multiple SQL injection vulnerabilities in Joomla! 1.5.0 Beta allow remote attackers to execute arbit...
E
CVE-2007-0374 SQL injection vulnerability in (1) Joomla! 1.0.11 and 1.5 Beta, and (2) Mambo 4.6.1, allows remote a...
E S
CVE-2007-0375 Joomla! 1.5.0 Beta allows remote attackers to obtain sensitive information via a direct request for ...
E
CVE-2007-0376 Cross-site scripting (XSS) vulnerability in Virtuemart 1.0.7 allows remote attackers to inject arbit...
CVE-2007-0377 Multiple SQL injection vulnerabilities in Xoops 2.0.16 allow remote attackers to execute arbitrary S...
E
CVE-2007-0378 Multiple SQL injection vulnerabilities in DocMan 1.3 RC2 allow attackers to execute arbitrary SQL co...
CVE-2007-0379 Cross-site scripting (XSS) vulnerability in DocMan 1.3 RC2 allows remote attackers to inject arbitra...
CVE-2007-0380 DocMan 1.3 RC2 allows remote attackers to obtain sensitive information (the full path) via unspecifi...
CVE-2007-0381 Multiple SQL injection vulnerabilities in ATutor 1.5.3.2 allow remote attackers to execute arbitrary...
S
CVE-2007-0382 Multiple SQL injection vulnerabilities in letterman.class.php in the Letterman 1.2.3 (com_letterman)...
E
CVE-2007-0383 WDaemon 9.5.4 allows remote attackers to access the /WorldClient.dll URI on TCP port 3000, which has...
E
CVE-2007-0384 Cross-site scripting (XSS) vulnerability in preview in the reviews section in PostNuke 0.764 allows ...
CVE-2007-0385 The faq section in PostNuke 0.764 allows remote attackers to obtain sensitive information (the full ...
CVE-2007-0386 Unspecified vulnerability in the rating section in PostNuke 0.764 has unknown impact and attack vect...
CVE-2007-0387 SQL injection vulnerability in models/category.php in the Weblinks component for Joomla! SVN 2007011...
CVE-2007-0388 SQL injection vulnerability in search.php in Woltlab Burning Board (wBB) 1.0.2 and earlier, and 2.3....
E
CVE-2007-0389 Directory traversal vulnerability in ArsDigita Community System (ACS) 3.4.10 and earlier, and ArsDig...
E
CVE-2007-0390 Cross-site scripting (XSS) vulnerability in index.php in sabros.us 1.7 allows remote attackers to in...
E
CVE-2007-0391 Format string vulnerability in the log creation functionality of BitDefender Client Professional Plu...
CVE-2007-0392 IBM AIX 5.3 does not properly verify the status of file descriptors before setuid execution, which a...
CVE-2007-0393 Sun Solaris 9 does not properly verify the status of file descriptors before setuid execution, which...
CVE-2007-0394 HP HP-UX B11.11 does not properly verify the status of file descriptors before setuid execution, whi...
CVE-2007-0395 PHP remote file inclusion vulnerability in libraries/grab_globals.lib.php in ComVironment 4.0 allows...
E
CVE-2007-0396 Unspecified vulnerability in HP-UX B.11.23, when running IPFilter in combination with PHNE_34474, al...
CVE-2007-0397 The Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.2.3 and Adaptive Secu...
S
CVE-2007-0398 Multiple cross-site scripting (XSS) vulnerabilities in forum.php3 in Arnaud Guyonne (aka Arnotic) a-...
CVE-2007-0399 Multiple cross-site scripting (XSS) vulnerabilities in index.php in Simple Machines Forum (SMF) 1.1 ...
CVE-2007-0400 Cross-site scripting (XSS) vulnerability in admin/memberlist.php in Easebay Resources Login Manager ...
CVE-2007-0401 SQL injection vulnerability in admin/memberlist.php in Easebay Resources Login Manager 3.0 allows re...
CVE-2007-0402 Cross-site scripting (XSS) vulnerability in admin/edit_member.php in Easebay Resources Paypal Subscr...
CVE-2007-0403 SQL injection vulnerability in admin/memberlist.php in Easebay Resources Paypal Subscription Manager...
CVE-2007-0404 bin/compile-messages.py in Django 0.95 does not quote argument strings before invoking the msgfmt pr...
S
CVE-2007-0405 The LazyUser class in the AuthenticationMiddleware for Django 0.95 does not properly cache the user ...
S
CVE-2007-0406 Multiple buffer overflows in the (1) main function in (a) client.c, and the (2) server_setup and (3)...
CVE-2007-0407 Cross-site scripting (XSS) vulnerability in Operation/User.pm in Plain Black WebGUI before 7.3.5 (be...
CVE-2007-0408 BEA Weblogic Server 8.1 through 8.1 SP4 does not properly validate client certificates when reusing ...
S
CVE-2007-0409 BEA WebLogic 7.0 through 7.0 SP6, 8.1 through 8.1 SP4, and 9.0 initial release does not encrypt pass...
S
CVE-2007-0410 Unspecified vulnerability in the thread management in BEA WebLogic 7.0 through 7.0 SP6, 8.1 through ...
S
CVE-2007-0411 BEA WebLogic Server 8.1 through 8.1 SP5, 9.0, 9.1, and 9.2 Gold, when WS-Security is used, does not ...
S
CVE-2007-0412 BEA WebLogic Server 6.1 through 6.1 SP7, 7.0 through 7.0 SP7, and 8.1 through 8.1 SP5 allows remote ...
S
CVE-2007-0413 BEA WebLogic Server 8.1 through 8.1 SP5 stores cleartext data in a backup of config.xml after offlin...
S
CVE-2007-0414 BEA WebLogic Server 6.1 through 6.1 SP7, 7.0 through 7.0 SP6, 8.1 through 8.1 SP5, and 9.0 allows re...
S
CVE-2007-0415 BEA WebLogic Server 8.1 through 8.1 SP5 does not properly enforce access control after a dynamic upd...
S
CVE-2007-0416 The WSEE runtime (WS-Security runtime) in BEA WebLogic Server 9.0 and 9.1 does not verify credential...
S
CVE-2007-0417 BEA WebLogic Server 7.0 through 7.0 SP7, 8.1 through 8.1 SP5, 9.0, and 9.1, when using the WebLogic ...
S
CVE-2007-0418 BEA WebLogic Server 7.0 through 7.0 SP6, 8.1 through 8.1 SP5, 9.0, and 9.1 does not enforce a securi...
S
CVE-2007-0419 The BEA WebLogic Server proxy plug-in before June 2006 for the Apache HTTP Server does not properly ...
S
CVE-2007-0420 BEA WebLogic Server 9.0, 9.1, and 9.2 Gold allows remote attackers to obtain sensitive information v...
S
CVE-2007-0421 BEA WebLogic Server 6.1 through 6.1 SP7, and 7.0 through 7.0 SP7 allows remote attackers to cause a ...
S
CVE-2007-0422 BEA WebLogic Server 9.0, 9.1, and 9.2 Gold, when running on Solaris 9, allows remote attackers to ca...
S
CVE-2007-0423 BEA WebLogic Portal 9.2 does not properly handle when an administrator deletes entitlements for a ro...
S
CVE-2007-0424 Unspecified vulnerability in the BEA WebLogic Server proxy plug-in for Netscape Enterprise Server be...
S
CVE-2007-0425 Unspecified vulnerability in BEA WebLogic Platform and Server 8.1 through 8.1 SP5, and JRockit 1.4.2...
CVE-2007-0426 BEA WebLogic Portal 9.2, when running in a WebLogic Server clustered environment using WebLogic Port...
S
CVE-2007-0427 Stack-based buffer overflow in Microsoft Help Workshop 4.03.0002 allows user-assisted remote attacke...
E
CVE-2007-0428 Unspecified vulnerability in the chtbl_lookup function in hash.c for WzdFTPD 8.0 and earlier allows ...
CVE-2007-0429 DivXBrowserPlugin (aka DivX Web Player) npdivx32.dll, as distributed with DivX Player 6.4.1, allows ...
E
CVE-2007-0430 The shared_region_map_file_np function in Apple Mac OS X 10.4.8 and earlier kernel allows local user...
CVE-2007-0431 AVM Fritz!Box 7050, and possibly other product models, allows remote attackers to cause a denial of ...
CVE-2007-0432 BEA AquaLogic Service Bus 2.0, 2.1, and 2.5 does not properly reject malformed request messages to a...
CVE-2007-0433 Unspecified vulnerability in BEA AquaLogic Enterprise Security 2.0 through 2.0 SP2, 2.1 through 2.1 ...
CVE-2007-0434 BEA AquaLogic Enterprise Security 2.0 through 2.0 SP2, 2.1 through 2.1 SP1, and 2.2 does not properl...
CVE-2007-0435 T-Com Speedport 500V routers with firmware 1.31 allow remote attackers to bypass authentication and ...
CVE-2007-0436 Barron McCann X-Kryptor Driver BMS1446HRR (Xgntr BMS1351 Install BMS1472) in X-Kryptor Secure Client...
CVE-2007-0437 Multiple cross-site scripting (XSS) vulnerabilities in the sample Cache' Server Page (CSP) scripts i...
CVE-2007-0441 Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, and 7.50 al...
CVE-2007-0442 Unspecified vulnerability in IBM OS/400 R530 and R535 has unknown impact and remote attack vectors, ...
CVE-2007-0443 Multiple buffer overflows in the CDDBControl ActiveX control in Gracenote CDDB before 20070418 allow...
S
CVE-2007-0444 Stack-based buffer overflow in the print provider library (cpprov.dll) in Citrix Presentation Server...
CVE-2007-0445 Heap-based buffer overflow in the arj.ppl module in the OnDemand Scanner in Kaspersky Anti-Virus, An...
S
CVE-2007-0446 Stack-based buffer overflow in magentproc.exe for Hewlett-Packard Mercury LoadRunner Agent 8.0 and 8...
CVE-2007-0447 Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote a...
