| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2007-5000 | Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 ... | | |
| CVE-2007-5001 | Linux kernel before 2.4.21 allows local users to cause a denial of service (kernel panic) via asynch... | | |
| CVE-2007-5002 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2007-5003 | Multiple stack-based buffer overflows in CA (Computer Associates) BrightStor ARCserve Backup for Lap... | S | |
| CVE-2007-5004 | Integer overflow in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11... | S | |
| CVE-2007-5005 | Directory traversal vulnerability in rxRPC.dll in CA (Computer Associates) BrightStor ARCserve Backu... | S | |
| CVE-2007-5006 | Multiple command handlers in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Des... | S | |
| CVE-2007-5007 | Stack-based buffer overflow in the ir_fetch_seq function in balsa before 2.3.20 might allow remote I... | E S | |
| CVE-2007-5008 | The logins command in HP-UX B.11.31, B.11.23, and B.11.11 does not correctly report password status,... | | |
| CVE-2007-5009 | PHP remote file inclusion vulnerability in language/lang_german/lang_main_album.php in phpBB Plus 1.... | E | |
| CVE-2007-5010 | Cross-site scripting (XSS) vulnerability in WebBatch allows remote attackers to inject arbitrary web... | | |
| CVE-2007-5011 | webbatch.exe in WebBatch allows remote attackers to obtain sensitive information via the dumpinputda... | | |
| CVE-2007-5012 | Cross-site scripting (XSS) vulnerability in picture.php in PhpWebGallery 1.7.0, when Comments for al... | | |
| CVE-2007-5013 | Multiple cross-site scripting (XSS) vulnerabilities in index.php in Phormer 3.31 allow remote attack... | E | |
| CVE-2007-5014 | Multiple PHP remote file inclusion vulnerabilities in pSlash 0.70 allow remote attackers to execute ... | E | |
| CVE-2007-5015 | Multiple PHP remote file inclusion vulnerabilities in Streamline PHP Media Server 1.0-beta4 allow re... | E | |
| CVE-2007-5016 | SQL injection vulnerability in userreviews.php in OneCMS 2.4 allows remote attackers to execute arbi... | E | |
| CVE-2007-5017 | Absolute path traversal vulnerability in a certain ActiveX control in the CYFT object in ft60.dll in... | E | |
| CVE-2007-5018 | Stack-based buffer overflow in IMAPD in Mercury/32 4.52 allows remote authenticated users to execute... | E | |
| CVE-2007-5019 | Buffer overflow in the Sun Java Web Start ActiveX control in Java Runtime Environment (JRE) 1.6.0_X ... | E | |
| CVE-2007-5020 | Unspecified vulnerability in Adobe Acrobat and Reader 8.1 on Windows allows remote attackers to exec... | | |
| CVE-2007-5021 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-4880. Reason: This candida... | R | |
| CVE-2007-5022 | Unspecified vulnerability in certain IBM Tivoli Storage Manager (TSM) clients 5.1 before 5.1.8.1, 5.... | S | |
| CVE-2007-5023 | Unquoted Windows search path vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.... | S | |
| CVE-2007-5024 | EMC VMware Server before 1.0.4 Build 56528 writes passwords in cleartext to unspecified log files, w... | S | |
| CVE-2007-5025 | Unspecified vulnerability in EMC VMware ACE before 1.0.3 Build 54075 allows attackers to have an unk... | S | |
| CVE-2007-5026 | dBlog CMS, probably 2.0, stores sensitive information under the web root with insufficient access co... | | |
| CVE-2007-5027 | Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/ddns in the web management panel for ... | | |
| CVE-2007-5028 | Dibbler 0.6.0 on Linux uses weak world-writable permissions for unspecified files in /var/lib/dibble... | S | |
| CVE-2007-5029 | Dibbler 0.6.0 does not verify that certain length parameters are appropriate for buffer sizes, which... | S | |
| CVE-2007-5030 | Multiple integer overflows in Dibbler 0.6.0 allow remote attackers to cause a denial of service (dae... | S | |
| CVE-2007-5031 | The TSrvOptIA_NA::rebind method in SrvOptions/SrvOptIA_NA.cpp in Dibbler 0.6.0 allows remote attacke... | S | |
| CVE-2007-5032 | Cross-site request forgery (CSRF) vulnerability in admin.php in Francisco Burzi PHP-Nuke allows remo... | | |
| CVE-2007-5033 | Cross-site scripting (XSS) vulnerability in profile.php in phpBB XS 2 allows remote attackers to inj... | | |
| CVE-2007-5034 | ELinks before 0.11.3, when sending a POST request for an https URL, appends the body and content hea... | | |
| CVE-2007-5035 | PHP remote file inclusion vulnerability in html/modules/extranet_profile/main.php in openEngine 1.9 ... | | |
| CVE-2007-5036 | Multiple buffer overflows in the AirDefense Airsensor M520 with firmware 4.3.1.1 and 4.4.1.4 allow r... | E | |
| CVE-2007-5037 | Buffer overflow in the inotifytools_snprintf function in src/inotifytools.c in the inotify-tools lib... | S | |
| CVE-2007-5038 | The offer_account_by_email function in User.pm in the WebService for Bugzilla before 3.0.2, and 3.1.... | E S | |
| CVE-2007-5039 | Ghost Security Suite beta 1.110 does not properly validate certain parameters to System Service Desc... | | |
| CVE-2007-5040 | Ghost Security Suite alpha 1.200 does not properly validate certain parameters to System Service Des... | | |
| CVE-2007-5041 | G DATA InternetSecurity 2007 does not properly validate certain parameters to System Service Descrip... | | |
| CVE-2007-5042 | Outpost Firewall Pro 4.0.1025.7828 does not properly validate certain parameters to System Service D... | | |
| CVE-2007-5043 | Kaspersky Internet Security 7.0.0.125 does not properly validate certain parameters to System Servic... | | |
| CVE-2007-5044 | ZoneAlarm Pro 7.0.362.000 does not properly validate certain parameters to System Service Descriptor... | | |
| CVE-2007-5045 | Argument injection vulnerability in Apple QuickTime 7.1.5 and earlier, when running on systems with ... | S | |
| CVE-2007-5046 | Cross-site scripting (XSS) vulnerability in the Webmail interface for IceWarp Merak Mail Server befo... | S | |
| CVE-2007-5047 | Norton Internet Security 2008 15.0.0.60 does not properly validate certain parameters to System Serv... | | |
| CVE-2007-5048 | Heap-based buffer overflow in Lhaplus before 1.55 allows remote attackers to execute arbitrary code ... | E S | |
| CVE-2007-5049 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-3387. Reason: This candida... | R | |
| CVE-2007-5050 | Directory traversal vulnerability in index.php in Neuron News 1.0 allows remote attackers to include... | E | |
| CVE-2007-5051 | Multiple cross-site scripting (XSS) vulnerabilities in PhpGedView 4.1.1 allow remote attackers to in... | | |
| CVE-2007-5052 | Multiple cross-site scripting (XSS) vulnerabilities in index.php in Vigile CMS 1.8 allow remote atta... | | |
| CVE-2007-5053 | Multiple incomplete blacklist vulnerabilities in iziContents 1 RC6 and earlier allow remote attacker... | E | |
| CVE-2007-5054 | Multiple PHP remote file inclusion vulnerabilities in iziContents 1 RC6 and earlier allow remote att... | E | |
| CVE-2007-5055 | Multiple directory traversal vulnerabilities in iziContents 1 RC6 and earlier allow remote attackers... | E | |
| CVE-2007-5056 | Eval injection vulnerability in adodb-perf-module.inc.php in ADOdb Lite 1.42 and earlier, as used in... | E | |
| CVE-2007-5057 | NetSupport Manager Client before 10.20.0004 allows remote attackers to bypass the (1) basic and (2) ... | | |
| CVE-2007-5058 | Cross-site scripting (XSS) vulnerability in the Web administration interface in Barracuda Spam Firew... | | |
| CVE-2007-5059 | Multiple cross-site scripting (XSS) vulnerabilities in GreenSQL allow remote attackers to inject arb... | | |
| CVE-2007-5060 | Cross-site request forgery (CSRF) vulnerability in the cpass functionality in an admin action in ind... | | |
| CVE-2007-5061 | SQL injection vulnerability in mods/banners/navlist.php in Clansphere 2007.4 allows remote attackers... | E | |
| CVE-2007-5062 | account.php in Adam Scheinberg Flip 3.0 and earlier allows remote attackers to create administrative... | E | |
| CVE-2007-5063 | Adam Scheinberg Flip 3.0 and earlier stores sensitive information under the web root with insufficie... | E | |
| CVE-2007-5064 | Buffer overflow in a certain ActiveX control in Xunlei Web Thunder 5.6.9.344, possibly the DapPlayer... | E | |
| CVE-2007-5065 | PHP remote file inclusion vulnerability in admin.slideshow1.php in the Flash Slide Show (com_slidesh... | E | |
| CVE-2007-5066 | Unspecified vulnerability in Webmin before 1.370 on Windows allows remote authenticated users to exe... | S | |
| CVE-2007-5067 | Multiple buffer overflows in iMatix Xitami Web Server 2.5c2 allow remote attackers to execute arbitr... | E | |
| CVE-2007-5068 | SQL injection vulnerability in index.php in phpFullAnnu (PFA) 6.0 allows remote attackers to execute... | E | |
| CVE-2007-5069 | Directory traversal vulnerability in data/compatible.php in the Nuke Mobile Entertainment 1 addon fo... | E | |
| CVE-2007-5070 | Heap-based buffer overflow in the EasyMailMessagePrinter ActiveX control in emprint.DLL 6.0.1.0 in t... | E | |
| CVE-2007-5071 | Incomplete blacklist vulnerability in upload_img_cgi.php in Simple PHP Blog before 0.5.1 allows remo... | | |
| CVE-2007-5072 | Multiple cross-site scripting (XSS) vulnerabilities in Simple PHP Blog (SPHPBlog) before 0.5.1, when... | | |
| CVE-2007-5078 | Multiple cross-site scripting (XSS) vulnerabilities in eGov Manager allow remote attackers to inject... | | |
| CVE-2007-5079 | Red Hat Enterprise Linux 4 does not properly compile and link gdm with tcp_wrappers on x86_64 platfo... | | |
| CVE-2007-5080 | Integer overflow in RealNetworks RealPlayer 10 and 10.5, RealOne Player 1, and RealPlayer Enterprise... | S | |
| CVE-2007-5081 | Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player... | S | |
| CVE-2007-5082 | Multiple stack-based buffer overflows in Computer Associates (CA) BrightStor Hierarchical Storage Ma... | S | |
| CVE-2007-5083 | Multiple integer overflows in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM)... | S | |
| CVE-2007-5084 | Multiple SQL injection vulnerabilities in Computer Associates (CA) BrightStor Hierarchical Storage M... | S | |
| CVE-2007-5085 | Unspecified vulnerability in the management EJB (MEJB) in Apache Geronimo before 2.0.2 allows remote... | | |
| CVE-2007-5086 | Kaspersky Anti-Virus (KAV) and Internet Security 7.0 build 125 do not properly validate certain para... | E | |
| CVE-2007-5087 | The ATM module in the Linux kernel before 2.4.35.3, when CLIP support is enabled, allows local users... | | |
| CVE-2007-5088 | Cross-site scripting (XSS) vulnerability in search/cust_bill_event.cgi in Freeside 1.7.2 allows remo... | | |
| CVE-2007-5089 | PHP remote file inclusion vulnerability in php-inc/log.inc.php in sk.log 0.5.3 and earlier allows re... | E | |
| CVE-2007-5090 | Unspecified vulnerability in IBM Rational ClearQuest (CQ), when a Microsoft SQL Server or an IBM DB2... | | |
| CVE-2007-5091 | Multiple cross-site scripting (XSS) vulnerabilities in eGroupWare 1.4.001 allow remote attackers to ... | S | |
| CVE-2007-5092 | Directory traversal vulnerability in index.php in the Dance Music module for phpNuke, when register_... | | |
| CVE-2007-5093 | The disconnect method in the Philips USB Webcam (pwc) driver in Linux kernel 2.6.x before 2.6.22.6 "... | | |
| CVE-2007-5094 | Heap-based buffer overflow in iaspam.dll in the SMTP Server in Ipswitch IMail Server 8.01 through 8.... | E | |
| CVE-2007-5095 | Microsoft Windows Media Player (WMP) 9 on Windows XP SP2 invokes Internet Explorer to render HTML do... | | |
| CVE-2007-5096 | PHP remote file inclusion vulnerability in modules/webmail2/inc/rfc822.php in guanxiCRM Business Sol... | E | |
| CVE-2007-5097 | PHP remote file inclusion vulnerability in lib/classes/offl_nflteam.php in Online Fantasy Football L... | E | |
| CVE-2007-5098 | Multiple PHP remote file inclusion vulnerabilities in DFD Cart 1.1.4 and earlier, when register_glob... | E | |
| CVE-2007-5099 | PHP remote file inclusion vulnerability in show.php in David Watters Helplink 0.1.0 allows remote at... | E | |
| CVE-2007-5100 | Multiple PHP remote file inclusion vulnerabilities in phpBB Plus 1.53, and 1.53a before 20070922, wh... | S | |
| CVE-2007-5101 | ChironFS before 1.0 RC7 sets user/group ownership to the mounter account instead of the creator acco... | E | |
| CVE-2007-5102 | PHP remote file inclusion vulnerability in config.inc.php in Wordsmith 1.0 RC1, when register_global... | E | |
| CVE-2007-5103 | Directory traversal vulnerability in config.inc.php in Wordsmith 1.0 RC1, when register_globals is e... | E | |
| CVE-2007-5104 | SQL injection vulnerability in index.php in the Arcade module in bcoos 1.0.10 allows remote attacker... | | |
| CVE-2007-5105 | Cross-site scripting (XSS) vulnerability in wp-register.php in WordPress 2.0 and 2.0.1 allows remote... | | |
| CVE-2007-5106 | Cross-site scripting (XSS) vulnerability in wp-register.php in WordPress 2.0 allows remote attackers... | E | |
| CVE-2007-5107 | Stack-based buffer overflow in the AskJeevesToolBar.SettingsPlugin.1 ActiveX control in askBar.dll i... | E | |
| CVE-2007-5108 | Unspecified vulnerability in IAC Search & Media ask.com toolbar has unknown impact and remote attack... | | |
| CVE-2007-5109 | Cross-site request forgery (CSRF) vulnerability in index.php in FlatNuke 2.6, and possibly 3, allows... | | |
| CVE-2007-5110 | Absolute path traversal vulnerability in the EbCrypt.eb_c_PRNGenerator.1 ActiveX control in EBCRYPT.... | E | |
| CVE-2007-5111 | A certain ActiveX control in EBCRYPT.DLL 2.0 in EB Design ebCrypt allows remote attackers to cause a... | E | |
| CVE-2007-5112 | Cross-site scripting (XSS) vulnerability in session.cgi (aka the login page) in Google Urchin 5 5.7.... | E | |
| CVE-2007-5113 | report.cgi in Google Urchin allows remote attackers to bypass authentication and obtain sensitive in... | | |
| CVE-2007-5114 | PHP remote file inclusion vulnerability in include/plugin/block.t.php in Peter Schmidt phpmyProfiler... | E | |
| CVE-2007-5115 | Multiple PHP remote file inclusion vulnerabilities in Ekke Doerre Contenido 42VariablVersion (42VV10... | E | |
| CVE-2007-5116 | Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Pe... | S | |
| CVE-2007-5117 | Multiple PHP remote file inclusion vulnerabilities in FrontAccounting (FA) 1.13, when register_globa... | E | |
| CVE-2007-5118 | Unspecified vulnerability in the HID (Human Interface Device) class driver in Sun Solaris 8, 9, and ... | S | |
| CVE-2007-5119 | JSPWiki 2.4.103 and 2.5.139-beta allows remote attackers to obtain sensitive information (full path)... | S | |
| CVE-2007-5120 | Multiple cross-site scripting (XSS) vulnerabilities in JSPWiki 2.4.103 and 2.5.139-beta allow remote... | E S | |
| CVE-2007-5121 | Cross-site scripting (XSS) vulnerability in JSPWiki 2.5.139-beta allows remote attackers to inject a... | E S | |
| CVE-2007-5122 | SQL injection vulnerability in store_info.php in SoftBiz Classifieds PLUS allows remote attackers to... | E | |
| CVE-2007-5123 | SQL injection vulnerability in notas.asp in Novus 1.0 allows remote attackers to execute arbitrary S... | E | |
| CVE-2007-5124 | The embedded Internet Explorer server control in AOL Instant Messenger (AIM) 6.5.3.12 and earlier al... | | |
| CVE-2007-5125 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-1171. Reason: This candida... | R | |
| CVE-2007-5126 | Unspecified vulnerability in the client in Symantec Veritas Backup Exec for Windows Servers 11d has ... | | |
| CVE-2007-5127 | Multiple cross-site scripting (XSS) vulnerabilities in SimpGB 1.46.02 allow remote attackers to inje... | E S | |
| CVE-2007-5128 | SimpNews 2.41.03 on Windows, when PHP before 5.0.0 is used, allows remote attackers to obtain sensit... | S | |
| CVE-2007-5129 | SimpGB 1.46.02 stores sensitive information under the web root with insufficient access control, whi... | S | |
| CVE-2007-5130 | SimpGB 1.46.02 allows remote attackers to obtain sensitive information via (1) an invalid lang param... | S | |
| CVE-2007-5131 | SQL injection vulnerability in index.php in Interspire ActiveKB NX 2.x allows remote attackers to ex... | E | |
| CVE-2007-5132 | Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of ser... | S | |
| CVE-2007-5133 | Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of... | E | |
| CVE-2007-5134 | Cisco Catalyst 6500 and Cisco 7600 series devices use 127/8 IP addresses for Ethernet Out-of-Band Ch... | E S | |
| CVE-2007-5135 | Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up ... | | |
| CVE-2007-5136 | Cross-site scripting (XSS) vulnerability in DFD Cart 1.1.4 and earlier allows remote attackers to in... | S | |
| CVE-2007-5137 | Buffer overflow in the ReadImage function in generic/tkImgGIF.c in Tcl (Tcl/Tk) 8.4.13 through 8.4.1... | S | |
| CVE-2007-5138 | PHP remote file inclusion vulnerability in forum/forum.php in lustig.cms BETA 2.5 allows remote atta... | E | |
| CVE-2007-5139 | PHP remote file inclusion vulnerability in admin/include/header.php in chupix 0.2.3, when register_g... | E | |
| CVE-2007-5140 | PHP remote file inclusion vulnerability in includes/archive/archive_topic.php in IntegraMOD Nederlan... | E | |
| CVE-2007-5141 | SQL injection vulnerability in search.php in SiteX CMS 0.7.3 Beta allows remote attackers to execute... | E | |
| CVE-2007-5142 | Cross-site scripting (XSS) vulnerability in buscar.asp in Solidweb Novus 1.0 allows remote attackers... | E | |
| CVE-2007-5143 | F-Secure Anti-Virus for Windows Servers 7.0 64-bit edition allows local users to bypass virus scanni... | S | |
| CVE-2007-5144 | Buffer overflow in the GDI engine in Windows Live Messenger, as used for Windows MSN Live 8.1, allow... | | |
| CVE-2007-5145 | Multiple buffer overflows in system DLL files in Microsoft Windows XP, as used by Microsoft Windows ... | E | |
| CVE-2007-5146 | Multiple PHP remote file inclusion vulnerabilities in dedi-group Der Dirigent 1.0 allow remote attac... | | |
| CVE-2007-5147 | Multiple PHP remote file inclusion vulnerabilities in Puzzle Apps CMS 2.2.1 allow remote attackers t... | | |
| CVE-2007-5148 | Multiple PHP remote file inclusion vulnerabilities in FrontAccounting (FA) 1.12 allow remote attacke... | | |
| CVE-2007-5149 | PHP remote file inclusion vulnerability in NewsCMS/news/newstopic_inc.php in North Country Public Ra... | E | |
| CVE-2007-5150 | SQL injection vulnerability in the is_god function in includes/nukesentinel.php in NukeSentinel 2.5.... | S | |
| CVE-2007-5151 | SQL injection vulnerability in the abget_admin function in includes/nukesentinel.php in NukeSentinel... | | |
| CVE-2007-5152 | Sun Java System Access Manager 7.1, when installed in a Sun Java System Application Server 9.1 conta... | | |
| CVE-2007-5153 | Unspecified vulnerability in Sun Java System Access Manager 7.1, when installed in a Sun Java System... | | |
| CVE-2007-5154 | Session fixation vulnerability in Aipo and Aipo ASP 3.0.1.0 and earlier allows remote attackers to h... | S | |
| CVE-2007-5155 | IceGUI.DLL in ICEOWS 4.20b invokes a function with incorrect arguments, which allows user-assisted r... | E | |
| CVE-2007-5156 | Incomplete blacklist vulnerability in editor/filemanager/upload/php/upload.php in FCKeditor, as used... | E | |
| CVE-2007-5157 | PHP remote file inclusion vulnerability in phfito-post.php in Alex Kocharin PHP Fidonet Tosser (PhFi... | E | |
| CVE-2007-5158 | The focus handling for the onkeydown event in Microsoft Internet Explorer 6.0 allows remote attacker... | | |
| CVE-2007-5159 | The ntfs-3g package before 1.913-2.fc7 in Fedora 7, and an ntfs-3g package in Ubuntu 7.10/Gutsy, ass... | | |
| CVE-2007-5160 | Multiple PHP remote file inclusion vulnerabilities in Thierry Leriche Restaurant Management System (... | E | |
| CVE-2007-5161 | Cross-zone scripting vulnerability in the internal browser in i-Systems Feedreader 3.10 allows remot... | | |
| CVE-2007-5162 | The connect method in lib/net/http.rb in the (1) Net::HTTP and (2) Net::HTTPS libraries in Ruby 1.8.... | S | |
| CVE-2007-5163 | PHP remote file inclusion vulnerability in includes/functions/layout.php in Nexty 1.01.A Beta allows... | E | |
| CVE-2007-5164 | PHP remote file inclusion vulnerability in htmls/forum/includes/topic_review.php in UniversiBO 1.3.4... | E | |
| CVE-2007-5165 | PHP remote file inclusion vulnerability in init.php in Jens Tkotz myIpacNG-stats (MINGS) 0.05 allows... | | |
| CVE-2007-5166 | Multiple PHP remote file inclusion vulnerabilities in SiteSys 1.0a allow remote attackers to execute... | E | |
| CVE-2007-5167 | PHP remote file inclusion vulnerability in .systeme/fonctions.php in phpLister 0.5-pre2 allows remot... | E | |
| CVE-2007-5168 | Multiple PHP remote file inclusion vulnerabilities in ClanLite 1.23.01.2005 allow remote attackers t... | E | |
| CVE-2007-5169 | Stack-based buffer overflow in MAIPM6.dll in Adobe PageMaker 7.0.1 and 7.0.2 on Windows allows user-... | S | |
| CVE-2007-5170 | Unspecified vulnerability in the embedded service processor (SP) before 3.09 in Sun Fire X2100 M2 an... | S | |
| CVE-2007-5171 | Unspecified vulnerability in Quicksilver Forums before 1.4.1 allows remote attackers to delete arbit... | S | |
| CVE-2007-5172 | Quicksilver Forums before 1.4.1 allows remote attackers to obtain sensitive information by causing u... | S | |
| CVE-2007-5173 | PHP remote file inclusion vulnerability in includes/openid/Auth/OpenID/BBStore.php in phpBB Openid 0... | E | |
| CVE-2007-5174 | Directory traversal vulnerability in phpinc/news.php in actSite 1.56 allows remote attackers to incl... | E S | |
| CVE-2007-5175 | PHP remote file inclusion vulnerability lib/base.php in actSite 1.991 Beta allows remote attackers t... | E | |
| CVE-2007-5176 | Multiple cross-site scripting (XSS) vulnerabilities in GroupLink eHelpDesk 6.2.2 allow remote attack... | | |
| CVE-2007-5177 | SQL injection vulnerability in index.php in the MambAds (com_mambads) 1.5 and earlier component for ... | E | |
| CVE-2007-5178 | contrib/mx_glance_sdesc.php in the mx_glance 2.3.3 module for mxBB places a critical security check ... | E | |
| CVE-2007-5179 | Multiple cross-site scripting (XSS) vulnerabilities in iletisim.asp in Y&K Iletisim Formu allow remo... | | |
| CVE-2007-5180 | Multiple SQL injection vulnerabilities in Ohesa Emlak Portali allow remote attackers to execute arbi... | | |
| CVE-2007-5181 | SQL injection vulnerability in detay.asp in Netkamp Emlak Scripti allows remote attackers to execute... | E | |
| CVE-2007-5182 | Cross-site scripting (XSS) vulnerability in mail.asp in Netkamp Emlak Scripti allows remote attacker... | | |
| CVE-2007-5183 | Cross-site scripting (XSS) vulnerability in Mailbox.mws in OdysseySuite, possibly 4.0.729, allows re... | E | |
| CVE-2007-5184 | Format string vulnerability in the SMBDirList function in dirlist.c in SmbFTPD 0.96 allows remote at... | E S | |
| CVE-2007-5185 | Multiple PHP remote file inclusion vulnerabilities in phpWCMS XT 0.0.7 BETA and earlier allow remote... | E | |
| CVE-2007-5186 | PHP remote file inclusion vulnerability in index.php in Segue CMS 1.8.4 and earlier, when register_g... | E | |
| CVE-2007-5187 | SQL injection vulnerability in infusions/calendar_events_panel/show_single.php in the Expanded Calen... | E | |
| CVE-2007-5188 | Unspecified vulnerability in the XOOPS uploader class in Xoops 2.0.17.1-RC1 and earlier allows remot... | S | |
| CVE-2007-5189 | Multiple SQL injection vulnerabilities in mes_add.php in x-script GuestBook 1.3a, when magic_quotes_... | | |
| CVE-2007-5190 | Multiple cross-site scripting (XSS) vulnerabilities in Alcatel OmniVista 4760 R4.2 and earlier allow... | E S | |
| CVE-2007-5191 | mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the wrong ... | | |
| CVE-2007-5193 | The default configuration for twiki 4.1.2 on Debian GNU/Linux, and possibly other operating systems,... | | |
| CVE-2007-5194 | The Chroot server in rMake 1.0.11 creates a /dev/zero device file with read/write permissions for th... | | |
| CVE-2007-5195 | Unspecified vulnerability in the SSL implementation in Groupwise client system in the novell-groupwi... | S | |
| CVE-2007-5196 | Unspecified vulnerability in the SSL implementation in Groupwise client system in the novell-groupwi... | | |
| CVE-2007-5197 | Buffer overflow in the Mono.Math.BigInteger class in Mono 1.2.5.1 and earlier allows context-depende... | | |
| CVE-2007-5198 | Buffer overflow in the redir function in check_http.c in Nagios Plugins before 1.4.10, when running ... | E | |
| CVE-2007-5199 | A single byte overflow in catalogue.c in X.Org libXfont 1.3.1 allows remote attackers to have unspec... | E | |
| CVE-2007-5200 | hugin, as used on various operating systems including SUSE openSUSE 10.2 and 10.3, allows local user... | | |
| CVE-2007-5201 | The FTP backend for Duplicity before 0.4.9 sends the password as a command line argument when callin... | | |
| CVE-2007-5207 | guilt 0.27 allows local users to overwrite arbitrary files via a symlink attack on a guilt.log.[PID]... | E | |
| CVE-2007-5208 | hpssd in Hewlett-Packard Linux Imaging and Printing Project (hplip) 1.x and 2.x before 2.7.10 allows... | S | |
| CVE-2007-5209 | Stack-based buffer overflow in DriveLock.exe in CenterTools DriveLock 5.0 allows remote attackers to... | | |
| CVE-2007-5210 | Arbor Networks Peakflow SP before 3.5.1 patch 14, and 3.6.x before 3.6.1 patch 5, allows remote auth... | S | |
| CVE-2007-5211 | Multiple cross-site scripting (XSS) vulnerabilities in Arbor Networks Peakflow SP 3.5.1 before patch... | S | |
| CVE-2007-5212 | Multiple cross-site scripting (XSS) vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmwa... | E | |
| CVE-2007-5213 | Multiple cross-site request forgery (CSRF) vulnerabilities in the AXIS 2100 Network Camera 2.02 with... | E | |
| CVE-2007-5214 | Multiple cross-site scripting (XSS) vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmwa... | E | |
| CVE-2007-5215 | Multiple PHP remote file inclusion vulnerabilities in Jacob Hinkle GodSend 0.6 allow remote attacker... | E | |
| CVE-2007-5216 | Multiple PHP remote file inclusion vulnerabilities in eArk (e-Ark) 1.0 allow remote attackers to exe... | E | |
| CVE-2007-5217 | Stack-based buffer overflow in the ADM4 ActiveX control in adm4.dll in Altnet Download Manager 4.0.0... | | |
| CVE-2007-5218 | Cross-site scripting (XSS) vulnerability in index.php in Don Barnes DRBGuestbook 1.1.13 allows remot... | | |
| CVE-2007-5219 | Directory traversal vulnerability in the CLAVSetting.CLSetting.1 ActiveX control in CLAVSetting.DLL ... | E | |
| CVE-2007-5220 | SQL injection vulnerability in catalog.asp in ASP Product Catalog allows remote attackers to execute... | E | |
| CVE-2007-5221 | PHP remote file inclusion vulnerability in mail/childwindow.inc.php in Poppawid 2.7 allows remote at... | E | |
| CVE-2007-5222 | SQL injection vulnerability in index.php in MAXdev MDPro (MD-Pro) 1.0.76 allows remote attackers to ... | E S | |
| CVE-2007-5223 | Multiple unspecified vulnerabilities in AlstraSoft Affiliate Network Pro allow remote attackers to i... | | |
| CVE-2007-5224 | inc/exif.inc.php in Original Photo Gallery 0.11.2 and earlier allows remote attackers to execute arb... | E | |
| CVE-2007-5225 | Integer signedness error in FIFO filesystems (named pipes) on Sun Solaris 8 through 10 allows local ... | E | |
| CVE-2007-5226 | irc_server.c in dircproxy 1.2.0 and earlier allows remote attackers to cause a denial of service (se... | | |
| CVE-2007-5227 | Multiple cross-site scripting (XSS) vulnerabilities in messaging/course/composeMessage.jsp in BlackB... | | |
| CVE-2007-5228 | Cross-site scripting (XSS) vulnerability in the subscription functionality in the Project issue trac... | S | |
| CVE-2007-5229 | Cross-site request forgery (CSRF) vulnerability in the FeedBurner FeedSmith 2.2 plugin for WordPress... | E S | |
| CVE-2007-5230 | admin/upload_files.php in Zomplog 3.8.1 and earlier does not check for administrative credentials, w... | E S | |
| CVE-2007-5231 | Unrestricted file upload vulnerability in admin/upload_files.php in Zomplog 3.8.1 and earlier allows... | E S | |
| CVE-2007-5232 | Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 ... | S | |
| CVE-2007-5233 | SQL injection vulnerability in index.php in Web Template Management System 1.3 allows remote attacke... | E | |
| CVE-2007-5234 | PHP remote file inclusion vulnerability in upload/common/footer.php in Ossigeno CMS 2.2 alpha3 allow... | E | |
| CVE-2007-5235 | Cross-site scripting (XSS) vulnerability in index.php in Uebimiau 2.7.2 through 2.7.10 allows remote... | E | |
| CVE-2007-5236 | Java Web Start in Sun JDK and JRE 5.0 Update 12 and earlier, and SDK and JRE 1.4.2_15 and earlier, o... | S | |
| CVE-2007-5237 | Java Web Start in Sun JDK and JRE 6 Update 2 and earlier does not properly enforce access restrictio... | S | |
| CVE-2007-5238 | Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, and... | S | |
| CVE-2007-5239 | Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK... | S | |
| CVE-2007-5240 | Visual truncation vulnerability in the Java Runtime Environment in Sun JDK and JRE 6 Update 2 and ea... | S | |
| CVE-2007-5241 | Buffer overflow in NET$CSMACD.EXE in HP OpenVMS 8.3 and earlier allows local users to cause a denial... | S | |
| CVE-2007-5242 | Unspecified vulnerability in (1) SYS$EI1000.EXE and (2) SYS$EI1000_MON.EXE in HP OpenVMS 8.3 and ear... | S | |