S
CVE-2007-0448 The fopen function in PHP 5.2.0 does not properly handle invalid URI handlers, which allows context-...
E
CVE-2007-0449 Multiple buffer overflows in LGSERVER.EXE in CA BrightStor ARCserve Backup for Laptops and Desktops ...
S
CVE-2007-0450 Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before ...
CVE-2007-0451 Apache SpamAssassin before 3.1.8 allows remote attackers to cause a denial of service via long URLs ...
S
CVE-2007-0452 smbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users to cause a denial of service (...
CVE-2007-0453 Buffer overflow in the nss_winbind.so.1 library in Samba 3.0.21 through 3.0.23d, as used in the winb...
CVE-2007-0454 Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows contex...
S
CVE-2007-0455 Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and earlie...
CVE-2007-0456 Unspecified vulnerability in the LLT dissector in Wireshark (formerly Ethereal) 0.99.3 and 0.99.4 al...
S
CVE-2007-0457 Unspecified vulnerability in the IEEE 802.11 dissector in Wireshark (formerly Ethereal) 0.10.14 thro...
S
CVE-2007-0458 Unspecified vulnerability in the HTTP dissector in Wireshark (formerly Ethereal) 0.99.3 and 0.99.4 a...
S
CVE-2007-0459 packet-tcp.c in the TCP dissector in Wireshark (formerly Ethereal) 0.99.2 through 0.99.4 allows remo...
E S
CVE-2007-0460 Multiple buffer overflows in ulogd for SUSE Linux 9.3 up to 10.1, and possibly other distributions, ...
CVE-2007-0461 Multiple memory leaks in the Dazuko anti-virus helper module before 2.3.2 allow attackers to cause a...
CVE-2007-0462 The _GetSrcBits32ARGB function in Apple QuickDraw, as used by Quicktime 7.1.3 and other applications...
CVE-2007-0463 Format string vulnerability in Apple Software Update 2.0.5 on Mac OS X 10.4.8 allows remote attacker...
E
CVE-2007-0464 The _CFNetConnectionWillEnqueueRequests function in CFNetwork 129.19 on Apple Mac OS X 10.4 through ...
E
CVE-2007-0465 Format string vulnerability in Apple Installer 2.1.5 on Mac OS X 10.4.8 allows user-assisted remote ...
E
CVE-2007-0466 Telestream Flip4Mac Windows Media Components for Quicktime 2.1.0.33 allows remote attackers to execu...
E
CVE-2007-0467 crashdump in Apple Mac OS X 10.4.8 allows local users in the admin group to modify arbitrary files o...
E
CVE-2007-0468 Stack-based buffer overflow in rcdll.dll in msdev.exe in Visual C++ (MSVC) in Microsoft Visual Studi...
E
CVE-2007-0469 The extract_files function in installer.rb in RubyGems before 0.9.1 does not check whether files exi...
S
CVE-2007-0470 Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 10 allow local users to gain uu...
S
CVE-2007-0471 sre/params.php in the Integrity Clientless Security (ICS) component in Check Point Connectra NGX R62...
E
CVE-2007-0472 Multiple race conditions in Smb4K before 0.8.0 allow local users to (1) modify arbitrary files via u...
S
CVE-2007-0473 The writeFile function in core/smb4kfileio.cpp in Smb4K before 0.8.0 does not preserve /etc/sudoers ...
S
CVE-2007-0474 Smb4K before 0.8.0 allow local users, when present on the Smb4K sudoers list, to kill arbitrary proc...
S
CVE-2007-0475 Multiple stack-based buffer overflows in utilities/smb4k_*.cpp in Smb4K before 0.8.0 allow local use...
S
CVE-2007-0476 The gencert.sh script, when installing OpenLDAP before 2.1.30-r10, 2.2.x before 2.2.28-r7, and 2.3.x...
CVE-2007-0477 Cross-site scripting (XSS) vulnerability in Openads 2.0.x before 2.0.10, 2.3 before 2.3.31 (aka Max ...
CVE-2007-0478 WebCore on Apple Mac OS X 10.3.9 and 10.4.10, as used in Safari, does not properly parse HTML commen...
CVE-2007-0479 Memory leak in the TCP listener in Cisco IOS 9.x, 10.x, 11.x, and 12.x allows remote attackers to ca...
CVE-2007-0480 Cisco IOS 9.x, 10.x, 11.x, and 12.x and IOS XR 2.0.x, 3.0.x, and 3.2.x allows remote attackers to ca...
CVE-2007-0481 Cisco IOS allows remote attackers to cause a denial of service (crash) via a crafted IPv6 Type 0 Rou...
CVE-2007-0482 cgi-bin/main in Sun Ray Server Software 2.0 and 3.0 before 20070123 allows local users to obtain the...
CVE-2007-0483 Multiple cross-site scripting (XSS) vulnerabilities in Enthusiast 3.1 allow remote attackers to inje...
CVE-2007-0484 Multiple SQL injection vulnerabilities in Enthusiast 3.1 allow remote attackers to execute arbitrary...
CVE-2007-0485 PHP remote file inclusion vulnerability in defines.php in WebChat 0.77 allows remote attackers to ex...
E
CVE-2007-0486 Multiple PHP remote file inclusion vulnerabilities in Openads (aka phpAdsNew) 2.0.7 allow remote att...
CVE-2007-0487 PHP remote file inclusion vulnerability in index.php in FreeForum 0.9.0 allows remote attackers to e...
CVE-2007-0488 The Huawei Versatile Routing Platform 1.43 2500E-003 firmware on the Quidway R1600 Router, and possi...
E
CVE-2007-0489 PHP remote file inclusion vulnerability in includes/functions.visohotlink.php in VisoHotlink 1.01 an...
E
CVE-2007-0490 index.php in Open-Realty 2.3.4 allows remote attackers to obtain sensitive information (the full pat...
CVE-2007-0491 PHP remote file inclusion vulnerability in up.php in Sky GUNNING MySpeach 3.0.6 and earlier allows r...
CVE-2007-0492 Multiple SQL injection vulnerabilities in gallery.php in webSPELL 4.01.02 and earlier allow remote a...
CVE-2007-0493 Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4...
S
CVE-2007-0494 ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9....
S
CVE-2007-0495 PHP remote file inclusion vulnerability in include/config.inc.php in PhpSherpa allows remote attacke...
E
CVE-2007-0496 PHP remote file inclusion vulnerability in lib/nl/nl.php in Neon Labs Website (nlws) 3.2 and earlier...
E
CVE-2007-0497 PHP remote file inclusion vulnerability in upload/top.php in Upload-Service 1.0, when register_globa...
CVE-2007-0498 PHP remote file inclusion vulnerability in up.php in MySpeach 2.1 beta and possibly earlier allows r...
E
CVE-2007-0499 PHP remote file inclusion vulnerability in config.php in Sangwan Kim phpIndexPage 1.0.1 and earlier ...
E
CVE-2007-0500 PHP remote file inclusion vulnerability in include/includes.php in Bradabra 2.0.5 and earlier allows...
E
CVE-2007-0501 PHP remote file inclusion vulnerability in index.php in Mafia Scum Tools 2.0.0 in Matthew Wardrop Ad...
E
CVE-2007-0502 SQL injection vulnerability in gallery.php in webSPELL 4.01.02 allows remote attackers to execute ar...
E
CVE-2007-0503 Unspecified vulnerability in kcms_calibrate in Sun Solaris 8 and 9 before 20071122 allows local user...
S
CVE-2007-0504 Eval injection vulnerability in poll_frame.php in Vote! Pro 4.0, and possibly other scripts, allows ...
E
CVE-2007-0505 Unrestricted file upload vulnerability in the Project issue tracking 4.7.0 through 5.x before 200701...
S
CVE-2007-0506 The project_issue_access function in the Project issue tracking 4.7.0 through 5.x before 20070123 mo...
S
CVE-2007-0507 SQL injection vulnerability in the Acidfree module for Drupal before 4.6.x-1.0, and before 4.7.x-1.0...
S
CVE-2007-0508 PHP remote file inclusion vulnerability in lib/selectlang.php in BBClone 0.31 allows remote attacker...
E
CVE-2007-0509 Multiple unspecified vulnerabilities in MaklerPlus before 1.2 have unknown impact and attack vectors...
S
CVE-2007-0510 Multiple buffer overflows in (1) graphs.c, (2) output.c, and (3) preserve.c in AWFFull 3.7.1 and ear...
S
CVE-2007-0511 Multiple PHP remote file inclusion vulnerabilities in phpXMLDOM (phpXD) 0.3 and earlier allow remote...
E
CVE-2007-0512 Hitachi TP1/LiNK 05-00 through 05-03-/F, 03-04 through 03-06-/K, and 03-00 through 03-03-/H; and TP1...
S
CVE-2007-0513 Hitachi HiRDB Datareplicator 7HiRDB, 7(64), 6, 6(64), 5.0, and 5.0(64); and various products that bu...
S
CVE-2007-0514 Multiple cross-site scripting (XSS) vulnerabilities in multiple Hitachi Web Server, uCosminexus, and...
S
CVE-2007-0515 Unspecified vulnerability in Microsoft Word allows user-assisted remote attackers to execute arbitra...
CVE-2007-0516 Yana Framework before 2.8.5a allows remote authenticated users with permissions to modify a guestboo...
S
CVE-2007-0517 Scriptsez Random PHP Quote 1.0 stores sensitive information under the web root with insufficient acc...
CVE-2007-0518 Scriptsez Smart PHP Subscriber (aka subscribe) stores sensitive information under the web root with ...
CVE-2007-0519 Cross-site scripting (XSS) vulnerability in memcp.php in XMB U2U Instant Messenger allows remote aut...
CVE-2007-0520 SQL injection vulnerability in banner.php in Unique Ads (UDS) 1.x allows remote attackers to execute...
CVE-2007-0521 The Sony Ericsson K700i and W810i phones allow remote attackers to cause a denial of service (contin...
CVE-2007-0522 The Motorola MOTORAZR V3 phone allows remote attackers to cause a denial of service (continual modal...