| CVE-2007-5243 | Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 through 8.1.0.253, and WI 5.1... | E | |
| CVE-2007-5244 | Stack-based buffer overflow in Borland InterBase LI 8.0.0.53 through 8.1.0.253 on Linux, and possibl... | E | |
| CVE-2007-5245 | Multiple stack-based buffer overflows in Firebird LI 1.5.3.4870 and 1.5.4.4910, and WI 1.5.3.4870 an... | E | |
| CVE-2007-5246 | Multiple stack-based buffer overflows in Firebird LI 2.0.0.12748 and 2.0.1.12855, and WI 2.0.0.12748... | | |
| CVE-2007-5247 | Multiple format string vulnerabilities in the Monolith Lithtech engine, as used by First Encounter A... | E | |
| CVE-2007-5248 | Multiple format string vulnerabilities in the ID Software Doom 3 engine, as used by Doom 3 1.3.1 and... | E | |
| CVE-2007-5249 | Multiple buffer overflows in the logging function in the Unreal engine, as used by America's Army an... | E | |
| CVE-2007-5250 | The Windows dedicated server for the Unreal engine, as used by America's Army and America's Army Spe... | E | |
| CVE-2007-5251 | Multiple cross-site scripting (XSS) vulnerabilities in Helm 3.2.16 allow remote attackers to inject ... | | |
| CVE-2007-5252 | Buffer overflow in NetSupport Manager (NSM) Client 10.00 and 10.20, and NetSupport School Student (N... | S | |
| CVE-2007-5253 | c32web.exe in McMurtrey/Whitaker Cart32 before 6.4 allows remote attackers to read arbitrary files v... | E | |
| CVE-2007-5254 | VirusBlokAda Vba32 AntiVirus 3.12.2 uses weak permissions (Everyone:Write) for its installation dire... | E S | |
| CVE-2007-5255 | Cross-site scripting (XSS) vulnerability in Google Mini Search Appliance 3.4.14 allows remote attack... | S | |
| CVE-2007-5256 | Multiple stack-based buffer overflows in FSD 2.052 d9 and earlier, and FSFDT FSD 3.000 d9 and earlie... | E | |
| CVE-2007-5257 | Stack-based buffer overflow in the EDraw.OfficeViewer ActiveX control in officeviewer.ocx in EDraw O... | E | |
| CVE-2007-5258 | PHP remote file inclusion vulnerability in log.php in phpFreeLog alpha 0.2.0 allows remote attackers... | | |
| CVE-2007-5259 | Cross-site request forgery (CSRF) vulnerability in Ilient SysAid 4.5.03 and 4.5.04 allows remote att... | | |
| CVE-2007-5260 | ASP-CMS 1.0 stores sensitive information under the web root with insufficient access control, which ... | | |
| CVE-2007-5261 | Multiple SQL injection vulnerabilities in MultiCart 1.0 allow remote attackers to execute arbitrary ... | E | |
| CVE-2007-5262 | Multiple format string vulnerabilities in Battlefront Dropteam 1.3.3 and earlier allow remote attack... | E | |
| CVE-2007-5263 | Multiple buffer overflows in Battlefront Dropteam 1.3.3 and earlier allow remote attackers to execut... | E | |
| CVE-2007-5264 | Battlefront Dropteam 1.3.3 and earlier sends the client's online account name and password to the ga... | | |
| CVE-2007-5265 | Multiple format string vulnerabilities in websrv.cpp in Dawn of Time 1.69s beta4 and earlier allow r... | E | |
| CVE-2007-5266 | Off-by-one error in ICC profile chunk handling in the png_set_iCCP function in pngset.c in libpng be... | | |
| CVE-2007-5267 | Off-by-one error in ICC profile chunk handling in the png_set_iCCP function in pngset.c in libpng be... | S | |
| CVE-2007-5268 | pngrtran.c in libpng before 1.0.29 and 1.2.x before 1.2.21 use (1) logical instead of bitwise operat... | S | |
| CVE-2007-5269 | Certain chunk handlers in libpng before 1.0.29 and 1.2.x before 1.2.21 allow remote attackers to cau... | S | |
| CVE-2007-5270 | Unspecified vulnerability in the Boost module before 4.7.x-1.0, and 5.x before 5.x-1.0, for Drupal a... | S | |
| CVE-2007-5271 | Multiple PHP remote file inclusion vulnerabilities in Trionic Cite CMS 1.2 rev9 and earlier allow re... | E | |
| CVE-2007-5272 | SQL injection vulnerability in kategori.asp in Furkan Tastan Blog allows remote attackers to execute... | E | |
| CVE-2007-5273 | Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 ... | S | |
| CVE-2007-5274 | Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 ... | | |
| CVE-2007-5275 | The Adobe Macromedia Flash 9 plug-in allows remote attackers to cause a victim machine to establish ... | | |
| CVE-2007-5276 | Opera 9 drops DNS pins based on failed connections to irrelevant TCP ports, which makes it easier fo... | | |
| CVE-2007-5277 | Microsoft Internet Explorer 6 drops DNS pins based on failed connections to irrelevant TCP ports, wh... | | |
| CVE-2007-5278 | Zomplog 3.8.1 and earlier stores potentially sensitive information under the web root with insuffici... | E S | |
| CVE-2007-5279 | Heap-based buffer overflow in ConeXware PowerArchiver before 10.20.21 might allow remote attackers t... | S | |
| CVE-2007-5280 | Multiple cross-site scripting (XSS) vulnerabilities in messages.jsp in AppFuse before 2.0 Final allo... | S | |
| CVE-2007-5281 | The Java Secure Socket Extension (JSSE) in the Hitachi Cosminexus Developer's Kit for Java in variou... | | |
| CVE-2007-5282 | Hitachi Cosminexus Agent 03-00 through 03-05, and Cosminexus Library Standard and Web Edition 04-00 ... | | |
| CVE-2007-5283 | The TSC Domain Manager in Hitachi TPBroker Object Transaction Monitor and Cosminexus TPBroker Object... | S | |
| CVE-2007-5284 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-5279. Reason: This candida... | R | |
| CVE-2007-5285 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-5280. Reason: This candida... | R | |
| CVE-2007-5286 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-5281. Reason: This candida... | R | |
| CVE-2007-5287 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-5282. Reason: This candida... | R | |
| CVE-2007-5288 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-5283. Reason: This candida... | R | |
| CVE-2007-5289 | HP Mercury Quality Center (QC) 9.2 and earlier, and possibly TestDirector, relies on cached client-s... | | |
| CVE-2007-5290 | Multiple cross-site scripting (XSS) vulnerabilities in MailBee WebMail Pro 3.4 and earlier; and poss... | | |
| CVE-2007-5291 | Cross-site scripting (XSS) vulnerability in Edit.asp in DB Manager 2.0 allows remote attackers to in... | | |
| CVE-2007-5292 | Cross-site scripting (XSS) vulnerability in photos.cfm in Directory Image Gallery 1.1 allows remote ... | | |
| CVE-2007-5293 | Multiple cross-site scripting (XSS) vulnerabilities in IDMOS 1.0-beta (aka Phoenix) allow remote att... | E | |
| CVE-2007-5294 | PHP remote file inclusion vulnerability in core/aural.php in IDMOS 1.0-beta (aka Phoenix) allows rem... | E | |
| CVE-2007-5295 | Multiple cross-site scripting (XSS) vulnerabilities in index.php in (a) Wikepage Opus 13 2007.2 and ... | | |
| CVE-2007-5296 | Multiple cross-site scripting (XSS) vulnerabilities in dblisttest.asp in dbList 8.1 allow remote att... | | |
| CVE-2007-5297 | Cross-site scripting (XSS) vulnerability in index.php in Minki 1.30 allows remote attackers to injec... | | |
| CVE-2007-5298 | Multiple PHP remote file inclusion vulnerabilities in CMS Creamotion allow remote attackers to execu... | E | |
| CVE-2007-5299 | Multiple directory traversal vulnerabilities in SkaDate 5.0 and 6.0, and possibly later versions suc... | E | |
| CVE-2007-5300 | Off-by-one error in the do_login_loop function in libwzd-core/wzd_login.c in wzdftpd 0.8.0, 0.8.2, a... | E | |
| CVE-2007-5301 | Buffer overflow in the vorbis_stream_info function in input/vorbis/vorbis_engine.c (aka the vorbis i... | E | |
| CVE-2007-5302 | Multiple cross-site scripting (XSS) vulnerabilities in HP System Management Homepage (SMH) in HP-UX ... | S | |
| CVE-2007-5303 | Cross-site scripting (XSS) vulnerability in news_page.php in SnewsCMS Rus 2.1 allows remote attacker... | | |
| CVE-2007-5304 | Multiple cross-site scripting (XSS) vulnerabilities in ELSEIF CMS Beta 0.6 allow remote attackers to... | E | |
| CVE-2007-5305 | Multiple PHP remote file inclusion vulnerabilities in ELSEIF CMS Beta 0.6 allow remote attackers to ... | E | |
| CVE-2007-5306 | ELSEIF CMS Beta 0.6 allows remote attackers to obtain sensitive information (full path) via unspecif... | E | |
| CVE-2007-5307 | ELSEIF CMS Beta 0.6 does not properly unset variables when the input data includes a numeric paramet... | E | |
| CVE-2007-5308 | SQL injection vulnerability in galerie.php in PHP Homepage M (phpHPm) 1.0, when magic_quotes_gpc is ... | E | |
| CVE-2007-5309 | PHP remote file inclusion vulnerability in admin.wmtgallery.php in the webmaster-tips.net Flash Imag... | E | |
| CVE-2007-5310 | PHP remote file inclusion vulnerability in admin.wmtportfolio.php in the webmaster-tips.net wmtportf... | E | |
| CVE-2007-5311 | Directory traversal vulnerability in backend/admin-functions.php in TorrentTrader Classic Edition 1.... | E | |
| CVE-2007-5312 | Cross-site scripting (XSS) vulnerability in TorrentTrader Classic 1.07 allows remote attackers to in... | E | |
| CVE-2007-5313 | PHP remote file inclusion vulnerability in install/config.php in Picturesolution 2.1 and earlier all... | E | |
| CVE-2007-5314 | PHP remote file inclusion vulnerability in system/funcs/xkurl.php in xKiosk WEB 3.0.1i, when registe... | E | |
| CVE-2007-5315 | PHP remote file inclusion vulnerability in common.php in LiveAlbum 0.9.0, when register_globals is e... | E | |
| CVE-2007-5316 | SQL injection vulnerability in browsecats.php in Softbiz Jobs and Recruitment Script allows remote a... | E | |
| CVE-2007-5317 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-5292. Reason: This candida... | R | |
| CVE-2007-5318 | Unspecified vulnerability in preview.php in TYPOlight webCMS 2.4.6 allows remote attackers to downlo... | | |
| CVE-2007-5319 | Unspecified vulnerability in the vuidmice STREAMS modules in Sun Solaris 8, 9, and 10 allows local u... | S | |
| CVE-2007-5320 | Multiple absolute path traversal vulnerabilities in Pegasus Imaging ImagXpress 8.0 allow remote atta... | E | |
| CVE-2007-5321 | Directory traversal vulnerability in index.php in Verlihub Control Panel (VHCP) 1.7 and earlier allo... | E | |
| CVE-2007-5322 | Insecure method vulnerability in the FPOLE.OCX 6.0.8450.0 ActiveX control in Microsoft Visual FoxPro... | E | |
| CVE-2007-5323 | The RepliStor Server Service in EMC Replistor 6.1.3 allows remote attackers to execute arbitrary cod... | | |
| CVE-2007-5324 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-2582. Reason: This candida... | R | |
| CVE-2007-5325 | Multiple buffer overflows in (1) the Message Engine and (2) AScore.dll in CA BrightStor ARCServe Bac... | S | |
| CVE-2007-5326 | Multiple buffer overflows in (1) RPC and (2) rpcx.dll in CA BrightStor ARCServe BackUp v9.01 through... | S | |
| CVE-2007-5327 | Stack-based buffer overflow in the RPC interface for the Message Engine (mediasvr.exe) in CA BrightS... | S | |
| CVE-2007-5328 | The Message Engine RPC service in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise ... | S | |
| CVE-2007-5329 | Unspecified vulnerability in dbasvr in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterp... | S | |
| CVE-2007-5330 | The cadbd RPC service in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r1... | S | |
| CVE-2007-5331 | Queue.dll for the message queuing service (LQserver.exe) in CA BrightStor ARCServe BackUp v9.01 thro... | S | |
| CVE-2007-5332 | Multiple unspecified vulnerabilities in (1) mediasvr and (2) caloggerd in CA BrightStor ARCServe Bac... | S | |
| CVE-2007-5333 | Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0 through 4.1.36 does not properly... | E S | |
| CVE-2007-5334 | Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 can hide the window's titlebar when displa... | S | |
| CVE-2007-5335 | Mozilla Firefox 2.0 before 2.0.0.8 allows remote attackers to obtain sensitive system information by... | | |
| CVE-2007-5336 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-5339. Reason: This candida... | R | |
| CVE-2007-5337 | Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when running on Linux systems with gnome-... | S | |
| CVE-2007-5338 | Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allow remote attackers to execute arbitrar... | S | |
| CVE-2007-5339 | Multiple vulnerabilities in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonke... | S | |
| CVE-2007-5340 | Multiple vulnerabilities in the Javascript engine in Mozilla Firefox before 2.0.0.8, Thunderbird bef... | S | |
| CVE-2007-5341 | Remote code execution in the Venkman script debugger in Mozilla Firefox before 2.0.0.8.... | | |
| CVE-2007-5342 | The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and ... | S | |
| CVE-2007-5343 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2007-5344 | Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code via a c... | | |
| CVE-2007-5345 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2007-5346 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2007-5347 | Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code via "un... | | |
| CVE-2007-5348 | Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 S... | | |
| CVE-2007-5349 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2007-5350 | Unspecified vulnerability in the Windows Advanced Local Procedure Call (ALPC) in the kernel in Micro... | | |
| CVE-2007-5351 | Unspecified vulnerability in Server Message Block Version 2 (SMBv2) signing support in Microsoft Win... | | |
| CVE-2007-5352 | Unspecified vulnerability in Local Security Authority Subsystem Service (LSASS) in Microsoft Windows... | S | |
| CVE-2007-5353 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2007-5354 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2007-5355 | The Web Proxy Auto-Discovery (WPAD) feature in Microsoft Internet Explorer 6 and 7, when a primary D... | | |
| CVE-2007-5356 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2007-5357 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2007-5358 | Multiple buffer overflows in the voicemail functionality in Asterisk 1.4.x before 1.4.13, when using... | | |
| CVE-2007-5360 | Buffer overflow in OpenPegasus Management server, when compiled to use PAM and with PEGASUS_USE_PAM_... | S | |
| CVE-2007-5361 | The Communication Server in Alcatel-Lucent OmniPCX Enterprise 7.1 and earlier caches an IP address d... | | |
| CVE-2007-5362 | Multiple PHP remote file inclusion vulnerabilities in the Avant-Garde Solutions MOSMedia Lite (com_m... | E | |
| CVE-2007-5363 | PHP remote file inclusion vulnerability in admin.panoramic.php in the Panoramic Picture Viewer (com_... | E | |
| CVE-2007-5364 | Directory traversal vulnerability in payments/ideal_process.php in the iDEAL transaction handler in ... | | |
| CVE-2007-5365 | Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 throug... | E S | |
| CVE-2007-5366 | The Tomcat 4.1-based Servlet Service in Fujitsu Interstage Application Server 7.0 through 9.0.0 and ... | | |
| CVE-2007-5367 | Unspecified vulnerability in the Virtual File System (VFS) in Sun Solaris 10 allows local users to c... | S | |
| CVE-2007-5368 | Multiple unspecified vulnerabilities in labeld in Trusted Extensions in Sun Solaris 10 allow local u... | | |
| CVE-2007-5369 | The GetMagicNumberString function in Massive Entertainment World in Conflict 1.000 and earlier allow... | S | |
| CVE-2007-5370 | Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/dnewsweb.exe in NetWin DNewsWeb (DNew... | | |
| CVE-2007-5371 | Multiple SQL injection vulnerabilities in mutate_content.dynamic.php in MODx 0.9.6 allow remote atta... | | |
| CVE-2007-5372 | Multiple SQL injection vulnerabilities in (a) LedgerSMB 1.0.0 through 1.2.7 and (b) DWS Systems SQL-... | | |
| CVE-2007-5373 | ldapscripts 1.4 and 1.7 sends a password as a command line argument when calling some LDAP programs,... | | |
| CVE-2007-5374 | cp_memberedit.php in LightBlog 8.4.1.1 does not check for administrative credentials when processing... | E | |
| CVE-2007-5375 | Interpretation conflict in the Sun Java Virtual Machine (JVM) allows user-assisted remote attackers ... | | |
| CVE-2007-5377 | The (1) tramp-make-temp-file and (2) tramp-make-tramp-temp-file functions in Tramp 2.1.10 extension ... | | |
| CVE-2007-5378 | Buffer overflow in the FileReadGIF function in tkImgGIF.c for Tk Toolkit 8.4.12 and earlier, and 8.3... | | |
| CVE-2007-5379 | Rails before 1.2.4, as used for Ruby on Rails, allows remote attackers and ActiveResource servers to... | S | |
| CVE-2007-5380 | Session fixation vulnerability in Rails before 1.2.4, as used for Ruby on Rails, allows remote attac... | S | |
| CVE-2007-5381 | Stack-based buffer overflow in the Line Printer Daemon (LPD) in Cisco IOS before 12.2(18)SXF11, 12.4... | E | |
| CVE-2007-5382 | The conversion utility for converting CiscoWorks Wireless LAN Solution Engine (WLSE) 4.1.91.0 and ea... | | |
| CVE-2007-5383 | The Thomson/Alcatel SpeedTouch 7G router, as used for the BT Home Hub 6.2.6.B and earlier, allows re... | E | |
| CVE-2007-5384 | Multiple cross-site request forgery (CSRF) vulnerabilities in the Thomson/Alcatel SpeedTouch 7G rout... | | |
| CVE-2007-5385 | Multiple cross-site scripting (XSS) vulnerabilities in the Thomson/Alcatel SpeedTouch 7G router, as ... | | |
| CVE-2007-5386 | Cross-site scripting (XSS) vulnerability in scripts/setup.php in phpMyAdmin 2.11.1, when accessed by... | | |
| CVE-2007-5387 | PHP remote file inclusion vulnerability in active/components/xmlrpc/client.php in Pindorama 0.1 allo... | E | |
| CVE-2007-5388 | Multiple PHP remote file inclusion vulnerabilities in WebDesktop 0.1 allow remote attackers to execu... | E | |
| CVE-2007-5389 | PHP remote file inclusion vulnerability in preview.php in the swMenuFree (com_swmenufree) 4.6 compon... | | |
| CVE-2007-5390 | PHP remote file inclusion vulnerability in index.php in PicoFlat CMS 0.4.14 and earlier allows remot... | E | |
| CVE-2007-5391 | Unspecified vulnerability in HP Select Identity 4.01 through 4.01.010 and 4.10 through 4.13.001 allo... | | |
| CVE-2007-5392 | Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote atta... | S | |
| CVE-2007-5393 | Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 ... | S | |
| CVE-2007-5394 | Stack-based buffer overflow in AldFs32.dll in Adobe PageMaker 7.0.1 and 7.0.2 allows user-assisted r... | S | |
| CVE-2007-5395 | Stack-based buffer overflow in the separate_word function in tokenize.c in Link Grammar 4.1b and pos... | | |
| CVE-2007-5396 | Format string vulnerability in the ext_yahoo_contact_added function in yahoo.c in Miranda IM 0.7.1 a... | S | |
| CVE-2007-5397 | Heap-based buffer overflow in the activePDF Server service (aka APServer.exe) in activePDF Server 3.... | | |
| CVE-2007-5398 | Stack-based buffer overflow in the reply_netbios_packet function in nmbd/nmbd_packets.c in nmbd in S... | | |
| CVE-2007-5399 | Multiple heap-based buffer overflows in emlsr.dll in the EML reader in Autonomy (formerly Verity) Ke... | | |
| CVE-2007-5400 | Heap-based buffer overflow in the Shockwave Flash (SWF) frame handling in RealNetworks RealPlayer 10... | | |
| CVE-2007-5401 | Unrestricted file upload vulnerability in uploadrequest.asp in Layton HelpBox 3.7.1 allows remote au... | | |
| CVE-2007-5402 | Multiple SQL injection vulnerabilities in Layton HelpBox 3.7.1 allow (1) remote attackers to execute... | | |
| CVE-2007-5403 | Multiple cross-site scripting (XSS) vulnerabilities in Layton HelpBox 3.7.1 allow remote authenticat... | | |
| CVE-2007-5404 | Layton HelpBox 3.7.1 generates different responses depending on whether or not a username is valid i... | | |
| CVE-2007-5405 | Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Auton... | | |
| CVE-2007-5406 | kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView... | | |
| CVE-2007-5407 | Multiple PHP remote file inclusion vulnerabilities in the JContentSubscription (com_jcs) 1.5.8 compo... | E | |
| CVE-2007-5408 | SQL injection vulnerability in category.php in cpDynaLinks 1.02 allows remote attackers to execute a... | E | |
| CVE-2007-5409 | PHP remote file inclusion vulnerability in admin/nuseo_admin_d.php in NuSEO PHP Enterprise 1.6 (NuSE... | E | |
| CVE-2007-5410 | PHP remote file inclusion vulnerability in admin.wmtrssreader.php in the webmaster-tips.net Flash RS... | E | |
| CVE-2007-5411 | Cross-site scripting (XSS) vulnerability in the Linksys SPA941 VoIP Phone with firmware 5.1.8 allows... | E | |
| CVE-2007-5412 | Multiple PHP remote file inclusion vulnerabilities in the Quoc-Huy MP3 Allopass (com_mp3_allopass) 1... | E | |
| CVE-2007-5413 | httpd.tkd in Radia Integration Server in Hewlett-Packard (HP) OpenView Configuration Management (CM)... | | |
| CVE-2007-5414 | Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0, when UTF-7 document content ... | | |
| CVE-2007-5415 | Cross-site scripting (XSS) vulnerability in Mozilla Firefox 2.0, when UTF-7 document content is rend... | | |
| CVE-2007-5416 | Drupal 5.2 and earlier does not properly unset variables when the input data includes a numeric para... | E | |
| CVE-2007-5417 | Directory traversal vulnerability in index.php in boastMachine (aka bMachine) 2.8 allows remote atta... | E | |
| CVE-2007-5418 | Multiple PHP remote file inclusion vulnerabilities in CARE2X 2G 2.2 allow remote attackers to execut... | E | |
| CVE-2007-5419 | The 3Com 3CRWER100-75 router with 1.2.10ww software, when enabling an optional virtual server, confi... | | |
| CVE-2007-5420 | The 3Com 3CRWER100-75 router with 1.2.10ww software, when remote management is disabled but a web se... | | |
| CVE-2007-5421 | Rejected reason: Multiple stack-based buffer overflows in Cisco IOS 12.x and IOS XR allow attackers ... | R | |
| CVE-2007-5422 | Unspecified vulnerability in "Solaris Auditing" in the Basic Security Module (BSM) in Sun Solaris 10... | S | |
| CVE-2007-5423 | tiki-graph_formula.php in TikiWiki 1.9.8 allows remote attackers to execute arbitrary code via PHP s... | E | |
| CVE-2007-5424 | The disable_functions feature in PHP 4 and 5 allows attackers to bypass intended restrictions by usi... | | |
| CVE-2007-5425 | SQL injection vulnerability in admin/index.php in Interspire ActiveKB 1.5 allows remote attackers to... | E | |
| CVE-2007-5426 | Multiple cross-site scripting (XSS) vulnerabilities in ActiveKB NX 2.5.4 allow remote attackers to i... | E | |
| CVE-2007-5427 | Cross-site scripting (XSS) vulnerability in the com_search component in Joomla! 1.0.13 and earlier a... | E | |
| CVE-2007-5428 | Cross-site scripting (XSS) vulnerability in UMI CMS allows remote attackers to inject arbitrary web ... | E | |
| CVE-2007-5429 | Cross-site scripting (XSS) vulnerability in index.php in Nucleus 3.01 allows remote attackers to inj... | | |
| CVE-2007-5430 | Multiple SQL injection vulnerabilities in Stride 1.0 allow remote attackers to execute arbitrary SQL... | | |
| CVE-2007-5431 | include/imageupload.js in the MyFTPUploader module in Stride 1.0 contains sensitive information incl... | E | |
| CVE-2007-5432 | Stride 1.0 has a default administrator username of "scott" with the password "running", which allows... | | |
| CVE-2007-5433 | Multiple cross-site scripting (XSS) vulnerabilities in index.cgi in Site-Up 2.64 and earlier allow r... | E | |
| CVE-2007-5434 | Cross-site scripting (XSS) vulnerability in PRO-search 0.17.1 and earlier allows remote attackers to... | | |
| CVE-2007-5435 | Unspecified vulnerability in CA ERwin Process Modeler (formerly AllFusion Process Modeler) 7.2 might... | | |
| CVE-2007-5436 | Buffer overflow in a certain ActiveX control in ScanObjectBrowser.DLL in G DATA Antivirus 2007 might... | | |
| CVE-2007-5437 | The web console in CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 allows remote a... | | |
| CVE-2007-5438 | Unspecified vulnerability in a certain ActiveX control in Reconfig.DLL in VMware Workstation 5.5.x b... | | |
| CVE-2007-5439 | CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 stores sensitive user information ... | | |
| CVE-2007-5440 | Multiple PHP remote file inclusion vulnerabilities in CRS Manager allow remote attackers to execute ... | E | |
| CVE-2007-5441 | CMS Made Simple 1.1.3.1 does not check the permissions assigned to users in some situations, which a... | | |
| CVE-2007-5442 | CMS Made Simple 1.1.3.1 does not check the permissions assigned to users who attempt uploads, which ... | | |
| CVE-2007-5443 | Multiple cross-site scripting (XSS) vulnerabilities in CMS Made Simple 1.1.3.1 allow remote attacker... | | |
| CVE-2007-5444 | CMS Made Simple 1.1.3.1 allows remote attackers to obtain the full path via a direct request for uns... | | |
| CVE-2007-5445 | Buffer overflow in the DB Software Laboratory VImpX (VImpAX1) ActiveX control in VImpX.ocx 4.7.3.0 a... | | |
| CVE-2007-5446 | Absolute path traversal vulnerability in a certain ActiveX control in PBEmail7Ax.dll in PBEmail 7 Ac... | E | |
| CVE-2007-5447 | ioncube_loader_win_5.2.dll in the ionCube Loader 6.5 extension for PHP 5.2.4 does not follow safe_mo... | E | |
| CVE-2007-5448 | Madwifi 0.9.3.2 and earlier allows remote attackers to cause a denial of service (panic) via a beaco... | S | |
| CVE-2007-5449 | SQL injection vulnerability in searchresult.php in Softbiz Recipes Portal Script allows remote attac... | E | |
| CVE-2007-5450 | Unspecified vulnerability in Safari on the Apple iPod touch (aka iTouch) and iPhone 1.1.1 allows use... | E | |
| CVE-2007-5451 | PHP remote file inclusion vulnerability in admin.color.php in the com_colorlab (aka com_color) 1.0 c... | E | |
| CVE-2007-5452 | Multiple SQL injection vulnerabilities in php-stats.recjs.php in Php-Stats 0.1.9.2 allow remote atta... | E | |
| CVE-2007-5453 | Multiple eval injection vulnerabilities in Php-Stats 0.1.9.2 allow remote authenticated administrato... | E | |
| CVE-2007-5454 | Directory traversal vulnerability in index.php in PHP File Sharing System 1.5.1 allows remote attack... | E | |
| CVE-2007-5455 | Cross-site scripting (XSS) vulnerability in wxis.exe in WWWISIS 7.1 and earlier allows remote attack... | E | |
| CVE-2007-5456 | Microsoft Internet Explorer 7 and earlier allows remote attackers to bypass the "File Download - Sec... | | |
| CVE-2007-5457 | Multiple PHP remote file inclusion vulnerabilities in Michael Dempfle Joomla Flash Uploader (com_jfu... | E | |
| CVE-2007-5458 | SQL injection vulnerability in index.php in the newsletter module 1.0 for KwsPHP, when magic_quotes_... | E | |
| CVE-2007-5459 | Cross-site scripting (XSS) vulnerability in the sidebar HTML page in the MouseoverDictionary before ... | S | |
| CVE-2007-5460 | Microsoft ActiveSync 4.1, as used in Windows Mobile 5.0, uses weak encryption (XOR obfuscation with ... | S | |
| CVE-2007-5461 | Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 thro... | E | |
| CVE-2007-5462 | Unspecified vulnerability in the Sun Solaris RPC services library (librpcsvc) on Solaris 8 through 1... | | |
| CVE-2007-5463 | ideal_process.php in the iDEAL payment module in ViArt Shop 3.3 beta and earlier might allow remote ... | S | |
| CVE-2007-5464 | Stack-based buffer overflow in Live for Speed 0.5X10 and earlier allows remote authenticated users t... | E | |
| CVE-2007-5465 | Directory traversal vulnerability in doop CMS 1.3.7 and earlier allows remote attackers to include a... | E | |
| CVE-2007-5466 | Multiple buffer overflows in eXtremail 2.1.1 and earlier allow remote attackers to (1) have an unkno... | E | |
| CVE-2007-5467 | Integer overflow in eXtremail 2.1.1 and earlier allows remote attackers to cause a denial of service... | E | |
| CVE-2007-5468 | Cisco CallManager 5.1.1.3000-5 does not verify the Digest authentication header URI against the Requ... | | |
| CVE-2007-5469 | OpenSER 1.2.2 does not verify the Digest authentication header URI against the Request URI in SIP me... | | |
| CVE-2007-5470 | Microsoft Expression Media stores the catalog password in cleartext in the catalog IVC file, which a... | | |
| CVE-2007-5471 | libgssapi before 0.6-13.7, as used by the ISC BIND named daemon in SUSE Linux Enterprise Server 10 S... | S | |
| CVE-2007-5472 | Cross-site scripting (XSS) vulnerability in the Server component in CA Host-Based Intrusion Preventi... | S | |
| CVE-2007-5473 | StaticFileHandler.cs in System.Web in Mono before 1.2.5.2, when running on Windows, allows remote at... | | |
| CVE-2007-5474 | The driver for the Linksys WRT350N Wi-Fi access point with firmware 2.00.17 on the Atheros AR5416-AC... | | |
| CVE-2007-5475 | Multiple buffer overflows in the Marvell wireless driver, as used in Linksys WAP4400N Wi-Fi access p... | | |
| CVE-2007-5476 | Unspecified vulnerability in Adobe Flash Player 9.0.47.0 and earlier, when running on Opera before 9... | | |
| CVE-2007-5477 | Cross-site scripting (XSS) vulnerability in auth.w in djeyl.net WebMod 0.48 Half-Life Dedicated Serv... | | |
| CVE-2007-5478 | Cross-site scripting (XSS) vulnerability in projects in Nabh Stringbeans Portal (sbportal) 3.2 allow... | E | |
| CVE-2007-5479 | Cross-site scripting (XSS) vulnerability in Search.asp in Xcomputer allows remote attackers to injec... | | |
| CVE-2007-5480 | Multiple cross-site scripting (XSS) vulnerabilities in InnovaAge InnovaShop allow remote attackers t... | E | |
| CVE-2007-5481 | Distributed Checksum Clearinghouse (DCC) 1.3.65 allows remote attackers to cause a denial of service... | | |
| CVE-2007-5482 | Unspecified vulnerability in the FTP service in Sun StorEdge/StorageTek 3510 FC Array with firmware ... | | |
| CVE-2007-5483 | Unspecified vulnerability in the Administrative Scripting Tools (such as wsadmin or ANT) in IBM WebS... | S | |