CVE-2007-0523 The Nokia N70 phone allows remote attackers to cause a denial of service (continual modal dialogs an...
CVE-2007-0524 The LG Chocolate KG800 phone allows remote attackers to cause a denial of service (continual modal d...
CVE-2007-0525 Multiple buffer overflows in Nickolas Grigoriadis Mini Web server (MiniWebsvr) before 0.05 have unkn...
S
CVE-2007-0526 Multiple cross-site scripting (XSS) vulnerabilities in Bitweaver 1.3.1 allow remote attackers to inj...
CVE-2007-0527 SQL injection vulnerability in the is_remembered function in class.login.php in Website Baker 2.6.5 ...
E
CVE-2007-0528 The admin web console implemented by the Centrality Communications (aka Aredfox) PA168 chipset and f...
E
CVE-2007-0529 Cross-site scripting (XSS) vulnerability in index.html (aka the administration page) in PHP Link Dir...
E S
CVE-2007-0530 Multiple PHP remote file inclusion vulnerabilities in Advanced Guestbook 2.4.2 allow remote attacker...
CVE-2007-0531 PHP remote file inclusion vulnerability in includes/login.php in FreeWebShop 2.2.3 and 2.2.4 before ...
E
CVE-2007-0532 Tuan Do Uploader (aka php-uploader) 6 beta 1 stores sensitive information under the web root with in...
CVE-2007-0533 The AToZed IntraWeb component 8.0 and earlier for Borland Delphi and Kylix, and IntraWeb 9.0 before ...
CVE-2007-0534 Multiple cross-site scripting (XSS) vulnerabilities in the (1) Project issue tracking 4.7.0 through ...
CVE-2007-0535 Multiple eval injection vulnerabilities in Vote! Pro 4.0, and possibly earlier, allow remote attacke...
CVE-2007-0536 The chroot helper in rMake for rPath Linux 1 does not drop supplemental groups, which causes package...
CVE-2007-0537 The KDE HTML library (kdelibs), as used by Konqueror 3.5.5, does not properly parse HTML comments, w...
CVE-2007-0538 Telligent Community Server 2.1 and earlier allows remote attackers to cause a denial of service (ban...
CVE-2007-0539 The wp_remote_fopen function in WordPress before 2.1 allows remote attackers to cause a denial of se...
CVE-2007-0540 WordPress allows remote attackers to cause a denial of service (bandwidth or thread consumption) via...
CVE-2007-0541 WordPress allows remote attackers to determine the existence of arbitrary files, and possibly read p...
CVE-2007-0542 Cross-site scripting (XSS) vulnerability in show.php in 212cafe Guestbook 4.00 beta allows remote at...
CVE-2007-0543 ZixForum 1.14 and earlier stores sensitive information under the web root with insufficient access c...
CVE-2007-0544 Cross-site scripting (XSS) vulnerability in private.php in MyBB (aka MyBulletinBoard) allows remote ...
CVE-2007-0545 Maxtricity Tagger 0.1 stores sensitive information under the web root with insufficient access contr...
CVE-2007-0546 Toxiclab Shoutbox 1 stores sensitive information under the web root with insufficient access control...
CVE-2007-0547 Cross-site scripting (XSS) vulnerability in CGI-RESCUE WebFORM 4.3 and earlier allows remote attacke...
S
CVE-2007-0548 KarjaSoft Sami HTTP Server 2.0.1 allows remote attackers to cause a denial of service (daemon hang) ...
E
CVE-2007-0549 Cross-site scripting (XSS) vulnerability in list3.php in 212cafeBoard 6.30 Beta allows remote attack...
CVE-2007-0550 Cross-site scripting (XSS) vulnerability in search.php in 212cafeBoard 0.08 Beta allows remote attac...
CVE-2007-0551 Multiple PHP remote file inclusion vulnerabilities in cmsimple/cms.php in CMSimple 2.7 allow remote ...
CVE-2007-0552 Cross-site scripting (XSS) vulnerability in install/default/error404.html in Oh no! Not another CMS ...
S
CVE-2007-0553 Multiple cross-site scripting (XSS) vulnerabilities in index.inc.php in PHProxy before 0.5 beta 2 al...
S
CVE-2007-0554 SQL injection vulnerability in print.asp in Guo Xu Guos Posting System (GPS) 1.2 allows remote attac...
E
CVE-2007-0555 PostgreSQL 7.3 before 7.3.13, 7.4 before 7.4.16, 8.0 before 8.0.11, 8.1 before 8.1.7, and 8.2 before...
CVE-2007-0556 The query planner in PostgreSQL before 8.0.11, 8.1 before 8.1.7, and 8.2 before 8.2.2 does not verif...
CVE-2007-0557 rMake before 1.0.4 drops root privileges in a way that retains the original supplemental groups, whi...
CVE-2007-0558 PHP remote file inclusion vulnerability in modules/mail/main.php in Inter7 vHostAdmin 1.0 allows rem...
E
CVE-2007-0559 PHP remote file inclusion vulnerability in config.php in RPW 1.0.2 allows remote attackers to execut...
E
CVE-2007-0560 SQL injection vulnerability in user.asp in ASP EDGE 1.2b and earlier allows remote attackers to exec...
E
CVE-2007-0561 Multiple PHP remote file inclusion vulnerabilities in Xero Portal 1.2 allow remote attackers to exec...
E
CVE-2007-0562 Windows Explorer (explorer.exe) 6.0.2900.2180 in Microsoft Windows XP SP2 allows user-assisted remot...
E
CVE-2007-0563 Multiple cross-site scripting (XSS) vulnerabilities in Symantec Web Security (SWS) before 3.0.1.85 a...
S
CVE-2007-0564 The license registering interface in Symantec Web Security (SWS) before 3.0.1.85 allows attackers to...
S
CVE-2007-0565 CGI-Rescue Shopping Basket Professional 7.50 and earlier allows remote attackers to inject arbitrary...
CVE-2007-0566 SQL injection vulnerability in news_detail.asp in ASP NEWS 3 and earlier allows remote attackers to ...
E
CVE-2007-0567 Cross-site scripting (XSS) vulnerability in admin.php in Interactive-Scripts.Com PHP Membership Mana...
E
CVE-2007-0568 PHP remote file inclusion vulnerability in system/lib/package.php in MyPHPCommander 2.0 allows remot...
E
CVE-2007-0569 SQL injection vulnerability in xNews.php in xNews 1.3 allows remote attackers to execute arbitrary S...
E
CVE-2007-0570 PHP remote file inclusion vulnerability in ains_main.php in Johannes Gijsbers (aka Taradino) Ad Fund...
E
CVE-2007-0571 PHP remote file inclusion vulnerability in include/lib/lib_head.php in phpMyReports 3.0.11 and earli...
E
CVE-2007-0572 PHP remote file inclusion vulnerability in include/irc/phpIRC.php in Drunken:Golem Gaming Portal 0.5...
E
CVE-2007-0573 PHP remote file inclusion vulnerability in includes/config.inc.php in nsGalPHP 0.41 and earlier allo...
E
CVE-2007-0574 SQL injection vulnerability in rss/show_webfeed.php in SpoonLabs Vivvo Article Management CMS (aka p...
E
CVE-2007-0575 Multiple SQL injection vulnerabilities in the administrative login page (admin/login.asp) in ASPCode...
E
CVE-2007-0576 PHP remote file inclusion vulnerability in xt_counter.php in Xt-Stats 2.3.x up to 2.4.0.b3 allows re...
E
CVE-2007-0577 PHP remote file inclusion vulnerability in function.inc.php in ACGVclick 0.2.0 and earlier allows re...
E
CVE-2007-0578 The http_open function in httpget.c in mpg123 before 0.64 allows remote attackers to cause a denial ...
S
CVE-2007-0579 Unspecified vulnerability in the calendar component in Horde Groupware Webmail Edition before 1.0, a...
S
CVE-2007-0580 PHP remote file inclusion vulnerability in menu.php in Foro Domus 2.10 allows remote attackers to ex...
E
CVE-2007-0581 PHP remote file inclusion vulnerability in functions.php in EclipseBB 0.5.0 Lite allows remote attac...
E
CVE-2007-0582 SQL injection vulnerability in default.asp in ChernobiLe 1.0 allows remote attackers to execute arbi...
E
CVE-2007-0583 Multiple cross-site scripting (XSS) vulnerabilities in HTTP Commander 6.0, and possibly earlier, all...
CVE-2007-0584 PHP remote file inclusion vulnerability in membres/membreManager.php in PhP Generic Library & Framew...
E
CVE-2007-0585 include/debug.php in Webfwlog 0.92 and earlier, when register_globals is enabled, allows remote atta...
E
CVE-2007-0588 The InternalUnpackBits function in Apple QuickDraw, as used by Quicktime 7.1.3 and other application...
CVE-2007-0589 SQL injection vulnerability in Forum Livre 1.0 allows remote attackers to execute arbitrary SQL comm...
E
CVE-2007-0590 Cross-site scripting (XSS) vulnerability in busca2.asp in Forum Livre 1.0 remote attackers to inject...
E
CVE-2007-0591 PHP remote file inclusion vulnerability in configure.php in Vu Le An Virtual Path (VirtualPath) 1.0 ...
E
CVE-2007-0592 Cross-site scripting (XSS) vulnerability in EzDatabase 2.1.3 allows remote attackers to inject arbit...
CVE-2007-0593 Siteman 1.1.11 stores sensitive information under the web root with insufficient access control, whi...
CVE-2007-0594 Siteman 2.0.x2 stores sensitive information under the web root with insufficient access control, whi...
CVE-2007-0595 Cross-site scripting (XSS) vulnerability in search in High 5 Review Site allows remote attackers to ...
CVE-2007-0596 PHP remote file inclusion vulnerability in index/main.php in Aztek Forum 4.00 allows remote authenti...
E
CVE-2007-0597 Aztek Forum 4.00 allows remote attackers to obtain sensitive information via a direct request to for...
E
CVE-2007-0598 SQL injection vulnerability in forum/load.php in Aztek Forum 4.00 allows remote attackers to execute...