| CVE-2007-5484 | Directory traversal vulnerability in wxis.exe in WWWISIS 7.1 allows local users to read arbitrary fi... | E | |
| CVE-2007-5485 | SQL injection vulnerability in index.php in the mg2 1.0 module for KwsPHP allows remote attackers to... | E | |
| CVE-2007-5486 | dotProject before 2.1 does not properly check privileges when invoking the Companies module, which a... | S | |
| CVE-2007-5487 | Stack-based buffer overflow in COWON America jetAudio Basic 7.0.3 allows user-assisted remote attack... | E | |
| CVE-2007-5488 | Multiple SQL injection vulnerabilities in cdr_addon_mysql in Asterisk-Addons before 1.2.8, and 1.4.x... | E | |
| CVE-2007-5489 | Directory traversal vulnerability in index.php in Artmedic CMS 3.4 and earlier allows remote attacke... | E | |
| CVE-2007-5490 | SQL injection vulnerability in default.asp in Okul Otomasyon Portal 2.0 allows remote attackers to e... | E | |
| CVE-2007-5491 | Directory traversal vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows... | | |
| CVE-2007-5492 | Static code injection vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allo... | | |
| CVE-2007-5493 | The SMS handler for Windows Mobile 2005 Pocket PC Phone edition allows attackers to hide the sender ... | | |
| CVE-2007-5494 | Memory leak in the Red Hat Content Accelerator kernel patch in Red Hat Enterprise Linux (RHEL) 4 and... | | |
| CVE-2007-5495 | sealert in setroubleshoot 2.0.5 allows local users to overwrite arbitrary files via a symlink attack... | S | |
| CVE-2007-5496 | Cross-site scripting (XSS) vulnerability in setroubleshoot 2.0.5 allows local users to inject arbitr... | S | |
| CVE-2007-5497 | Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 allow user-assisted remote attack... | | |
| CVE-2007-5498 | The Xen hypervisor block backend driver for Linux kernel 2.6.18, when running on a 64-bit host with ... | S | |
| CVE-2007-5499 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi... | R | |
| CVE-2007-5500 | The wait_task_stopped function in the Linux kernel before 2.6.23.8 checks a TASK_TRACED bit instead ... | S | |
| CVE-2007-5501 | The tcp_sacktag_write_queue function in net/ipv4/tcp_input.c in Linux kernel 2.6.21 through 2.6.23.7... | S | |
| CVE-2007-5502 | The PRNG implementation for the OpenSSL FIPS Object Module 1.1.1 does not perform auto-seeding durin... | S | |
| CVE-2007-5503 | Multiple integer overflows in Cairo before 1.4.12 might allow remote attackers to execute arbitrary ... | S | |
| CVE-2007-5504 | Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+ and 10.1.0.5 unknown impact and rem... | | |
| CVE-2007-5505 | Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and ... | | |
| CVE-2007-5506 | The Core RDBMS component in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 all... | | |
| CVE-2007-5507 | The GIOP service in TNS Listener in the Oracle Net Services component in Oracle Database 9.0.1.5+, 9... | | |
| CVE-2007-5508 | Multiple SQL injection vulnerabilities in the CTXSYS Intermedia application for the Oracle Text comp... | | |
| CVE-2007-5509 | Unspecified vulnerability in the Spatial component in Oracle Database 9.2.0.8 and 9.2.0.8DV has unkn... | | |
| CVE-2007-5510 | Multiple unspecified vulnerabilities in the Workspace Manager component in Oracle Database before OW... | | |
| CVE-2007-5511 | SQL injection vulnerability in Workspace Manager for Oracle Database before OWM 10.2.0.4.1, OWM 10.1... | E | |
| CVE-2007-5512 | Unspecified vulnerability in the Oracle Database Vault component in Oracle Database 9.2.0.8DV and 10... | | |
| CVE-2007-5513 | The XML DB (XMLDB) component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10.1.0.5 generates incorrect... | | |
| CVE-2007-5514 | Multiple unspecified vulnerabilities in Oracle Database 10.2.0.3 have unknown impact and attack vect... | | |
| CVE-2007-5515 | Unspecified vulnerability in the Spatial component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, ... | | |
| CVE-2007-5516 | Unspecified vulnerability in the Oracle Process Mgmt & Notification component in Oracle Application ... | | |
| CVE-2007-5517 | Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.2.0.2 and... | | |
| CVE-2007-5518 | Unspecified vulnerability in the Oracle HTTP Server component in Oracle Application Server 10.1.3.2 ... | | |
| CVE-2007-5519 | Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 9.0.4.3 and 10... | | |
| CVE-2007-5520 | Unspecified vulnerability in the Oracle Internet Directory component in Oracle Database 9.2.0.8 and ... | | |
| CVE-2007-5521 | Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Application Server 9... | | |
| CVE-2007-5522 | Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.4.1 has u... | | |
| CVE-2007-5523 | Unspecified vulnerability in the Oracle Internet Directory component in Oracle Application Server 9.... | | |
| CVE-2007-5524 | Unspecified vulnerability in the Oracle Single Sign-On component in Oracle Application Server 9.0.4.... | | |
| CVE-2007-5525 | Unspecified vulnerability in the Oracle Single Sign-On component in Oracle Application Server 9.0.4.... | | |
| CVE-2007-5526 | Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.2.0.2, 10... | | |
| CVE-2007-5527 | Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10.2 have unknown impact and re... | | |
| CVE-2007-5528 | Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.2 have unknown impact and attac... | | |
| CVE-2007-5529 | Unspecified vulnerability in the Oracle Self-Service Web Applications component in client-only insta... | | |
| CVE-2007-5530 | Unspecified vulnerability in the Database Control component in Oracle Database 10.1.0.5 and 10.2.0.3... | | |
| CVE-2007-5531 | Unspecified vulnerability in Oracle Help for Web, as used in Oracle Application Server, Oracle Datab... | | |
| CVE-2007-5532 | Unspecified vulnerability in the People Tools component in Oracle PeopleSoft Enterprise and JD Edwar... | | |
| CVE-2007-5533 | Unspecified vulnerability in the People Tools component in Oracle PeopleSoft Enterprise and JD Edwar... | | |
| CVE-2007-5534 | Unspecified vulnerability in the HCM component in Oracle PeopleSoft Enterprise and JD Edwards Enterp... | | |
| CVE-2007-5535 | Unspecified vulnerability in newbb_plus in RunCms 1.5.2 has unknown impact and attack vectors.... | S | |
| CVE-2007-5536 | Unspecified vulnerability in OpenSSL before A.00.09.07l on HP-UX B.11.11, B.11.23, and B.11.31 allow... | | |
| CVE-2007-5537 | Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(2), and Unified Cal... | | |
| CVE-2007-5538 | Buffer overflow in the Centralized TFTP File Locator Service in Cisco Unified Communications Manager... | | |
| CVE-2007-5539 | Unspecified vulnerability in Cisco Unified Intelligent Contact Management Enterprise (ICME), Unified... | | |
| CVE-2007-5540 | Unspecified vulnerability in Opera before 9.24 allows remote attackers to overwrite functions on pag... | | |
| CVE-2007-5541 | Unspecified vulnerability in Opera before 9.24, when using an "external" newsgroup or e-mail client,... | | |
| CVE-2007-5542 | Stack-based buffer overflow in Miranda IM 0.6.8 allows remote attackers to execute arbitrary code vi... | S | |
| CVE-2007-5543 | Stack-based buffer overflow in Miranda IM 0.6.8 and 0.7.0 allows remote attackers to execute arbitra... | S | |
| CVE-2007-5544 | IBM Lotus Notes before 6.5.6, and 7.x before 7.0.3; and Domino before 6.5.5 FP3, and 7.x before 7.0.... | S | |
| CVE-2007-5545 | Format string vulnerability in TIBCO SmartPGM FX allows remote attackers to execute arbitrary code v... | | |
| CVE-2007-5546 | Multiple stack-based buffer overflows in TIBCO SmartPGM FX allow remote attackers to execute arbitra... | | |
| CVE-2007-5547 | Cross-site scripting (XSS) vulnerability in Cisco IOS allows remote attackers to inject arbitrary we... | | |
| CVE-2007-5548 | Multiple stack-based buffer overflows in Command EXEC in Cisco IOS allow local users to gain privile... | | |
| CVE-2007-5549 | Unspecified vulnerability in Command EXEC in Cisco IOS allows local users to bypass command restrict... | | |
| CVE-2007-5550 | Unspecified vulnerability in Cisco IOS allows remote attackers to obtain the IOS version via unspeci... | | |
| CVE-2007-5551 | Off-by-one error in Cisco IOS allows remote attackers to execute arbitrary code via unspecified vect... | | |
| CVE-2007-5552 | Integer overflow in Cisco IOS allows remote attackers to execute arbitrary code via unspecified vect... | | |
| CVE-2007-5553 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-4158. Reason: This candida... | R | |
| CVE-2007-5554 | Oracle allows remote attackers to obtain server memory contents via crafted packets, aka Oracle refe... | | |
| CVE-2007-5555 | Unspecified vulnerability in Symantec Altiris Deployment Solution allows attackers to obtain authent... | S | |
| CVE-2007-5556 | Unspecified vulnerability in the Avaya VoIP Handset allows remote attackers to cause a denial of ser... | | |
| CVE-2007-5557 | Unspecified vulnerability in the NEC mobile handset allows remote attackers to cause a denial of ser... | | |
| CVE-2007-5558 | Integer overflow in the LG Mobile handset allows remote attackers to cause a denial of service (rebo... | | |
| CVE-2007-5559 | Heap-based buffer overflow in the IBM ThinkVantage TPM Service allows remote attackers to execute ar... | | |
| CVE-2007-5560 | Heap-based buffer overflow in the Juniper HTTP Service allows remote attackers to execute arbitrary ... | | |
| CVE-2007-5561 | Format string vulnerability in the logging function in the Oracle OPMN daemon, as used on Oracle Ent... | E S | |
| CVE-2007-5562 | Cross-site scripting (XSS) vulnerability in cgi-bin/welcome (aka the login page) in Netgear SSL312 P... | E | |
| CVE-2007-5563 | Unspecified vulnerability in VirtueMart before 1.0.13 allows remote attackers to execute arbitrary P... | S | |
| CVE-2007-5564 | Multiple cross-site scripting (XSS) vulnerabilities in NSSboard (formerly Simple PHP Forum) 6.1 allo... | | |
| CVE-2007-5565 | PHP remote file inclusion vulnerability in includes/functions.php in phpSCMS 0.0.1-Alpha1 allows rem... | | |
| CVE-2007-5566 | Multiple PHP remote file inclusion vulnerabilities in PHPBlog 0.1 Alpha allow remote attackers to ex... | | |
| CVE-2007-5567 | PHP remote file inclusion vulnerability in _lib/fckeditor/upload_config.php in Galmeta Post 0.11 all... | | |
| CVE-2007-5568 | Cisco PIX and ASA appliances with 7.0 through 8.0 software, and Cisco Firewall Services Module (FWSM... | | |
| CVE-2007-5569 | Cisco PIX and ASA appliances with 7.1 and 7.2 software, when configured for TLS sessions to the devi... | | |
| CVE-2007-5570 | Cisco Firewall Services Module (FWSM) 3.2(1), and 3.1(5) and earlier, allows remote attackers to cau... | | |
| CVE-2007-5571 | Cisco Firewall Services Module (FWSM) 3.1(6), and 3.2(2) and earlier, does not properly enforce edit... | | |
| CVE-2007-5572 | Multiple cross-site request forgery (CSRF) vulnerabilities in Simple PHP Blog (SPHPBlog) 0.4.9 allow... | | |
| CVE-2007-5573 | PHP remote file inclusion vulnerability in classes/core/language.php in LimeSurvey 1.5.2 and earlier... | E | |
| CVE-2007-5574 | PHP remote file inclusion vulnerability in djpage.php in PHPDJ 0.5 allows remote attackers to execut... | E | |
| CVE-2007-5575 | Cross-site request forgery (CSRF) vulnerability in 1024 CMS 1.2.5 allows remote attackers to perform... | | |
| CVE-2007-5576 | BEA Tuxedo 8.0 before RP392 and 8.1 before RP293, and WebLogic Enterprise 5.1 before RP174, echo the... | | |
| CVE-2007-5577 | Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.13 (aka Sunglow) allow rem... | S | |
| CVE-2007-5578 | Basic Analysis and Security Engine (BASE) before 1.3.8 sends a redirect to the web browser but does ... | S | |
| CVE-2007-5579 | login.php in Pligg CMS 9.5 uses a guessable confirmation code when resetting a forgotten password, w... | E | |
| CVE-2007-5580 | Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0... | | |
| CVE-2007-5581 | Multiple cross-site scripting (XSS) vulnerabilities in mpweb/scripts/mpx.dll in Cisco Unified Meetin... | | |
| CVE-2007-5582 | Cross-site scripting (XSS) vulnerability in the login page in Cisco CiscoWorks Server (CS), possibly... | S | |
| CVE-2007-5583 | Cisco IP Phone 7940 with firmware P0S3-08-7-00 allows remote attackers to cause a denial of service ... | E | |
| CVE-2007-5584 | Unspecified vulnerability in Cisco Firewall Services Module (FWSM) 3.2(3) allows remote attackers to... | S | |
| CVE-2007-5585 | xscreensaver 5.03 and earlier, when running without xscreensaver-gl-extras (GL extras) installed, cr... | | |
| CVE-2007-5586 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-5587. Reason: This candida... | R | |
| CVE-2007-5587 | Buffer overflow in Macrovision SafeDisc secdrv.sys before 4.3.86.0, as shipped in Microsoft Windows ... | E | |
| CVE-2007-5588 | Cross-site scripting (XSS) vulnerability in mnoGoSearch before 3.2.43 allows remote attackers to inj... | | |
| CVE-2007-5589 | Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.11.1.2 allow remote attac... | | |
| CVE-2007-5590 | Multiple buffer overflows in Miranda before 0.7.1 allow remote attackers to execute arbitrary code v... | S | |
| CVE-2007-5591 | The CS1000 signaling server in Nortel Enterprise VoIP-Core-CS 1000M Chassis/Cabinet, Enterprise VoIP... | | |
| CVE-2007-5592 | Multiple PHP remote file inclusion vulnerabilities in awzMB 4.2 beta 1 and earlier allow remote atta... | E | |
| CVE-2007-5593 | install.php in Drupal 5.x before 5.3, when the configured database server is not reachable, allows r... | S | |
| CVE-2007-5594 | Drupal 5.x before 5.3 does not apply its Drupal Forms API protection against the user deletion form,... | S | |
| CVE-2007-5595 | CRLF injection vulnerability in the drupal_goto function in includes/common.inc Drupal 4.7.x before ... | | |
| CVE-2007-5596 | The core Upload module in Drupal 4.7.x before 4.7.8 and 5.x before 5.3 places the .html extension on... | S | |
| CVE-2007-5597 | The hook_comments API in Drupal 4.7.x before 4.7.8 and 5.x before 5.3 does not pass publication stat... | | |
| CVE-2007-5598 | Cross-site scripting (XSS) vulnerability in Weblinks for Drupal 4.7.x before 4.7.x-1.0 and 5.x befor... | | |
| CVE-2007-5599 | Multiple PHP remote file inclusion vulnerabilities in awrate 1.0 allow remote attackers to execute a... | | |
| CVE-2007-5600 | Incomplete blacklist vulnerability in index.php in Artmedic CMS 3.4 and earlier allows remote attack... | E | |
| CVE-2007-5601 | Stack-based buffer overflow in the Database Component in MPAMedia.dll in RealNetworks RealPlayer 10.... | | |
| CVE-2007-5602 | Multiple stack-based buffer overflows in SwiftView Viewer before 8.3.5, as used by SwiftView and Swi... | S | |
| CVE-2007-5603 | Stack-based buffer overflow in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control before... | E | |
| CVE-2007-5604 | Buffer overflow in the ExtractCab function in the HPISDataManagerLib.Datamgr ActiveX control in HPIS... | | |
| CVE-2007-5605 | Buffer overflow in the GetFileTime function in the HPISDataManagerLib.Datamgr ActiveX control in HPI... | | |
| CVE-2007-5606 | Buffer overflow in the MoveFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDa... | S | |
| CVE-2007-5607 | Buffer overflow in the RegistryString function in the HPISDataManagerLib.Datamgr ActiveX control in ... | | |
| CVE-2007-5608 | The DownloadFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll i... | | |
| CVE-2007-5610 | The DeleteSingleFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.d... | S | |
| CVE-2007-5612 | CIM Server in IBM Director 5.20.1 and earlier allows remote attackers to cause a denial of service (... | S | |
| CVE-2007-5613 | Cross-site scripting (XSS) vulnerability in Dump Servlet in Mortbay Jetty before 6.1.6rc1 allows rem... | S | |
| CVE-2007-5614 | Mortbay Jetty before 6.1.6rc1 does not properly handle "certain quote sequences" in HTML cookie para... | S | |
| CVE-2007-5615 | CRLF injection vulnerability in Mortbay Jetty before 6.1.6rc0 allows remote attackers to inject arbi... | | |
| CVE-2007-5616 | ssh-signer in SSH Tectia Client and Server 5.x before 5.2.4, and 5.3.x before 5.3.6, on Unix and Lin... | | |
| CVE-2007-5617 | Unspecified vulnerability in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, and Workstation ... | S | |
| CVE-2007-5618 | Unquoted Windows search path vulnerability in the Authorization and other services in VMware Player ... | S | |
| CVE-2007-5619 | Unspecified vulnerability in VMware Server before 1.0.4 causes user passwords to be recorded in clea... | S | |
| CVE-2007-5620 | Directory traversal vulnerability in admin/inc/help.php in ZZ:FlashChat 3.1 and earlier allows remot... | E | |
| CVE-2007-5621 | Multiple cross-site scripting (XSS) vulnerabilities in the Token module before 4.7.x-1.5, and 5.x be... | S | |
| CVE-2007-5622 | Double free vulnerability in the ftpprchild function in ftppr in 3proxy 0.5 through 0.5.3i allows re... | S | |
| CVE-2007-5623 | Buffer overflow in the check_snmp function in Nagios Plugins (nagios-plugins) 1.4.10 allows remote a... | | |
| CVE-2007-5624 | Cross-site scripting (XSS) vulnerability in Nagios 2.x before 2.10 allows remote attackers to inject... | S | |
| CVE-2007-5625 | Cross-site scripting (XSS) vulnerability in filename.asp in ASP Site Search SearchSimon Lite 1.0 all... | E | |
| CVE-2007-5626 | make_catalog_backup in Bacula 2.2.5, and probably earlier, sends a MySQL password as a command line ... | | |
| CVE-2007-5627 | PHP remote file inclusion vulnerability in content/fnc-readmail3.php in SocketMail 2.2.8 allows remo... | E | |
| CVE-2007-5628 | PHP remote file inclusion vulnerability in src/scripture.php in The Online Web Library Site (TOWels)... | E | |
| CVE-2007-5629 | Cross-site scripting (XSS) vulnerability in admin/logon.asp in ShoppingTree CandyPress Store 4.1 all... | E | |
| CVE-2007-5630 | SQL injection vulnerability in tnews.php in BBsProcesS BBPortalS 1.5.10 through 2.0 allows remote at... | E | |
| CVE-2007-5631 | Multiple PHP remote file inclusion vulnerabilities in PeopleAggregator 1.2pre6, when register_global... | E | |
| CVE-2007-5632 | Multiple unspecified vulnerabilities in the kernel in Sun Solaris 8 through 10 allow local users to ... | S | |
| CVE-2007-5633 | Speedfan.sys in Alfredo Milani Comparetti SpeedFan 4.33, when used on Microsoft Windows Vista x64, a... | E | |
| CVE-2007-5634 | Speedfan.sys in Alfredo Milani Comparetti SpeedFan 4.33, when used on Microsoft Windows Vista x64, d... | E | |
| CVE-2007-5635 | Multiple unspecified vulnerabilities in Salford Software Support Incident Tracker (SiT!) before 3.30... | S | |
| CVE-2007-5636 | Buffer overflow in the Nortel UNIStim IP Softphone 2050 allows remote attackers to cause a denial of... | E | |
| CVE-2007-5637 | The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Pho... | E S | |
| CVE-2007-5638 | The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Pho... | E S | |
| CVE-2007-5639 | The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and other Nortel IP Phone, Mobile Voice Client... | E S | |
| CVE-2007-5640 | The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Pho... | E S | |
| CVE-2007-5641 | Multiple PHP remote file inclusion vulnerabilities in PHP Project Management 0.8.10 and earlier allo... | E | |
| CVE-2007-5642 | Multiple directory traversal vulnerabilities in PHP Project Management 0.8.10 and earlier allow remo... | E | |
| CVE-2007-5643 | Multiple SQL injection vulnerabilities in Lussumo Vanilla 1.1.3 and earlier allow remote attackers t... | E | |
| CVE-2007-5644 | Lussumo Vanilla 1.1.3 and earlier does not require admin privileges for (1) ajax/sortcategories.php ... | E | |
| CVE-2007-5645 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-5645. Reason: This candida... | R | |
| CVE-2007-5646 | SQL injection vulnerability in Sources/Search.php in Simple Machines Forum (SMF) 1.1.3, when MySQL 5... | E S | |
| CVE-2007-5647 | Multiple cross-site scripting (XSS) vulnerabilities in SocketKB 1.1.5 allow remote attackers to inje... | E | |
| CVE-2007-5648 | Multiple cross-site scripting (XSS) vulnerabilities in rnote.php in rNote 0.9.7.5 allow remote attac... | E | |
| CVE-2007-5649 | Cross-site scripting (XSS) vulnerability in lostpwd.php in Creative Digital Resources SocketMail 2.2... | E | |
| CVE-2007-5650 | Directory traversal vulnerability in system.php in ReloadCMS 1.2.7 allows remote attackers to includ... | E | |
| CVE-2007-5651 | Unspecified vulnerability in the Extensible Authentication Protocol (EAP) implementation in Cisco IO... | | |
| CVE-2007-5652 | IBM DB2 UDB 9.1 before Fixpak 4 does not properly manage storage of a list containing authentication... | S | |
| CVE-2007-5653 | The Component Object Model (COM) functions in PHP 5.x on Windows do not follow safe_mode and disable... | E | |
| CVE-2007-5654 | LiteSpeed Web Server before 3.2.4 allows remote attackers to trigger use of an arbitrary MIME type f... | E | |
| CVE-2007-5655 | TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service ... | | |
| CVE-2007-5656 | TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service ... | S | |
| CVE-2007-5657 | TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service ... | | |
| CVE-2007-5658 | Heap-based buffer overflow in TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, a... | | |
| CVE-2007-5659 | Multiple buffer overflows in Adobe Reader and Acrobat 8.1.1 and earlier allow remote attackers to ex... | KEV | |
| CVE-2007-5660 | Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 ... | S | |
| CVE-2007-5661 | The Macrovision InstallShield InstallScript One-Click Install (OCI) ActiveX control 12.0 before SP2 ... | S | |
| CVE-2007-5663 | Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via a c... | S | |
| CVE-2007-5664 | db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal Database 9.5 before Fix Pack 1... | S | |
| CVE-2007-5665 | STEngine.exe 3.5.0.20 in Novell ZENworks Endpoint Security Management (ESM) 3.5, and other ESM versi... | S | |
| CVE-2007-5666 | Untrusted search path vulnerability in Adobe Reader and Acrobat 8.1.1 and earlier allows local users... | S | |
| CVE-2007-5667 | NWFILTER.SYS in Novell Client 4.91 SP 1 through SP 4 for Windows 2000, XP, and Server 2003 makes the... | S | |
| CVE-2007-5670 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-5956. Reason: This candida... | R | |
| CVE-2007-5671 | HGFS.sys in the VMware Tools package in VMware Workstation 5.x before 5.5.6 build 80404, VMware Play... | | |
| CVE-2007-5673 | Cross-site scripting (XSS) vulnerability in cgi-bin/webif.exe in ifnet WebIf allows remote attackers... | E | |
| CVE-2007-5674 | Directory traversal vulnerability in index.php in InstaGuide Weather (aka Weather for PHP) 1.0, when... | E | |
| CVE-2007-5675 | Stack-based buffer overflow in the DebugPrint function in MultiXTpm Application Server before 4.0.2d... | S | |
| CVE-2007-5676 | PHP remote file inclusion vulnerability in modules/Forums/favorites.php in PHP-Nuke Platinum 7.6.b.5... | E | |
| CVE-2007-5677 | Cross-site scripting (XSS) vulnerability in shoutbox/blocco.php in Hackish BETA 1.1 allows remote at... | E | |
| CVE-2007-5678 | SQL injection vulnerability in the Music module in phpBasic allows remote attackers to execute arbit... | | |
| CVE-2007-5679 | SQL injection vulnerability in index.php in DeeEmm.com DM CMS 0.7.0.Beta allows remote attackers to ... | E | |
| CVE-2007-5682 | Incomplete blacklist vulnerability in tiki-graph_formula.php in TikiWiki before 1.9.8.2 allows remot... | S | |
| CVE-2007-5683 | Multiple cross-site scripting (XSS) vulnerabilities in TikiWiki 1.9.8.1 and earlier allow remote att... | S | |
| CVE-2007-5684 | Multiple directory traversal vulnerabilities in TikiWiki 1.9.8.1 and earlier allow remote attackers ... | | |
| CVE-2007-5685 | The safe_path function in shttp before 0.0.5 allows remote attackers to conduct directory traversal ... | E S | |
| CVE-2007-5686 | initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows loca... | S | |
| CVE-2007-5687 | Multiple buffer overflows in the rich text processing functionality in JustSystems Ichitaro 2004 thr... | S | |
| CVE-2007-5688 | Multiple SQL injection vulnerabilities in directory.php in the Multi-Forums (aka Multi Host Forum Pr... | E | |
| CVE-2007-5689 | The Java Virtual Machine (JVM) in Sun Java Runtime Environment (JRE) in SDK and JRE 1.3.x through 1.... | S | |
| CVE-2007-5690 | Buffer overflow in sethdlc.c in the Asterisk Zaptel 1.4.5.1 might allow local users to gain privileg... | | |
| CVE-2007-5691 | ParseFTPList.cpp in Mozilla Firefox 2.0.0.7 allows remote FTP servers to cause a denial of service (... | S | |
| CVE-2007-5692 | Multiple cross-site scripting (XSS) vulnerabilities in SiteBar 3.3.8 allow remote attackers to injec... | E S | |
| CVE-2007-5693 | Eval injection vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remo... | E S | |
| CVE-2007-5694 | Absolute path traversal vulnerability in the translation module (translator.php) in SiteBar 3.3.8 al... | E S | |
| CVE-2007-5695 | Open redirect vulnerability in command.php in SiteBar 3.3.8 allows remote attackers to redirect user... | E S | |
| CVE-2007-5696 | PHP remote file inclusion vulnerability in includes.php in phpBasic allows remote attackers to execu... | | |
| CVE-2007-5697 | Multiple PHP remote file inclusion vulnerabilities in PHP Image 1.2 allow remote attackers to execut... | E | |
| CVE-2007-5698 | Cross-site scripting (XSS) vulnerability in default.asp in CREApark GOLD KOY PORTALI allows remote a... | | |
| CVE-2007-5699 | Stack-based buffer overflow in eIQNetworks Enterprise Security Analyzer (ESA) 2.5 allows remote atta... | E | |
| CVE-2007-5700 | The Evaluate LotusScript method in IBM Lotus Domino before 7.0.3 uses an incorrect security context ... | S | |
| CVE-2007-5701 | Incomplete blacklist vulnerability in the Certificate Authority (CA) in IBM Lotus Domino before 7.0.... | S | |
| CVE-2007-5702 | Cross-site scripting (XSS) vulnerability in swamp/action/LoginActions (aka the login box) in the Nov... | | |
| CVE-2007-5703 | Multiple cross-site scripting (XSS) vulnerabilities in (1) Request-spk.xuda and (2) Add-msie-request... | | |
| CVE-2007-5704 | Multiple SQL injection vulnerabilities in CodeWidgets.com Online Event Registration Template allow r... | | |
| CVE-2007-5705 | Unspecified vulnerability in the Settings component in the administration system in Jeebles Director... | | |
| CVE-2007-5706 | Absolute path traversal vulnerability in download.php in Jeebles Directory 2.9.60 allows remote atta... | | |
| CVE-2007-5707 | OpenLDAP before 2.3.39 allows remote attackers to cause a denial of service (slapd crash) via an LDA... | S | |
| CVE-2007-5708 | slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, when running as a proxy-caching... | S | |
| CVE-2007-5709 | Stack-based buffer overflow in Sony SonicStage CONNECT Player (CP) 4.3 allows remote attackers to ex... | E | |
| CVE-2007-5710 | Cross-site scripting (XSS) vulnerability in wp-admin/edit-post-rows.php in WordPress 2.3 allows remo... | S | |
| CVE-2007-5711 | Massive Entertainment World in Conflict 1.001 and earlier allows remote attackers to cause a denial ... | E | |
| CVE-2007-5712 | The internationalization (i18n) framework in Django 0.91, 0.95, 0.95.1, and 0.96, and as used in oth... | S | |
| CVE-2007-5713 | Off-by-one error in the GeoIP module in the AMX Mod X 1.76d plugin for Half-Life Server might allow ... | S | |
| CVE-2007-5714 | The Gentoo ebuild of MLDonkey before 2.9.0-r3 has a p2p user account with an empty default password ... | | |
| CVE-2007-5715 | DenyHosts 2.6 processes OpenSSH sshd "not listed in AllowUsers" log messages with an incorrect regul... | | |
| CVE-2007-5716 | Unspecified vulnerability in the Internet Protocol (IP) functionality in Sun Solaris 10 allows local... | S | |
| CVE-2007-5717 | Unspecified vulnerability in Sun Fire X2100 M2 and X2200 M2 Embedded Lights Out Manager (ELOM) on x8... | S | |
| CVE-2007-5718 | vobcopy 0.5.14 allows local users to append data to an arbitrary file, or create an arbitrary new fi... | | |
| CVE-2007-5719 | SQL injection vulnerability in bb_func_search.php in miniBB 2.1 allows remote attackers to execute a... | E | |
| CVE-2007-5720 | Unrestricted file upload vulnerability in the profiles script in ProfileCMS 1.0 allows remote attack... | E | |
| CVE-2007-5721 | PHP remote file inclusion vulnerability in _theme/breadcrumb.php in MySpacePros MySpace Resource Scr... | E | |
| CVE-2007-5722 | Stack-based buffer overflow in a certain ActiveX control in GLChat.ocx 2.5.1.32 in GlobalLink 2.7.0.... | E | |
| CVE-2007-5723 | Heap-based buffer overflow in the samp_send function in nuauth/sasl.c in NuFW before 2.2.7 allows re... | S | |
| CVE-2007-5724 | Multiple cross-site scripting (XSS) vulnerabilities in Omnistar Live allow remote attackers to injec... | E | |
| CVE-2007-5725 | Multiple cross-site scripting (XSS) vulnerabilities in Smart-Shop allow remote attackers to inject a... | E | |
| CVE-2007-5726 | Unspecified vulnerability in the Stream Control Transmission Protocol (sctp) functionality in Sun So... | S | |
| CVE-2007-5727 | Incomplete blacklist vulnerability in the stripScripts function in common.php in OneOrZero Helpdesk ... | | |