E
CVE-2007-0599 Variable overwrite vulnerability in common/config.php in Aztek Forum 4.00 allows remote attackers to...
E
CVE-2007-0600 SQL injection vulnerability in news_page.asp in Martyn Kilbryde Newsposter Script (aka makit news/bl...
E
CVE-2007-0601 common/safety.php in Aztek Forum 4.00 allows remote attackers to enter certain data containing %22 s...
E
CVE-2007-0602 Buffer overflow in libvsapi.so in the VSAPI library in Trend Micro VirusWall 3.81 for Linux, as used...
E S
CVE-2007-0603 PGP Desktop before 9.5.1 does not validate data objects received over the (1) \pipe\pgpserv named pi...
CVE-2007-0604 Cross-site scripting (XSS) vulnerability in Movable Type (MT) before 3.34 allows remote attackers to...
CVE-2007-0605 Cross-site scripting (XSS) vulnerability in picture.php in Advanced Guestbook 2.4.2 allows remote at...
CVE-2007-0606 w-agora 4.2.1 allows remote attackers to obtain sensitive information by via the (1) bn[] array para...
E
CVE-2007-0607 W-Agora (Web-Agora) 4.2.1, when register_globals is enabled, stores globals.inc under the web docume...
E
CVE-2007-0608 Advanced Guestbook 2.4.2 allows remote attackers to obtain sensitive information via an invalid (1) ...
CVE-2007-0609 Directory traversal vulnerability in Advanced Guestbook 2.4.2 allows remote attackers to bypass .hta...
E
CVE-2007-0610 Cross-site scripting (XSS) vulnerability in the mailform feature in CMSimple 2.7 fix1 allows remote ...
CVE-2007-0611 Multiple cross-site scripting (XSS) vulnerabilities in Free LAN In(tra|ter)net Portal (FLIP) before ...
CVE-2007-0612 Multiple ActiveX controls in Microsoft Windows 2000, XP, 2003, and Vista allows remote attackers to ...
E
CVE-2007-0613 The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMessage framework 428 in Apple M...
E
CVE-2007-0614 The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMessage framework 428 in Apple M...
E
CVE-2007-0615 Unspecified vulnerability in Hitachi JP1/HIBUN Advanced Edition Management Server and Log Server bef...
CVE-2007-0616 Directory traversal vulnerability in zen/template-functions.php in zenphoto 1.0.4 up to 1.0.6 allows...
E
CVE-2007-0617 The SpamBlocker.dll ActiveX control in Earthlink TotalAccess is marked "safe for scripting," which a...
CVE-2007-0618 Unspecified vulnerability in (1) pop3d, (2) pop3ds, (3) imapd, and (4) imapds in IBM AIX 5.3.0 has u...
S
CVE-2007-0619 chmlib before 0.39 allows user-assisted remote attackers to execute arbitrary code via a crafted pag...
S
CVE-2007-0620 download.php in FD Script 1.3.2 and earlier allows remote attackers to read source of files under th...
E
CVE-2007-0621 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-6456. Reason: This candida...
R
CVE-2007-0622 Cross-site request forgery (CSRF) vulnerability in MyBB (aka MyBulletinBoard) 1.2.2 allows remote at...
CVE-2007-0623 SQL injection vulnerability in index.php in MAXdev MDPro 1.0.76 allows remote attackers to execute a...
E
CVE-2007-0624 user.php in MAXdev MDPro 1.0.76 allows remote attackers to obtain the full path via a ' (quote) char...
CVE-2007-0625 nxconfigure.sh in NoMachine NX Server before 2.1.0-18 does not validate the invoking user, which all...
S
CVE-2007-0626 The comment_form_add_preview function in comment.module in Drupal before 4.7.6, and 5.x before 5.1, ...
S
CVE-2007-0627 Michael Still gtalkbot before 1.2 places username and password arguments on the command line, which ...
CVE-2007-0628 Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Access Manager 6.1, 6.2, 6 20...
S
CVE-2007-0629 The www_purgeList method in Plain Black WebGUI before 7.3.8 does not properly check user permissions...
S
CVE-2007-0630 Multiple SQL injection vulnerabilities in the generate_csv function in classes/class.news.php in X-d...
CVE-2007-0631 SQL injection vulnerability in index.php in Eclectic Designs CascadianFAQ 4.1 and earlier allows rem...
E
CVE-2007-0632 SQL injection vulnerability in artreplydelete.asp in ASP EDGE 1.3a and earlier allows remote attacke...
CVE-2007-0633 PHP remote file inclusion vulnerability in include/themes/themefunc.php in MyNews 4.2.2 and earlier ...
E
CVE-2007-0634 Unspecified vulnerability in Sun Solaris 10 before 20070130 allows remote attackers to cause a denia...
S
CVE-2007-0635 Multiple PHP remote file inclusion vulnerabilities in EncapsCMS 0.3.6 allow remote attackers to exec...
CVE-2007-0636 Unspecified vulnerability in inotify before 0.3.5 has unknown impact and attack vectors, related to ...
S
CVE-2007-0637 Directory traversal vulnerability in zd_numer.php in Galeria Zdjec 3.0 and earlier allows remote att...
E
CVE-2007-0638 show.php in Vlad Alexa Mancini PHPFootball 1.6 allows remote attackers to obtain sensitive informati...
E
CVE-2007-0639 Multiple static code injection vulnerabilities in error.php in GuppY 4.5.16 and earlier allow remote...
E S
CVE-2007-0640 Buffer overflow in ZABBIX before 1.1.5 has unknown impact and attack vectors related to "SNMP IP add...
S
CVE-2007-0641 Buffer overflow in the EnumPrintersA function in dapcnfsd.dll 0.6.4.0 in Shaffer Solutions (SSC) Dis...
E
CVE-2007-0642 SQL injection vulnerability in tForum 2.00 in the Raymond BERTHOU script collection (aka RBL - ASP) ...
E
CVE-2007-0643 Stack-based buffer overflow in Bloodshed Dev-C++ 4.9.9.2 allows user-assisted remote attackers to ca...
E
CVE-2007-0644 Format string vulnerability in Apple Safari 2.0.4 (419.3) allows remote user-assisted attackers to c...
CVE-2007-0645 Format string vulnerability in iPhoto 6.0.5 allows remote user-assisted attackers to cause a denial ...
CVE-2007-0646 Format string vulnerability in iMovie HD 6.0.3, and Safari in Apple Mac OS X 10.4 through 10.4.10, a...
E
CVE-2007-0647 Format string vulnerability in Help Viewer 3.0.0 allows remote user-assisted attackers to cause a de...
E
CVE-2007-0648 Cisco IOS after 12.3(14)T, 12.3(8)YC1, 12.3(8)YG, and 12.4, with voice support and without Session I...
S
CVE-2007-0649 Variable overwrite vulnerability in interface/globals.php in OpenEMR 2.8.2 and earlier allows remote...
CVE-2007-0650 Buffer overflow in the open_sty function in mkind.c for makeindex 2.14 in teTeX might allow user-ass...
CVE-2007-0651 Multiple cross-site scripting (XSS) vulnerabilities in MailEnable Professional before 2.37 allow rem...
S
CVE-2007-0652 Cross-site request forgery (CSRF) vulnerability in MailEnable Professional before 2.37 allows remote...
S
CVE-2007-0653 Integer overflow in X MultiMedia System (xmms) 1.2.10, and possibly other versions, allows user-assi...
CVE-2007-0654 Integer underflow in X MultiMedia System (xmms) 1.2.10 allows user-assisted remote attackers to exec...
CVE-2007-0655 The MicroWorld Agent service (MWAGENT.EXE) in MicroWorld Technologies eScan 8.0.671.1, and possibly ...
CVE-2007-0656 PHP remote file inclusion vulnerability in includes/functions.php in phpBB2-MODificat 0.2.0 and earl...
E
CVE-2007-0657 Unspecified vulnerability in Nexuiz 2.2.2 allows remote attackers to read and overwrite arbitrary fi...
S
CVE-2007-0658 The (1) Textimage 4.7.x before 4.7-1.2 and 5.x before 5.x-1.1 module for Drupal and the (2) Captcha ...
S
CVE-2007-0659 download.php in the MuddyDogPaws FileDownload snippet before 2.5 for MODx allows remote attackers to...
S
CVE-2007-0660 Cross-site scripting (XSS) vulnerability in the IFrame module before 03.02.01 for DotNetNuke (DNN) a...
CVE-2007-0661 Intel Enterprise Southbridge 2 Baseboard Management Controller (BMC), Intel Server Boards 5000XAL, S...
S
CVE-2007-0662 PHP remote file inclusion vulnerability in includes/usercp_viewprofile.php in Hailboards 1.2.0 allow...
E
CVE-2007-0663 SQL injection vulnerability in index.php in Eclectic Designs CascadianFAQ 4.1 and earlier allows rem...
CVE-2007-0664 thttpd before 2.25b-r6 in Gentoo Linux is started from the system root directory (/) by the Gentoo b...
S
CVE-2007-0665 Format string vulnerability in the SCP module in Ipswitch WS_FTP 2007 Professional might allow remot...
CVE-2007-0666 Ipswitch WS_FTP Server 5.04 allows FTP site administrators to execute arbitrary code on the system v...
CVE-2007-0667 The redirect function in Form.pm for (1) LedgerSMB before 1.1.5 and (2) SQL-Ledger allows remote aut...
CVE-2007-0668 The Loopback Filesystem (LOFS) in Sun Solaris 10 allows local users in a non-global zone to move and...
S
CVE-2007-0669 Unspecified vulnerability in Twiki 4.0.0 through 4.1.0 allows local users to execute arbitrary Perl ...
S
CVE-2007-0670 Buffer overflow in bos.rte.libc in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code ...
CVE-2007-0671 Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Of...
KEV
CVE-2007-0672 LGSERVER.EXE in BrightStor Mobile Backup 4.0 allows remote attackers to cause a denial of service (d...
S
CVE-2007-0673 LGSERVER.EXE in BrightStor ARCserve Backup for Laptops & Desktops r11.1 allows remote attackers to c...