| CVE-2007-5728 | Cross-site scripting (XSS) vulnerability in phpPgAdmin 3.5 to 4.1.1, and possibly 4.1.2, allows remo... | E | |
| CVE-2007-5729 | The NE2000 emulator in QEMU 0.8.2 allows local users to execute arbitrary code by writing Ethernet f... | | |
| CVE-2007-5730 | Heap-based buffer overflow in QEMU 0.8.2, as used in Xen and possibly other products, allows local u... | | |
| CVE-2007-5731 | Absolute path traversal vulnerability in Apache Jakarta Slide 2.1 and earlier allows remote authenti... | E | |
| CVE-2007-5732 | Directory traversal vulnerability in downloadfile.php in eLouai's Force Download of media files scri... | | |
| CVE-2007-5733 | Unrestricted file upload vulnerability in upload/upload.php in Japanese PHP Gallery Hosting, when Op... | E | |
| CVE-2007-5734 | Unrestricted file upload vulnerability in eFileMan 7.1.0.87-88 allows remote attackers to upload arb... | | |
| CVE-2007-5735 | eFileMan 7.1.0.87-88 stores sensitive information under the web root with insufficient access contro... | | |
| CVE-2007-5736 | Unrestricted file upload vulnerability in upload.php in SeeBlick 1.0 Beta allows remote attackers to... | | |
| CVE-2007-5737 | Unrestricted file upload vulnerability in component/upload.jsp in Korean GHBoard allows remote attac... | E | |
| CVE-2007-5738 | The FlashUpload component in Korean GHBoard uses a client-side protection mechanism to prevent uploa... | E | |
| CVE-2007-5739 | Directory traversal vulnerability in component/flashupload/download.jsp in the FlashUpload component... | E | |
| CVE-2007-5740 | The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier ... | S | |
| CVE-2007-5741 | Plone 2.5 through 2.5.4 and 3.0 through 3.0.2 allows remote attackers to execute arbitrary Python co... | S | |
| CVE-2007-5742 | Directory traversal vulnerability in the WML engine preprocessor for Wesnoth 1.2.x before 1.2.8, and... | S | |
| CVE-2007-5743 | viewvc 1.0.3 allows improper access control to files in a repository when using the "forbidden" conf... | E | |
| CVE-2007-5745 | Multiple heap-based buffer overflows in OpenOffice.org before 2.4 allow remote attackers to cause a ... | S | |
| CVE-2007-5746 | Integer overflow in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (... | | |
| CVE-2007-5747 | Integer underflow in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service ... | S | |
| CVE-2007-5751 | Liferea before 1.4.6 uses weak permissions (0644) for the feedlist.opml backup file, which allows lo... | S | |
| CVE-2007-5752 | adduser.php in PHP-AGTC Membership (AGTC-Membership) System 1.1a does not require authentication, wh... | | |
| CVE-2007-5753 | Unspecified vulnerability in Light FMan PHP (lfman or lightfman) before 2.0rc1 has unknown impact an... | S | |
| CVE-2007-5754 | PHP remote file inclusion vulnerability in urlinn_includes/config.php in phpFaber URLInn 2.0.5 allow... | E | |
| CVE-2007-5755 | Multiple stack-based buffer overflows in the AOL AmpX ActiveX control in AmpX.dll 2.6.1.11 in AOL Ra... | S | |
| CVE-2007-5756 | Multiple array index errors in the bpf_filter_init function in NPF.SYS in WinPcap before 4.0.2, when... | S | |
| CVE-2007-5757 | Untrusted search path vulnerability in db2pd in IBM DB2 Universal Database (UDB) 8 before FixPak 16 ... | S | |
| CVE-2007-5758 | Stack-based buffer overflow in db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal... | E | |
| CVE-2007-5759 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6335. Reason: This candida... | R | |
| CVE-2007-5760 | Array index error in the XFree86-Misc extension in X.Org Xserver before 1.4.1 allows context-depende... | S | |
| CVE-2007-5761 | The NantSys device 5.0.0.115 in Motorola netOctopus 5.1.2 build 1011 has weak permissions for the \\... | S | |
| CVE-2007-5762 | NICM.SYS driver 3.0.0.4, as used in Novell NetWare Client 4.91 SP4, allows local users to execute ar... | S | |
| CVE-2007-5763 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-0401. Reason: This candida... | R | |
| CVE-2007-5764 | Buffer overflow in the pioout program in printers.rte in IBM AIX 5.2, 5.3, and 6.1 allows local user... | E | |
| CVE-2007-5766 | SQL injection vulnerability in okxLOV.jsp in Oracle E-Business Suite 11 and 12 allows remote attacke... | | |
| CVE-2007-5767 | Heap-based buffer overflow in the Client Trust application (clntrust.exe) in Novell BorderManager 3.... | S | |
| CVE-2007-5768 | The Globe7 soft phone client 7.3 sends username and password information in cleartext, which allows ... | | |
| CVE-2007-5769 | Double free vulnerability in the getreply function in ftp.c in netkit ftp (netkit-ftp) 0.17 20040614... | E S | |
| CVE-2007-5770 | The (1) Net::ftptls, (2) Net::telnets, (3) Net::imap, (4) Net::pop, and (5) Net::smtp libraries in R... | S | |
| CVE-2007-5771 | Flatnuke 3 (aka FlatnuX) allows remote attackers to obtain administrative access via a myforum%00 co... | E | |
| CVE-2007-5772 | Direct static code injection vulnerability in the download module in Flatnuke 3 allows remote authen... | E | |
| CVE-2007-5773 | Cross-site request forgery (CSRF) vulnerability in index.php in the File Manager module in Flatnuke ... | E | |
| CVE-2007-5774 | index.php in the File Manager module in Flatnuke 3 allows remote attackers to obtain sensitive infor... | E | |
| CVE-2007-5775 | Unspecified vulnerability in BitDefender allows attackers to execute arbitrary code via unspecified ... | | |
| CVE-2007-5776 | Directory traversal vulnerability in igallery.asp in Blue-Collar Productions i-Gallery 3.4 allows re... | | |
| CVE-2007-5777 | Blue-Collar Productions i-Gallery 3.4 stores sensitive information under the web root with insuffici... | | |
| CVE-2007-5778 | Mobile Spy (1) stores login credentials in cleartext under the RetinaxStudios registry key, and (2) ... | | |
| CVE-2007-5779 | Buffer overflow in the GomManager (GomWeb Control) ActiveX control in GomWeb3.dll 1.0.0.12 in Gretec... | E | |
| CVE-2007-5780 | PHP remote file inclusion vulnerability in pub/pub08_comments.php in teatro 1.6 allows remote attack... | E | |
| CVE-2007-5781 | PHP remote file inclusion vulnerability in inc/sige_init.php in Sige 0.1 allows remote attackers to ... | E | |
| CVE-2007-5782 | Directory traversal vulnerability in dl.php in FireConfig 0.5 allows remote attackers to read arbitr... | E | |
| CVE-2007-5783 | SQL injection vulnerability in emc.asp in emagiC CMS.Net 4.0 allows remote attackers to execute arbi... | E | |
| CVE-2007-5784 | PHP remote file inclusion vulnerability in index.php in CaupoShop Pro 2.x allows remote attackers to... | E | |
| CVE-2007-5785 | SQL injection vulnerability in file.php in JobSite Professional 2.0 allows remote attackers to execu... | E | |
| CVE-2007-5786 | Multiple PHP remote file inclusion vulnerabilities in GoSamba 1.0.1 allow remote attackers to execut... | E | |
| CVE-2007-5787 | Micro Login System 1.0 stores sensitive information under the web root with insufficient access cont... | | |
| CVE-2007-5788 | Buffer overflow in the SIP parser on the Grandstream HT-488 0.1 allows remote attackers to cause a d... | | |
| CVE-2007-5789 | The Grandstream HT-488 0.1 allows remote attackers to cause a denial of service (device crash) via a... | | |
| CVE-2007-5790 | The Globe7 soft phone client 7.3 uses weak cryptography (reversed sequence of binary values) for the... | | |
| CVE-2007-5791 | The Vonage Motorola Phone Adapter VT 2142-VD does not properly verify that a SIP INVITE message orig... | | |
| CVE-2007-5792 | The Vonage Motorola Phone Adapter VT 2142-VD does not encrypt RTP packets, which might allow remote ... | | |
| CVE-2007-5793 | Stonesoft StoneGate IPS before 4.0 does not properly decode Fullwidth/Halfwidth Unicode encoded data... | | |
| CVE-2007-5794 | Race condition in nss_ldap, when used in applications that are linked against the pthread library an... | S | |
| CVE-2007-5795 | The hack-local-variables function in Emacs before 22.2, when enable-local-variables is set to :safe,... | | |
| CVE-2007-5796 | Cross-site scripting (XSS) vulnerability in the management console in Blue Coat ProxySG before 4.2.6... | S | |
| CVE-2007-5797 | SQLLoginModule in Apache Geronimo 2.0 through 2.1 does not throw an exception for a nonexistent user... | | |
| CVE-2007-5798 | Multiple cross-site scripting (XSS) vulnerabilities in uddigui/navigateTree.do in the UDDI user cons... | | |
| CVE-2007-5799 | Multiple cross-site request forgery (CSRF) vulnerabilities in uddigui/navigateTree.do in the UDDI us... | | |
| CVE-2007-5800 | Multiple PHP remote file inclusion vulnerabilities in the BackUpWordPress 0.4.2b and earlier plugin ... | E | |
| CVE-2007-5801 | Unspecified vulnerability in WORK system e-commerce before 4.0.2 has unknown impact and attack vecto... | S | |
| CVE-2007-5802 | Directory traversal vulnerability in index.php in Firewolf Technologies Synergiser 1.2 RC1 and earli... | E | |
| CVE-2007-5803 | Multiple cross-site scripting (XSS) vulnerabilities in CGI programs in Nagios before 2.12 might allo... | E | |
| CVE-2007-5804 | cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the "-p" option to swcons, ... | S | |
| CVE-2007-5805 | cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the "-p" option to swcons, ... | S | |
| CVE-2007-5806 | Cross-site scripting (XSS) vulnerability in Services/Utilities/classes/class.ilUtil.php in ILIAS 3.8... | S | |
| CVE-2007-5807 | Buffer overflow in the register function in Ultra Star Reader ActiveX control in SSReader allows rem... | | |
| CVE-2007-5808 | Unspecified vulnerability in the Groupmax Collaboration - Schedule component in Hitachi Groupmax Col... | S | |
| CVE-2007-5809 | Cross-site scripting (XSS) vulnerability in Hitachi Web Server 01-00 through 03-10, as used by certa... | | |
| CVE-2007-5810 | Hitachi Web Server 01-00 through 03-00-01, as used by certain Cosminexus products, does not properly... | S | |
| CVE-2007-5811 | Directory traversal vulnerability in PageTraiteDownload.php in phpMyConferences 8.0.2 and earlier al... | E | |
| CVE-2007-5812 | Directory traversal vulnerability in modules/Builder/DownloadModule.php in ModuleBuilder 1.0 allows ... | E | |
| CVE-2007-5813 | Multiple directory traversal vulnerabilities in download.php in ISPworker 1.21 allow remote attacker... | E | |
| CVE-2007-5814 | Multiple buffer overflows in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control before 2... | E | |
| CVE-2007-5815 | Absolute path traversal vulnerability in the WebCacheCleaner ActiveX control 1.3.0.3 in SonicWall SS... | E | |
| CVE-2007-5816 | dialog.php in CONTENTCustomizer 3.1mp and earlier allows remote attackers to obtain sensitive author... | E | |
| CVE-2007-5817 | dialog.php in CONTENTCustomizer 3.1mp and earlier allows remote attackers to perform certain privile... | | |
| CVE-2007-5818 | Cross-site request forgery (CSRF) vulnerability in blocks_edit_do.php in sBlog 0.7.3 Beta allows rem... | | |
| CVE-2007-5819 | IBM Tivoli Continuous Data Protection for Files (CDP) 3.1.0 uses weak permissions (unrestricted writ... | | |
| CVE-2007-5820 | Directory traversal vulnerability in index.php in Ax Developer CMS (AxDCMS) 0.1.1 allows remote atta... | E | |
| CVE-2007-5821 | Multiple directory traversal vulnerabilities in DM Guestbook 0.4.1 and earlier allow remote attacker... | E | |
| CVE-2007-5822 | Direct static code injection vulnerability in forum.php in Ben Ng Scribe 0.2 and earlier allows remo... | E | |
| CVE-2007-5823 | Directory traversal vulnerability in forum.php in Ben Ng Scribe 0.2 and earlier allows remote attack... | E | |
| CVE-2007-5824 | webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to cause a... | E | |
| CVE-2007-5825 | Format string vulnerability in the ws_addarg function in webserver.c in mt-dappd in Firefly Media Se... | | |
| CVE-2007-5826 | Absolute path traversal vulnerability in the EDraw Flowchart ActiveX control in EDImage.ocx 2.0.2005... | E | |
| CVE-2007-5827 | iSCSI Enterprise Target (iscsitarget) 0.4.15 uses weak permissions for /etc/ietd.conf, which allows ... | | |
| CVE-2007-5828 | Cross-site request forgery (CSRF) vulnerability in the admin panel in Django 0.96 allows remote atta... | | |
| CVE-2007-5829 | The Disk Mount scanner in Symantec AntiVirus for Macintosh 9.x and 10.x, Norton AntiVirus for Macint... | | |
| CVE-2007-5830 | Unspecified vulnerability in the administrative interface in Avaya Messaging Storage Server (MSS) 3.... | S | |
| CVE-2007-5831 | Directory traversal vulnerability in fileSystem.do in SSL-Explorer before 0.2.14 allows remote attac... | S | |
| CVE-2007-5832 | Unspecified vulnerability in selectLanguage.do in SSL-Explorer before 0.2.15 allows remote attackers... | | |
| CVE-2007-5833 | Multiple cross-site scripting (XSS) vulnerabilities in BosDev BosMarket Business Directory System al... | | |
| CVE-2007-5834 | Cross-site scripting (XSS) vulnerability in BosDev BosNews 4 allows remote attackers to inject arbit... | | |
| CVE-2007-5835 | Install.php in BosDev BosNews 4 and 5 does not require authentication for replacing an existing prod... | | |
| CVE-2007-5836 | SQL injection vulnerability in Amazing Flash AFCommerce allows remote attackers to execute arbitrary... | | |
| CVE-2007-5837 | GUI.pm in yarssr 0.2.2, when Gnome default URL handling is disabled, allows remote attackers to exec... | E | |
| CVE-2007-5838 | Aclient in Symantec Altiris Deployment Solution 6.x before 6.8.380.0 allows local users to gain loca... | S | |
| CVE-2007-5839 | The e_hostname function in commands.c in BitchX 1.1a allows local users to overwrite arbitrary files... | | |
| CVE-2007-5840 | PHP remote file inclusion vulnerability in starnet/themes/c-sky/main.inc.php in Fred Stuurman Syndeo... | E | |
| CVE-2007-5841 | PHP remote file inclusion vulnerability in admin/index.php in nuBoard 0.5 allows remote attackers to... | E | |
| CVE-2007-5842 | Multiple PHP remote file inclusion vulnerabilities in Vortex Portal 1.0.42 allow remote attackers to... | E | |
| CVE-2007-5843 | PHP remote file inclusion vulnerability in includes/common.php in scWiki 1.0 Beta 2 allows remote at... | E | |
| CVE-2007-5844 | Directory traversal vulnerability in inc/includes.inc in GuppY 4.6.3 allows remote attackers to incl... | E | |
| CVE-2007-5845 | Directory traversal vulnerability in error.php in GuppY 4.6.3, 4.5.16, and earlier allows remote att... | E | |
| CVE-2007-5846 | The SNMP agent (snmp_agent.c) in net-snmp before 5.4.1 allows remote attackers to cause a denial of ... | S | |
| CVE-2007-5847 | Race condition in the CFURLWriteDataAndPropertiesToResource API in Core Foundation in Apple Mac OS X... | | |
| CVE-2007-5848 | Buffer overflow in CUPS in Apple Mac OS X 10.4.11 allows local admin users to execute arbitrary code... | | |