S
CVE-2007-0674 Pictures and Videos on Windows Mobile 5.0 and Windows Mobile 2003 and 2003SE for Smartphones and Poc...
CVE-2007-0675 A certain ActiveX control in sapi.dll (aka the Speech API) in Speech Components in Microsoft Windows...
CVE-2007-0676 SQL injection vulnerability in faq.php in ExoPHPDesk 1.2.1 and earlier allows remote attackers to ex...
E
CVE-2007-0677 PHP remote file inclusion vulnerability in fw/class.Quick_Config_Browser.php in Cadre PHP Framework ...
E
CVE-2007-0678 SQL injection vulnerability in windows.asp in Fullaspsite Asp Hosting Sitesi allows remote attackers...
E
CVE-2007-0679 PHP remote file inclusion vulnerability in lang/leslangues.php in Nicolas Grandjean PHPMyRing 4.1.3b...
E
CVE-2007-0680 PHP remote file inclusion vulnerability in includes/functions.php in Phpbb Tweaked 3 and earlier all...
E
CVE-2007-0681 profile.php in ExtCalendar 2 and earlier allows remote attackers to change the passwords of arbitrar...
E
CVE-2007-0682 PHP remote file inclusion vulnerability in theme/include_mode/template.php in JV2 Folder Gallery 3.0...
E
CVE-2007-0683 PHP remote file inclusion vulnerability in includes/functions.php in Omegaboard 1.0beta4 and earlier...
E
CVE-2007-0684 PHP remote file inclusion vulnerability in portal.php in Cerulean Portal System 0.7b allows remote a...
E
CVE-2007-0685 Internet Explorer on Windows Mobile 5.0 and Windows Mobile 2003 and 2003SE for Smartphones and Pocke...
CVE-2007-0686 The Intel 2200BG 802.11 Wireless Mini-PCI driver 9.0.3.9 (w29n51.sys) allows remote attackers to cau...
E
CVE-2007-0687 SQL injection vulnerability in i-search.php in Michelle's L2J Dropcalc 4 and earlier allows remote a...
E
CVE-2007-0688 SQL injection vulnerability in oku.asp in Hunkaray Duyuru Scripti allows remote attackers to execute...
E
CVE-2007-0689 MyBB 1.2.4 allows remote attackers to obtain sensitive information via the (1) action[] parameter to...
E
CVE-2007-0690 myEvent 1.6 allows remote attackers to obtain sensitive information via (1) a Log In action without ...
CVE-2007-0691 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-2066. Reason: This candida...
R
CVE-2007-0692 DGNews 2.1 allows remote attackers to obtain sensitive information via a fullnews request to news.ph...
CVE-2007-0693 SQL injection vulnerability in news.php in DGNews 2.1 allows remote attackers to execute arbitrary S...
CVE-2007-0694 Cross-site scripting (XSS) vulnerability in footer.php in DGNews 2.1 allows remote attackers to inje...
CVE-2007-0695 Multiple SQL injection vulnerabilities in Free LAN In(tra|ter)net Portal (FLIP) before 1.0-RC3 allow...
CVE-2007-0696 Cross-site scripting (XSS) vulnerability in error messages in Free LAN In(tra|ter)net Portal (FLIP) ...
CVE-2007-0697 index2.php in ACGVannu 1.3 and earlier allows remote attackers to change the password or profile of ...
E
CVE-2007-0698 Multiple SQL injection vulnerabilities in ACGVannu 1.3 and earlier allow remote attackers to execute...
CVE-2007-0699 PHP remote file inclusion vulnerability in includes/includes.php in Guernion Sylvain Portail Web Php...
E
CVE-2007-0700 Directory traversal vulnerability in index.php in Guernion Sylvain Portail Web Php (aka Gsylvain35 P...
E
CVE-2007-0701 PHP remote file inclusion vulnerability in inc/common.inc.php in Epistemon 1.0 allows remote attacke...
E
CVE-2007-0702 Multiple PHP remote file inclusion vulnerabilities in phpEventMan 1.0.2 allow remote attackers to ex...
E
CVE-2007-0703 PHP remote file inclusion vulnerability in library/StageLoader.php in WebBuilder 2.0 and earlier all...
E
CVE-2007-0704 PHP remote file inclusion vulnerability in install.php in Somery 0.4.6 allows remote attackers to ex...
E
CVE-2007-0705 Cross-zone scripting vulnerability in Sleipnir 2.49 and earlier, and Portable Sleipnir 2.45 and earl...
CVE-2007-0706 Cross-zone scripting vulnerability in Darksky RSS bar for Internet Explorer before 1.29, RSS bar for...
CVE-2007-0707 Stack-based buffer overflow in GOM Player 2.0.12.3375 allows user-assisted remote attackers to execu...
S
CVE-2007-0708 cmdmon.sys in Comodo Firewall Pro (formerly Comodo Personal Firewall) before 2.4.16.174 does not val...
CVE-2007-0709 cmdmon.sys in Comodo Firewall Pro (formerly Comodo Personal Firewall) 2.4.16.174 and earlier does no...
E
CVE-2007-0710 The Bonjour functionality in iChat in Apple Mac OS X 10.3.9 allows remote attackers to cause a denia...
E S
CVE-2007-0711 Integer overflow in Apple QuickTime before 7.1.5, when installed on Windows operating systems, allow...
S
CVE-2007-0712 Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to ...
CVE-2007-0713 Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to ...
S
CVE-2007-0714 Integer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a de...
S
CVE-2007-0715 Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to ...
S
CVE-2007-0716 Stack-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to...
S
CVE-2007-0717 Integer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a de...
S
CVE-2007-0718 Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to ...
S
CVE-2007-0719 Stack-based buffer overflow in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assi...
S
CVE-2007-0720 The CUPS service on multiple platforms allows remote attackers to cause a denial of service (service...
CVE-2007-0721 Unspecified vulnerability in diskimages-helper in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allo...
S
CVE-2007-0722 Integer overflow in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attack...
S
CVE-2007-0723 Unspecified vulnerability in the authentication feature for DirectoryService (DS Plug-Ins) for Apple...
S
CVE-2007-0724 The IOKit HID interface in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 does not sufficiently limit...
S
CVE-2007-0725 Buffer overflow in the AirPortDriver module for AirPort in Apple Mac OS X 10.3.9 through 10.4.9, whe...
CVE-2007-0726 The SSH key generation process in OpenSSH in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows re...
S
CVE-2007-0727 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2007-0728 Unspecified vulnerability in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 creates files insecurely ...
S
CVE-2007-0729 Apple File Protocol (AFP) Client in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the...
S
CVE-2007-0730 Server Manager (servermgrd) in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 does not sufficiently v...
S
CVE-2007-0731 Stack-based buffer overflow in the Apple-specific Samba module (SMB File Server) in Apple Mac OS X 1...
S
CVE-2007-0732 Unspecified vulnerability in the CoreServices daemon in CarbonCore in Apple Mac OS X 10.4 through 10...
CVE-2007-0733 Unspecified vulnerability in ImageIO in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote ...
S
CVE-2007-0734 fsck, as used by the AirPort Disk feature of the AirPort Extreme Base Station with 802.11n before Fi...
S
CVE-2007-0735 Use-after-free vulnerability in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attack...
S
CVE-2007-0736 Integer overflow in the RPC library in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote...
S
CVE-2007-0737 The Login Window in Apple Mac OS X 10.3.9 through 10.4.9 does not properly check certain environment...
S
CVE-2007-0738 The Login Window in Apple Mac OS X 10.4 through 10.4.9 does not display the screen saver authenticat...
S
CVE-2007-0739 The Login Window in Apple Mac OS X 10.4 through 10.4.9 displays the software update window beneath t...
S
CVE-2007-0740 Alias Manager in Apple Mac OS X 10.3.9 and 10.4.9 does not display files with the same name in mount...
CVE-2007-0741 Buffer overflow in natd in network_cmds in Apple Mac OS X 10.3.9 through 10.4.9, when Internet Shari...
S
CVE-2007-0742 The WebFoundation framework in Apple Mac OS X 10.3.9 and earlier allows subdomain cookies to be acce...
S
CVE-2007-0743 URLMount in Apple Mac OS X 10.3.9 through 10.4.9 passes the username and password credentials for mo...
S
CVE-2007-0744 SMB in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment when executing c...
S
CVE-2007-0745 The Apple Security Update 2007-004 uses an incorrect configuration file for FTPServer in Apple Mac O...
S
CVE-2007-0746 Heap-based buffer overflow in the VideoConference framework in Apple Mac OS X 10.3.9 through 10.4.9 ...
S
CVE-2007-0747 load_webdav in Apple Mac OS X 10.3.9 through 10.4.9 does not properly clean the environment when mou...
S
CVE-2007-0748 Heap-based buffer overflow in Apple Darwin Streaming Proxy, when using Darwin Streaming Server befor...
S
CVE-2007-0749 Multiple stack-based buffer overflows in the is_command function in proxy.c in Apple Darwin Streamin...
S
CVE-2007-0750 Integer overflow in CoreGraphics in Apple Mac OS X 10.4 up to 10.4.9 allows remote user-assisted att...
CVE-2007-0751 A cleanup script in crontabs in Apple Mac OS X 10.3.9 and 10.4.9 might delete filesystems that have ...
CVE-2007-0752 The PPP daemon (pppd) in Apple Mac OS X 10.4.8 checks ownership of the stdin file descriptor to dete...
CVE-2007-0753 Format string vulnerability in the VPN daemon (vpnd) in Apple Mac OS X 10.3.9 and 10.4.9 allows loca...
CVE-2007-0754 Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to ...
S
CVE-2007-0756 Chicken of the VNC (cotv) 2.0 allows remote attackers to cause a denial of service (application cras...
E
CVE-2007-0757 PHP remote file inclusion vulnerability in index.php in Miguel Nunes Call of Duty 2 (CoD2) DreamStat...
E
CVE-2007-0758 PHP remote file inclusion vulnerability in lang.php in PHPProbid 5.24 allows remote attackers to exe...
CVE-2007-0759 Multiple SQL injection vulnerabilities in EasyMoblog 0.5.1 allow remote attackers to execute arbitra...
E
CVE-2007-0760 EQdkp 1.3.1 and earlier authenticates administrative requests by verifying that the HTTP Referer hea...
E
CVE-2007-0761 PHP remote file inclusion vulnerability in config.php in phpBB ezBoard converter (ezconvert) 0.2 all...
E
CVE-2007-0762 PHP remote file inclusion vulnerability in includes/functions.php in phpBB++ Build 100 allows remote...
E
CVE-2007-0763 Cross-site scripting (XSS) vulnerability in the news comment functionality in F3Site 2.1 and earlier...
E
CVE-2007-0764 Unrestricted file upload vulnerability in F3Site 2.1 and earlier allows remote authenticated adminis...
E
CVE-2007-0765 SQL injection vulnerability in news.php in dB Masters Curium CMS 1.03 and earlier allows remote atta...
E
CVE-2007-0766 Stack-based buffer overflow in Remotesoft .NET Explorer 2.0.1 allows user-assisted remote attackers ...
E
CVE-2007-0767 Cross-site scripting (XSS) vulnerability in the core in Phorum before 5.1.18 allows remote attackers...
CVE-2007-0768 Multiple cross-site scripting (XSS) vulnerabilities in the Contact Details functionality in Yahoo! M...
CVE-2007-0769 Cross-site scripting (XSS) vulnerability in register.php in Phorum 5.1.18 allows remote attackers to...
CVE-2007-0770 Buffer overflow in GraphicsMagick and ImageMagick allows user-assisted remote attackers to cause a d...
CVE-2007-0771 The utrace support in Linux kernel 2.6.18, and other versions, allows local users to cause a denial ...
S
CVE-2007-0772 The Linux kernel 2.6.13 and other versions before 2.6.20.1 allows remote attackers to cause a denial...
CVE-2007-0773 The Linux kernel before 2.6.9-42.0.8 in Red Hat 4.4 allows local users to cause a denial of service ...
S
CVE-2007-0774 Stack-based buffer overflow in the map_uri_to_worker function (native/common/jk_uri_worker_map.c) in...
S
CVE-2007-0775 Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.10 and 2.x...
S
CVE-2007-0776 Heap-based buffer overflow in the _cairo_pen_init function in Mozilla Firefox 2.x before 2.0.0.2, Th...
S
CVE-2007-0777 The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before ...
S
CVE-2007-0778 The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey befo...
S
CVE-2007-0779 GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMo...
S
CVE-2007-0780 browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0...
S
CVE-2007-0784 SQL injection vulnerability in login.asp for tPassword in the Raymond BERTHOU script collection (aka...
E
CVE-2007-0785 PHP remote file inclusion vulnerability in previewtheme.php in Flipsource Flip 2.01-final 1.0 and ea...
E
CVE-2007-0786 SQL injection vulnerability in view.php in Noname Media Photo Galerie Standard 1.1.1 and earlier all...
E
CVE-2007-0787 PHP remote file inclusion vulnerability in controller.php in Simple Invoices before 20070202 allows ...
CVE-2007-0788 Cross-site scripting (XSS) vulnerability in MediaWiki 1.9.x before 1.9.2 allows remote attackers to ...
CVE-2007-0789 SQL injection vulnerability in Mambo before 4.5.5 allows remote attackers to execute arbitrary SQL c...
CVE-2007-0790 Heap-based buffer overflow in SmartFTP 2.0.1002 allows remote FTP servers to execute arbitrary code ...
E
CVE-2007-0791 Cross-site scripting (XSS) vulnerability in Atom feeds in Bugzilla 2.20.3, 2.22.1, and 2.23.3, and e...
CVE-2007-0792 The mod_perl initialization script in Bugzilla 2.23.3 does not set the Bugzilla Apache configuration...
CVE-2007-0793 PHP remote file inclusion vulnerability in inc/common.php in GlobalMegaCorp dvddb 0.6 allows remote ...
CVE-2007-0794 SQL injection vulnerability in inc/common.php in GlobalMegaCorp dvddb 0.6 allows remote attackers to...
CVE-2007-0795 Multiple PHP remote file inclusion vulnerabilities in Wap Portal Server 1.x allow remote attackers t...
CVE-2007-0796 Blue Coat Systems WinProxy 6.1a and 6.0 r1c, and possibly earlier, allows remote attackers to cause ...
S
CVE-2007-0797 PHP remote file inclusion vulnerability in theme/settings.php in bluevirus-design SMA-DB 0.3.9 and e...
E
CVE-2007-0798 Multiple cross-site scripting (XSS) vulnerabilities in Ublog Reload 1.0.5 allow remote attackers to ...
CVE-2007-0799 SQL injection vulnerability in badword.asp in Ublog Reload 1.0.5 allows remote attackers to execute ...
CVE-2007-0800 Cross-zone vulnerability in Mozilla Firefox 1.5.0.9 considers blocked popups to have an internal zon...
E
CVE-2007-0801 The nsExternalAppHandler::SetUpTempFile function in Mozilla Firefox 1.5.0.9 creates temporary files ...
E
CVE-2007-0802 Mozilla Firefox 2.0.0.1 allows remote attackers to bypass the Phishing Protection mechanism by addin...
E
CVE-2007-0803 Multiple buffer overflows in STLport before 5.0.3 allow remote attackers to execute arbitrary code v...
S
CVE-2007-0804 Directory traversal vulnerability in admin/subpages.php in GGCMS 1.1.0 RC1 and earlier allows remote...
E
CVE-2007-0805 The ps (/usr/ucb/ps) command on HP Tru64 UNIX 5.1 1885 allows local users to obtain sensitive inform...
E
CVE-2007-0806 Les News 2.2 allows remote attackers to bypass authentication and gain administrative access via a d...
E
CVE-2007-0807 Cross-site scripting (XSS) vulnerability in info.php in flashChat 4.7.8 allows remote attackers to i...
CVE-2007-0808 PHP remote file inclusion vulnerability in Mina Ajans Script allows remote attackers to execute arbi...
CVE-2007-0809 PHP remote file inclusion vulnerability in includes/class_template.php in Categories hierarchy (aka ...
E
CVE-2007-0810 PHP remote file inclusion vulnerability in MVCnPHP/BaseView.php in GeekLog 2 and earlier allows remo...
E
CVE-2007-0811 Microsoft Internet Explorer 6.0 SP1 on Windows 2000, and 6.0 SP2 on Windows XP, allows remote attack...
E
CVE-2007-0812 SQL injection vulnerability in pms.php in Woltlab Burning Board (wBB) Lite 1.0.2pl3e and earlier all...
E
CVE-2007-0813 Cross-site scripting (XSS) vulnerability in Home production MySearchEngine allows remote attackers t...
CVE-2007-0814 Multiple cross-site scripting (XSS) vulnerabilities in Adrenalin's ASP Chat allow remote attackers t...
CVE-2007-0815 Cross-site scripting (XSS) vulnerability in images_archive.asp in Uapplication Uphotogallery 1.1 all...
CVE-2007-0816 The RPC Server service (catirpc.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup...
E
CVE-2007-0817 Cross-site scripting (XSS) vulnerability in Adobe ColdFusion web server allows remote attackers to i...
CVE-2007-0818 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-0396. Reason: This candida...
R
CVE-2007-0819 HP Network Node Manager (NNM) Remote Console 7.50, 7.51, and 7.53 assigns Everyone Full Control perm...
E
CVE-2007-0820 Multiple PHP remote file inclusion vulnerabilities in Cedric CLAIRE PortailPhp 2 allow remote attack...
CVE-2007-0821 Multiple directory traversal vulnerabilities in Cedric CLAIRE PortailPhp 2 allow remote attackers to...
CVE-2007-0822 umount, when running with the Linux 2.6.15 kernel on Slackware Linux 10.2, allows local users to tri...
E
CVE-2007-0823 xterm on Slackware Linux 10.2 stores information that had been displayed for a different user accoun...
E
CVE-2007-0824 PHP remote file inclusion vulnerability in inhalt.php in LightRO CMS 1.0 allows remote attackers to ...
E
CVE-2007-0825 FlashFXP 3.4.0 build 1145 allows remote servers to cause a denial of service (CPU consumption) via a...
E
CVE-2007-0826 SQL injection vulnerability in forum.asp in Kisisel Site 2007 allows remote attackers to execute arb...
E
CVE-2007-0827 The Alibaba Alipay PTA Module ActiveX control (PTA.DLL) allows remote attackers to execute arbitrary...
E
CVE-2007-0828 PHP remote file inclusion vulnerability in affichearticles.php3 in MySQLNewsEngine allows remote att...
CVE-2007-0829 avast! Server Edition before 4.7.726 does not demand a password in a certain intended context, even ...
CVE-2007-0830 Multiple cross-site scripting (XSS) vulnerabilities in the Admin Control Panel (AdminCP) in Jelsoft ...
CVE-2007-0831 Multiple PHP remote file inclusion vulnerabilities in Atsphp 5.0.1 allow remote attackers to execute...
CVE-2007-0832 VMware Workstation 5.5.3 34685 does not immediately change the availability of a shared clipboard wh...
CVE-2007-0833 VMware Workstation 5.5.3 34685, when the "Enable copy and paste to and from this virtual machine" op...
CVE-2007-0834 Cross-site scripting (XSS) vulnerability in FlashChat 4.7.8 allows remote attackers to inject arbitr...
CVE-2007-0835 admin.php in Coppermine Photo Gallery 1.4.10, and possibly earlier, allows remote authenticated user...
CVE-2007-0836 admin.php in Coppermine Photo Gallery 1.4.10, and possibly earlier, allows remote authenticated user...
CVE-2007-0837 PHP remote file inclusion vulnerability in examples/inc/top.inc.php in AgerMenu 0.03 and earlier all...
E
CVE-2007-0838 FreeProxy before 3.92 Build 1626 allows malicious users to cause a denial of service (infinite loop)...
S
CVE-2007-0839 Multiple PHP remote file inclusion vulnerabilities in index/index_album.php in Valarsoft WebMatic 2....
E
CVE-2007-0840 Cross-site scripting (XSS) vulnerability in HLstats before 1.35 allows remote attackers to inject ar...
S
CVE-2007-0841 Multiple unspecified vulnerabilities in vbDrupal before 4.7.6.0 have unknown impact and remote attac...
S
CVE-2007-0842 The 64-bit versions of Microsoft Visual C++ 8.0 standard library (MSVCR80.DLL) time functions, inclu...
E S
CVE-2007-0843 The ReadDirectoryChangesW API function on Microsoft Windows 2000, XP, Server 2003, and Vista does no...
E
CVE-2007-0844 The auth_via_key function in pam_ssh.c in pam_ssh before 1.92, when the allow_blank_passphrase optio...
S
CVE-2007-0845 admin/index.php in Advanced Poll 2.0.0 through 2.0.5-dev allows remote attackers to bypass authentic...
E
CVE-2007-0846 Cross-site scripting (XSS) vulnerability in forum.php in Open Tibia Server CMS (OTSCMS) 2.1.5 and ea...
E
CVE-2007-0847 SQL injection vulnerability in mod/PM/reply.php in Open Tibia Server CMS (OTSCMS) 2.1.5 and earlier ...
E
CVE-2007-0848 PHP remote file inclusion vulnerability in classes/class_mail.inc.php in Maian Recipe 1.0 allows rem...
E
CVE-2007-0849 scripts/cronscript.php in SysCP 1.2.15 and earlier does not properly quote pathnames in user home di...
E S
CVE-2007-0850 scripts/cronscript.php in SysCP 1.2.15 and earlier includes and executes arbitrary PHP scripts that ...
E
CVE-2007-0851 Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, a...
S
CVE-2007-0852 Cross-site scripting (XSS) vulnerability in DevTrack 6.x allows remote attackers to inject arbitrary...
CVE-2007-0853 SQL injection vulnerability in DevTrack 6.0.3 allows remote attackers to execute arbitrary SQL comma...
CVE-2007-0854 Remote file inclusion vulnerability in scripts2/objcache in cPanel WebHost Manager (WHM) allows remo...
E
CVE-2007-0855 Stack-based buffer overflow in RARLabs Unrar, as packaged in WinRAR and possibly other products, all...
S
CVE-2007-0856 TmComm.sys 1.5.0.1052 in the Trend Micro Anti-Rootkit Common Module (RCM), with the VsapiNI.sys 3.32...
S
CVE-2007-0857 Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin before 1.5.7 allow remote attackers ...
S
CVE-2007-0859 The Find feature in Palm OS Treo smart phones operates despite the system password lock, which allow...
E
CVE-2007-0860 Multiple PHP remote file inclusion vulnerabilities in local Calendar System 1.1 allow remote attacke...
CVE-2007-0861 PHP remote file inclusion vulnerability in modules/mail/index.php in phpCOIN RC-1 and earlier allows...
CVE-2007-0862 PHP remote file inclusion vulnerability in index.php in gnopaste 0.5.3 and earlier allows remote att...
CVE-2007-0863 PHP remote file inclusion vulnerability in Trevorchan 0.7 and earlier allows remote attackers to exe...
CVE-2007-0864 SQL injection vulnerability in register.php in LushiWarPlaner 1.0 allows remote attackers to inject ...
E
CVE-2007-0865 SQL injection vulnerability in comments.php in LushiNews 1.01 and earlier allows remote authenticate...
E
CVE-2007-0866 Unspecified vulnerability in HP OpenView Storage Data Protector on HP-UX B.11.00, B.11.11, or B.11.2...
CVE-2007-0867 PHP remote file inclusion vulnerability in classes/menu.php in Site-Assistant 0990 and earlier allow...
E
CVE-2007-0868 Unspecified vulnerability in the Chat Room functionality in Yahoo! Messenger 8.1.0.239 and earlier a...
CVE-2007-0869 Cross-site scripting (XSS) vulnerability in the Attachment Manager (admincp/attachment.php) in Jelso...
CVE-2007-0870 Unspecified vulnerability in Microsoft Word 2000 allows remote attackers to cause a denial of servic...
CVE-2007-0871 Unrestricted file upload vulnerability in eXtremePow eXtreme File Hosting allows remote attackers to...
E
CVE-2007-0872 Directory traversal vulnerability in the Plain Old Webserver (POW) add-on before 0.0.9 for Mozilla F...
E
CVE-2007-0873 nabopoll 1.1.2 allows remote attackers to bypass authentication and access certain administrative fu...
E
CVE-2007-0874 Allons_voter 1.0 allows remote attackers to bypass authentication and access certain administrative ...
CVE-2007-0875 SQL injection vulnerability in install.php in mcRefer allows remote attackers to execute arbitrary S...
E
CVE-2007-0876 Cross-site scripting (XSS) vulnerability in Quick Digital Image Gallery (Qdig) 1.2.9.3 and devel-200...
S
CVE-2007-0877 Unspecified vulnerability in March Networks DVR 3000 and 4000 Digital Video Recorders allows attacke...
CVE-2007-0878 Unspecified vulnerability in Microsoft Internet Explorer on Windows Mobile 5.0 allows remote attacke...
CVE-2007-0879 Buffer overflow in SmidgeonSoft PEBrowse Professional 8.2.1.0 allows user-assisted remote attackers ...
CVE-2007-0880 Capital Request Forms stores sensitive information under the web root with insufficient access contr...
CVE-2007-0881 PHP remote file inclusion vulnerability in the Seitenschutz plugin for OPENi-CMS 1.0 allows remote a...
E
CVE-2007-0882 Argument injection vulnerability in the telnet daemon (in.telnetd) in Solaris 10 and 11 (SunOS 5.10 ...
E
CVE-2007-0883 Directory traversal vulnerability in portalgroups/portalgroups/getfile.cgi in IP3 NetAccess before f...
E S
CVE-2007-0884 Buffer overflow in Roaring Penguin MIMEDefang 2.59 and 2.60 allows remote attackers to cause a denia...
S
CVE-2007-0885 Cross-site scripting (XSS) vulnerability in jira/secure/BrowseProject.jspa in Rainbow with the Zen (...
CVE-2007-0886 Heap-based buffer underflow in axigen 1.2.6 through 2.0.0b1 allows remote attackers to cause a denia...
E
CVE-2007-0887 axigen 1.2.6 through 2.0.0b1 does not properly parse login credentials, which allows remote attacker...
E
CVE-2007-0888 Directory traversal vulnerability in the TFTP server in Kiwi CatTools before 3.2.0 beta allows remot...
CVE-2007-0889 Kiwi CatTools before 3.2.0 beta uses weak encryption ("reversible encoding") for passwords, account ...
CVE-2007-0890 Cross-site scripting (XSS) vulnerability in scripts/passwdmysql in cPanel WebHost Manager (WHM) 11.0...
E
CVE-2007-0891 Cross-site scripting (XSS) vulnerability in the GetCurrentCompletePath function in phpmyvisites.php ...
CVE-2007-0892 CRLF injection vulnerability in phpMyVisites before 2.2 allows remote attackers to inject arbitrary ...
CVE-2007-0893 Directory traversal vulnerability in phpMyVisites before 2.2 allows remote attackers to include arbi...
CVE-2007-0894 MediaWiki before 1.9.2 allows remote attackers to obtain sensitive information via a direct request ...
E S
CVE-2007-0895 Race condition in recursive directory deletion with the (1) -r or (2) -R option in rm in Solaris 8 t...
S
CVE-2007-0896 Cross-site scripting (XSS) vulnerability in the (1) Sage before 1.3.10, and (2) Sage++ extensions fo...
CVE-2007-0897 Clam AntiVirus ClamAV before 0.90 does not close open file descriptors under certain conditions, whi...
S
CVE-2007-0898 Directory traversal vulnerability in clamd in Clam AntiVirus ClamAV before 0.90 allows remote attack...
S
CVE-2007-0899 There is a possible heap overflow in libclamav/fsg.c before 0.100.0....
CVE-2007-0900 Multiple PHP remote file inclusion vulnerabilities in TagIt! Tagboard 2.1.B Build 2 and earlier, whe...
CVE-2007-0901 Multiple cross-site scripting (XSS) vulnerabilities in Info pages in MoinMoin 1.5.7 allow remote att...
CVE-2007-0902 Unspecified vulnerability in the "Show debugging information" feature in MoinMoin 1.5.7 allows remot...
CVE-2007-0903 Unspecified vulnerability in the mod_roster_odbc module in ejabberd before 1.1.3 has unknown impact ...
CVE-2007-0904 SQL injection vulnerability in projects.php in LightRO CMS 1.0 allows remote attackers to execute ar...
E
CVE-2007-0905 PHP before 5.2.1 allows attackers to bypass safe_mode and open_basedir restrictions via unspecified ...
S
CVE-2007-0906 Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause a denial of service and possi...
S
CVE-2007-0907 Buffer underflow in PHP before 5.2.1 allows attackers to cause a denial of service via unspecified v...
S
CVE-2007-0908 The WDDX deserializer in the wddx extension in PHP 5 before 5.2.1 and PHP 4 before 4.4.5 does not pr...
S
CVE-2007-0909 Multiple format string vulnerabilities in PHP before 5.2.1 might allow attackers to execute arbitrar...
CVE-2007-0910 Unspecified vulnerability in PHP before 5.2.1 allows attackers to "clobber" certain super-global var...
S
CVE-2007-0911 Off-by-one error in the str_ireplace function in PHP 5.2.1 might allow context-dependent attackers t...
E
CVE-2007-0912 Cross-Site Request Forgery (CSRF) vulnerability in admin/admin.adm.php in Jportal 2.3.1, and possibl...
CVE-2007-0913 Unspecified vulnerability in Microsoft Powerpoint allows remote user-assisted attackers to execute a...
CVE-2007-0914 Race condition in the TCP subsystem for Solaris 10 allows remote attackers to cause a denial of serv...
S
CVE-2007-0915 Distributed SLS daemon (SLSd) on HP-UX B.11.11 allows remote attackers to overwrite arbitrary files ...
CVE-2007-0916 Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality i...
CVE-2007-0917 The Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XE to 12.3T allows remote attackers ...
CVE-2007-0918 The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4X...
CVE-2007-0919 Directory traversal vulnerability in Nickolas Grigoriadis Mini Web server (MiniWebsvr) 0.0.6 allows ...
CVE-2007-0920 SQL injection vulnerability in philboard_forum.asp in Philboard 1.14 and earlier allows remote attac...
E
CVE-2007-0921 Portal Search allows remote attackers to redirect a URL to an arbitrary web site by placing the URL ...
CVE-2007-0922 Cross-site scripting (XSS) vulnerability in buscador/buscador.htm in Portal Search allows remote att...
E
CVE-2007-0923 buscador/buscador.htm in Portal Search allows remote attackers to obtain sensitive information (busi...
CVE-2007-0924 Till Gerken phpPolls 1.0.3 allows remote attackers to bypass authentication and perform certain admi...
CVE-2007-0925 Cross-site scripting (XSS) vulnerability in search/SearchResults.aspx in Community Server allows rem...
CVE-2007-0926 The dologin function in guestbook.php in KvGuestbook 1.0 Beta allows remote attackers to gain admini...
CVE-2007-0927 Heap-based buffer overflow in uTorrent 1.6 allows remote attackers to execute arbitrary code via a t...
E
CVE-2007-0928 Virtual Calendar stores sensitive information under the web root with insufficient access control, w...
CVE-2007-0929 Directory traversal vulnerability in php rrd browser before 0.2.1 allows remote attackers to read ar...
S
CVE-2007-0930 Variable extract vulnerability in Apache Stats before 0.0.3beta allows attackers to modify arbitrary...
S
CVE-2007-0931 Heap-based buffer overflow in the management interfaces in (1) Aruba Mobility Controllers 200, 800, ...
CVE-2007-0932 The (1) Aruba Mobility Controllers 200, 600, 2400, and 6000 and (2) Alcatel-Lucent OmniAccess Wirele...
CVE-2007-0933 Buffer overflow in the wireless driver 6.0.0.18 for D-Link DWL-G650+ (Rev. A1) on Windows XP allows ...
CVE-2007-0934 Unspecified vulnerability in Microsoft Visio 2002 allows remote user-assisted attackers to execute a...
CVE-2007-0935 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2007-0936 Multiple unspecified vulnerabilities in Microsoft Visio 2002 allow remote user-assisted attackers to...
CVE-2007-0937 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2007-0938 Microsoft Content Management Server (MCMS) 2001 SP1 and 2002 SP2 does not properly handle certain ch...
CVE-2007-0939 Cross-site scripting (XSS) vulnerability in Microsoft Content Management Server (MCMS) 2001 SP1 and ...
CVE-2007-0940 Unspecified vulnerability in the Cryptographic API Component Object Model Certificates ActiveX contr...
CVE-2007-0941 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2007-0942 Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; 6 and 7 on Wind...
CVE-2007-0943 Unspecified vulnerability in Internet Explorer 5.01 and 6 SP1 allows remote attackers to execute arb...
CVE-2007-0944 Unspecified vulnerability in the CTableCol::OnPropertyChange method in Microsoft Internet Explorer 5...
CVE-2007-0945 Microsoft Internet Explorer 6 SP1 on Windows 2000 SP4; 6 and 7 on Windows XP SP2, or Windows Server ...
CVE-2007-0946 Unspecified vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP...
CVE-2007-0947 Use-after-free vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003...
S
CVE-2007-0948 Heap-based buffer overflow in Microsoft Virtual PC 2004 and PC for Mac 7.1 and 7, and Virtual Server...
S
CVE-2007-0949 Stack-based buffer overflow in iTinySoft Studio Total Video Player 1.03, and possibly earlier, allow...
E
CVE-2007-0950 Cross-site scripting (XSS) vulnerability in listmain.asp in Fullaspsite ASP Hosting Site allows remo...
E
CVE-2007-0951 SQL injection vulnerability in listmain.asp in Fullaspsite ASP Hosting Site allows remote attackers ...
E
CVE-2007-0952 Multiple cross-site scripting (XSS) vulnerabilities in Scriptsez.net Virtual Calendar allow remote a...
CVE-2007-0953 Cross-site scripting (XSS) vulnerability in search.pl in @Mail 4.61 and earlier allows remote attack...
CVE-2007-0954 MOHA Chat 0.1b7 and earlier does not require authentication for use of the plug in API, which has un...
S
CVE-2007-0955 The NTLM_UnPack_Type3 function in MENTLM.dll in MailEnable Professional 2.35 and earlier allows remo...
CVE-2007-0956 The telnet daemon (telnetd) in MIT krb5 before 1.6.1 allows remote attackers to bypass authenticatio...
CVE-2007-0957 Stack-based buffer overflow in the krb5_klog_syslog function in the kadm5 library, as used by the Ke...
S
CVE-2007-0958 Linux kernel 2.6.x before 2.6.20 allows local users to read unreadable binaries by using the interpr...
CVE-2007-0959 Cisco PIX 500 and ASA 5500 Series Security Appliances 7.2.2, when configured to inspect certain TCP-...
S
CVE-2007-0960 Unspecified vulnerability in Cisco PIX 500 and ASA 5500 Series Security Appliances 7.2.2, when confi...
S
CVE-2007-0961 Cisco PIX 500 and ASA 5500 Series Security Appliances 6.x before 6.3(5.115), 7.0 before 7.0(5.2), an...
S
CVE-2007-0962 Cisco PIX 500 and ASA 5500 Series Security Appliances 7.0 before 7.0(4.14) and 7.1 before 7.1(2.1), ...
S
CVE-2007-0963 Unspecified vulnerability in Cisco Firewall Services Module (FWSM) 3.x before 3.1(3.3), when set to ...
S
CVE-2007-0964 Cisco FWSM 3.x before 3.1(3.18), when authentication is configured to use "aaa authentication match"...
S
CVE-2007-0965 Cisco FWSM 3.x before 3.1(3.2), when authentication is configured to use "aaa authentication match" ...
S
CVE-2007-0966 Cisco Firewall Services Module (FWSM) 3.x before 3.1(3.11), when the HTTPS server is enabled, allows...
S
CVE-2007-0967 Cisco Firewall Services Module (FWSM) 3.x before 3.1(3.1) allows remote attackers to cause a denial ...
S
CVE-2007-0968 Unspecified vulnerability in Cisco Firewall Services Module (FWSM) before 2.3(4.7) and 3.x before 3....
S
CVE-2007-0969 Multiple cross-site scripting (XSS) vulnerabilities in WebTester 5.0.20060927 and earlier allow remo...
E
CVE-2007-0970 Multiple SQL injection vulnerabilities in WebTester 5.0.20060927 and earlier allow remote attackers ...
E
CVE-2007-0971 Multiple SQL injection vulnerabilities in Jupiter CMS 1.1.5 allow remote attackers to execute arbitr...
E
CVE-2007-0972 Unrestricted file upload vulnerability in modules/emoticons.php in Jupiter CMS 1.1.5 allows remote a...
E
CVE-2007-0973 Multiple cross-site scripting (XSS) vulnerabilities in index.php in Jupiter CMS 1.1.5 allow remote a...
E
CVE-2007-0974 Multiple unspecified vulnerabilities in Ian Bezanson DropBox before 0.0.4 beta have unknown impact a...
CVE-2007-0975 Variable extraction vulnerability in Ian Bezanson Apache Stats before 0.0.3 beta allows attackers to...
S
CVE-2007-0976 Buffer overflow in the ActSoft DVD-Tools ActiveX control (dvdtools.ocx) allows remote attackers to e...
E
CVE-2007-0977 IBM Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores HTTPPassword...
E
CVE-2007-0978 Buffer overflow in swcons in IBM AIX 5.3 allows local users to gain privileges via long input data....
CVE-2007-0979 Unspecified vulnerability in LifeType before 1.1.6, and 1.2 before 1.2-beta2, allows remote attacker...
CVE-2007-0980 Unspecified vulnerability in HP Serviceguard for Linux; packaged for SuSE SLES8 and United Linux 1.0...
S
CVE-2007-0981 Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey befo...
E
CVE-2007-0982 Cross-site scripting (XSS) vulnerability in error.php in TaskFreak! 0.5.5 allows remote attackers to...
E
CVE-2007-0983 PHP remote file inclusion vulnerability in _admin/nav.php in AT Contenator 1.0 and earlier allows re...
E
CVE-2007-0984 SQL injection vulnerability in admin_poll.asp in PollMentor 2.0 allows remote attackers to execute a...
E
CVE-2007-0985 SQL injection vulnerability in nickpage.php in phpCC 4.2 beta and earlier allows remote attackers to...
E
CVE-2007-0986 PHP remote file inclusion vulnerability in index.php in Jupiter CMS 1.1.5, when PHP 5.0.0 or later i...
E
CVE-2007-0987 Directory traversal vulnerability in index.php in Jupiter CMS 1.1.5 allows remote attackers to inclu...
E
CVE-2007-0988 The zend_hash_init function in PHP 5 before 5.2.1 and PHP 4 before 4.4.5, when running on a 64-bit p...
S
CVE-2007-0989 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2007-0990 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2007-0991 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2007-0992 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2007-0993 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-0933. Reason: This candida...
R
CVE-2007-0994 A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 ...
E S
CVE-2007-0995 Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 ignores trailing ...
S
CVE-2007-0996 The child frames in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0...
S
CVE-2007-0997 Race condition in the tee (sys_tee) system call in the Linux kernel 2.6.17 through 2.6.17.6 might al...
CVE-2007-0998 The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local ...
S
CVE-2007-0999 Format string vulnerability in Ekiga 2.0.3, and probably other versions, allows remote attackers to ...
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.