| CVE-2007-5849 | Integer underflow in the asn1_get_string function in the SNMP back end (backend/snmp.c) for CUPS 1.2... | | |
| CVE-2007-5850 | Heap-based buffer overflow in Desktop Services in Apple Mac OS X 10.4.11 allows user-assisted attack... | | |
| CVE-2007-5851 | iChat in Apple Mac OS X 10.4.11 allows network-adjacent remote attackers to automatically initiate a... | | |
| CVE-2007-5853 | Unspecified vulnerability in IO Storage Family in Apple Mac OS X 10.4.11 allows user-assisted attack... | | |
| CVE-2007-5854 | Launch Services in Apple Mac OS X 10.4.11 and 10.5.1 does not treat HTML files as unsafe content, wh... | | |
| CVE-2007-5855 | Mail in Apple Mac OS X 10.4.11 and 10.5.1, when an SMTP account has been set up using Account Assist... | | |
| CVE-2007-5856 | Quick Look Apple Mac OS X 10.5.1, when previewing an HTML file, does not prevent plug-ins from makin... | | |
| CVE-2007-5857 | Quick Look in Apple Mac OS X 10.5.1 does not prevent a movie from accessing URLs when the movie file... | | |
| CVE-2007-5858 | WebKit in Safari in Apple Mac OS X 10.4.11 and 10.5.1, iPhone 1.0 through 1.1.2, and iPod touch 1.1 ... | | |
| CVE-2007-5859 | Unspecified vulnerability in Safari RSS in Apple Mac OS X 10.4.11 allows remote attackers to cause a... | | |
| CVE-2007-5860 | Unspecified vulnerability in Spin Tracer in Apple Mac OS X 10.5.1 allows local users to execute arbi... | | |
| CVE-2007-5861 | Unspecified vulnerability in Spotlight in Apple Mac OS X 10.4.11 allows user-assisted attackers to c... | | |
| CVE-2007-5862 | Java in Mac OS X 10.4 through 10.4.11 allows remote attackers to bypass Keychain access controls and... | E S | |
| CVE-2007-5863 | Software Update in Apple Mac OS X 10.5.1 allows remote attackers to execute arbitrary commands via a... | | |
| CVE-2007-5887 | SQL injection vulnerability in boards/printer.asp in ASP Message Board 2.2.1c allows remote attacker... | E | |
| CVE-2007-5888 | Cross-site scripting (XSS) vulnerability in displayecard.php in Coppermine Photo Gallery (CPG) befor... | S | |
| CVE-2007-5889 | Multiple PHP remote file inclusion vulnerabilities in IDMOS 1.0 Alpha (aka Phoenix) allow remote att... | | |
| CVE-2007-5890 | Directory traversal vulnerability in index.php in easyGB 2.1.1 allows remote attackers to include ar... | | |
| CVE-2007-5891 | Multiple cross-site scripting (XSS) vulnerabilities in jsp/Login.do in ManageEngine OpManager MSP Ed... | | |
| CVE-2007-5892 | Stack-based buffer overflow in the pdg2.dll ActiveX control in SSReader 4.0 and earlier allow remote... | | |
| CVE-2007-5893 | HTTPSocket.cpp in the C++ Sockets Library before 2.2.5 allows remote attackers to cause a denial of ... | S | |
| CVE-2007-5894 | The reply function in ftpd.c in the gssftp ftpd in MIT Kerberos 5 (krb5) does not initialize the len... | | |
| CVE-2007-5896 | Mozilla Firefox 2.0.0.9 allows remote attackers to cause a denial of service (CPU consumption and cr... | | |
| CVE-2007-5897 | Buffer overflow in MDSYS.SDO_CS in Oracle Database Server 8iR3, 9iR1, 9iR2 up to 9.2.0.6, and 10gR1 ... | | |
| CVE-2007-5898 | The (1) htmlentities and (2) htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte... | S | |
| CVE-2007-5899 | The output_add_rewrite_var function in PHP before 5.2.5 rewrites local forms in which the ACTION att... | | |
| CVE-2007-5900 | PHP before 5.2.5 allows local users to bypass protection mechanisms configured through php_admin_val... | S | |
| CVE-2007-5901 | Use-after-free vulnerability in the gss_indicate_mechs function in lib/gssapi/mechglue/g_initialize.... | E S | |
| CVE-2007-5902 | Integer overflow in the svcauth_gss_get_principal function in lib/rpc/svc_auth_gss.c in MIT Kerberos... | E | |
| CVE-2007-5904 | Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and earlier allows remote attackers to ... | | |
| CVE-2007-5905 | Adobe ColdFusion 8 and MX 7 allows remote attackers to hijack sessions via unspecified vectors that ... | S | |
| CVE-2007-5906 | Xen 3.1.1 allows virtual guest system users to cause a denial of service (hypervisor crash) by using... | S | |
| CVE-2007-5907 | Xen 3.1.1 does not prevent modification of the CR4 TSC from applications, which allows pv guests to ... | | |
| CVE-2007-5908 | Rejected reason: Buffer overflow in the (1) sysfs_show_available_clocksources and (2) sysfs_show_cur... | R | |
| CVE-2007-5909 | Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView Viewer, Filter, and Expo... | S | |
| CVE-2007-5910 | Stack-based buffer overflow in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK bef... | S | |
| CVE-2007-5911 | Multiple stack-based buffer overflows in the AxMetaStream ActiveX control in AxMetaStream.dll 3.3.2.... | E | |
| CVE-2007-5912 | SQL injection vulnerability in mailer.php in jPORTAL 2 allows remote attackers to execute arbitrary ... | E | |
| CVE-2007-5913 | dirsys/modules/auth.php in JBC Explorer 7.20 RC1 and earlier does not require authentication, which ... | E | |
| CVE-2007-5914 | Direct static code injection vulnerability in dirsys/modules/config/post.php in JBC Explorer 7.20 RC... | E | |
| CVE-2007-5915 | Directory traversal vulnerability in index.php in phphelpdesk 0.6.16 allows remote attackers to incl... | | |
| CVE-2007-5916 | SQL injection vulnerability in the login page in phphelpdesk 0.6.16 allows remote attackers to execu... | | |
| CVE-2007-5917 | Cross-site request forgery (CSRF) vulnerability in admin/admin_account.php in Skalinks 1.5 and earli... | | |
| CVE-2007-5918 | Cross-site request forgery (CSRF) vulnerability in edit.php in the MS TopSites add-on for PHP-Nuke d... | | |
| CVE-2007-5919 | MyWebFTP, possibly 5.3.2, stores sensitive information under the web root with insufficient access c... | | |
| CVE-2007-5920 | index.php in Domenico Mancini PicoFlat CMS before 0.4.18 allows remote attackers to include certain ... | | |
| CVE-2007-5921 | Unspecified vulnerability in the ioctl interface in the Solaris Volume Manager (SVM) in Sun Solaris ... | S | |
| CVE-2007-5922 | The modules/mdop.m in the Cypress 1.0k script for BitchX, as downloaded from a distribution site in ... | | |
| CVE-2007-5923 | Cross-site scripting (XSS) vulnerability in forms/smpwservices.fcc in CA (formerly Computer Associat... | | |
| CVE-2007-5924 | Cross-site scripting (XSS) vulnerability in the Web Server (HTTP) task in IBM Lotus Domino before 6.... | | |
| CVE-2007-5925 | The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB engine in MySQL 5.1.23-BK... | | |
| CVE-2007-5926 | OpenBase 10.0.5 and earlier allows remote authenticated users to execute arbitrary commands via shel... | E | |
| CVE-2007-5927 | Directory traversal vulnerability in OpenBase 10.0.5 and earlier allows remote authenticated users t... | E | |
| CVE-2007-5928 | OpenBase 10.0.5 and earlier allows remote authenticated users to trigger a free of an arbitrary memo... | E | |
| CVE-2007-5929 | Buffer overflow in OpenBase 10.0.5 and earlier might allow remote authenticated users to execute arb... | E | |
| CVE-2007-5930 | Cross-site scripting (XSS) vulnerability in the web interface in Cerberus FTP Server before 2.46 all... | S | |
| CVE-2007-5931 | The reDirect function in lib/controllers/RepViewController.php in OrangeHRM before 2.2.2 does not ve... | S | |
| CVE-2007-5932 | Multiple cross-site scripting (XSS) vulnerabilities in Fatwire Content Server (CS) CMS 6.3.0 allow r... | | |
| CVE-2007-5933 | Pioneers (formerly gnocatan) before 0.11.3 allows remote attackers to cause a denial of service (cra... | S | |
| CVE-2007-5934 | The LOB functionality in PEAR MDB2 before 2.5.0a1 interprets a request to store a URL string as a re... | | |
| CVE-2007-5935 | Stack-based buffer overflow in hpc.c in dvips in teTeX and TeXlive 2007 and earlier allows user-assi... | E | |
| CVE-2007-5936 | dvips in teTeX and TeXlive 2007 and earlier allows local users to obtain sensitive information and m... | | |
| CVE-2007-5937 | Multiple buffer overflows in dvi2xx.c in dviljk in teTeX and TeXlive 2007 and earlier might allow us... | | |
| CVE-2007-5938 | The iwl_set_rate function in compatible/iwl3945-base.c in iwlwifi 1.1.21 and earlier dereferences an... | E | |
| CVE-2007-5939 | The gss_userok function in appl/ftp/ftpd/gss_userok.c in Heimdal 0.7.2 does not allocate memory for ... | | |
| CVE-2007-5940 | feynmf.pl in feynmf 1.08, as used in TeXLive 2007, allows local users to overwrite arbitrary files a... | | |
| CVE-2007-5941 | Stack-based buffer overflow in the SWCtl.SWCtl ActiveX control in Adobe Shockwave allows remote atta... | E | |
| CVE-2007-5942 | Bandersnatch 0.4 allows remote attackers to obtain sensitive information via a malformed request for... | | |
| CVE-2007-5943 | Simple Machines Forum (SMF) 1.1.4 allows remote attackers to read a message in private forums by usi... | | |
| CVE-2007-5944 | Cross-site scripting (XSS) vulnerability in Servlet Engine / Web Container in IBM WebSphere Applicat... | | |
| CVE-2007-5945 | USVN before 0.6.5 allows remote attackers to obtain a list of repository contents via unspecified ve... | S | |
| CVE-2007-5946 | Unspecified vulnerability in the Aries PA-RISC emulator on HP-UX B.11.23 and B.11.31 on the IA-64 pl... | S | |
| CVE-2007-5947 | The jar protocol handler in Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 retrieves the... | | |
| CVE-2007-5948 | Multiple cross-site scripting (XSS) vulnerabilities in main.php in SF-Shoutbox 1.2.1 through 1.4 all... | | |
| CVE-2007-5949 | Cross-site scripting (XSS) vulnerability in IBM Tivoli Service Desk 6.2 allows remote authenticated ... | | |
| CVE-2007-5950 | Cross-site scripting (XSS) vulnerability in NetCommons before 1.0.11, and 1.1.x before 1.1.2, allows... | | |
| CVE-2007-5951 | SQL injection vulnerability in articles.php in E-Vendejo 0.2 allows remote attackers to execute arbi... | | |
| CVE-2007-5952 | Cross-site scripting (XSS) vulnerability in admin/index.php in Helios Calendar 1.2.1 Beta allows rem... | E | |
| CVE-2007-5953 | Unspecified vulnerability in Really Simple CalDAV Store (RSCDS) before 0.9.0 allows attackers to obt... | | |
| CVE-2007-5954 | Cross-site scripting (XSS) vulnerability in buscador.php in JLMForo System allows remote attackers t... | E | |
| CVE-2007-5955 | Cross-site scripting (XSS) vulnerability in updir.php in UPDIR.NET before 2.04 allows remote attacke... | S | |
| CVE-2007-5956 | Directory traversal vulnerability in IBM Informix Dynamic Server (IDS) before 10.00.xC7W1 allows loc... | S | |
| CVE-2007-5957 | Unspecified vulnerability in IBM Informix Dynamic Server (IDS) 10.00.TC3TL and 11.10.TB4TL on Window... | S | |
| CVE-2007-5958 | X.Org Xserver before 1.4.1 allows local users to determine the existence of arbitrary files via a fi... | E S | |
| CVE-2007-5959 | Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 a... | S | |
| CVE-2007-5960 | Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 sets the Referer header to the window or ... | | |
| CVE-2007-5961 | Cross-site scripting (XSS) vulnerability in the Red Hat Network channel search feature, as used in R... | | |
| CVE-2007-5962 | Memory leak in a certain Red Hat patch, applied to vsftpd 2.0.5 on Red Hat Enterprise Linux (RHEL) 5... | E S | |
| CVE-2007-5963 | Unspecified vulnerability in kdebase allows local users to cause a denial of service (KDM login inac... | | |
| CVE-2007-5964 | The default configuration of autofs 5 in some Linux distributions, such as Red Hat Enterprise Linux ... | E | |
| CVE-2007-5965 | QSslSocket in Trolltech Qt 4.3.0 through 4.3.2 does not properly verify SSL certificates, which migh... | S | |
| CVE-2007-5966 | Integer overflow in the hrtimer_start function in kernel/hrtimer.c in the Linux kernel before 2.6.23... | S | |
| CVE-2007-5967 | A flaw in Mozilla's embedded certificate code might allow web sites to install root certificates on ... | | |
| CVE-2007-5968 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6313. Reason: this candida... | R | |
| CVE-2007-5969 | MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x befo... | E S | |
| CVE-2007-5970 | MySQL 5.1.x before 5.1.23 and 6.0.x before 6.0.4 allows remote authenticated users to gain privilege... | | |
| CVE-2007-5971 | Double free vulnerability in the gss_krb5int_make_seal_token_v3 function in lib/gssapi/krb5/k5sealv3... | S | |
| CVE-2007-5972 | Double free vulnerability in the krb5_def_store_mkey function in lib/kdb/kdb_default.c in MIT Kerber... | | |
| CVE-2007-5973 | SQL injection vulnerability in articles.php in JPortal 2.3.1 and earlier allows remote attackers to ... | E | |
| CVE-2007-5974 | SQL injection vulnerability in mailer.php in JPortal 2 allows remote attackers to execute arbitrary ... | E | |
| CVE-2007-5975 | SQL injection vulnerability in index.php in TBSource, as used in (1) TBDev and (2) TorrentStrike 0.4... | | |
| CVE-2007-5976 | SQL injection vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticat... | S | |
| CVE-2007-5977 | Cross-site scripting (XSS) vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remot... | S | |
| CVE-2007-5978 | SQL injection vulnerability in brokenlink.php in the mylinks module for XOOPS allows remote attacker... | | |
| CVE-2007-5979 | Cross-site scripting (XSS) vulnerability in download_plugin.php3 in F5 Firepass 4100 SSL VPN 5.4 thr... | S | |
| CVE-2007-5980 | Cross-site scripting (XSS) vulnerability in home/rss.php in eggblog before 3.1.1 allows remote attac... | S | |
| CVE-2007-5981 | Lantronix SCS3200 does not properly handle public-key requests, which allows remote attackers to cau... | | |
| CVE-2007-5982 | Multiple cross-site scripting (XSS) vulnerabilities in X7 Chat 2.0.4, 2.0.5, and possibly other vers... | E | |
| CVE-2007-5983 | Cross-site scripting (XSS) vulnerability in index.php in Justin Hagstrom AutoIndex PHP Script before... | S | |
| CVE-2007-5984 | classes/Url.php in Justin Hagstrom AutoIndex PHP Script before 2.2.4 allows remote attackers to caus... | S | |
| CVE-2007-5985 | Multiple cross-site scripting (XSS) vulnerabilities in BtiTracker before 1.4.5 allow remote attacker... | S | |
| CVE-2007-5986 | SQL injection vulnerability in include/functions.php in BtiTracker before 1.4.5 allows remote attack... | | |
| CVE-2007-5987 | details.php in BtiTracker before 1.4.5, when torrent viewing is disabled for guests, allows remote a... | S | |
| CVE-2007-5988 | blocks/shoutbox_block.php in BtiTracker 1.4.4 does not verify user accounts, which allows remote att... | S | |
| CVE-2007-5989 | Unspecified vulnerability in the skype4com URI handler in Skype before 3.6 GOLD allows remote attack... | | |
| CVE-2007-5990 | Cross-site scripting (XSS) vulnerability in ExoPHPdesk allows remote attackers to inject arbitrary w... | | |
| CVE-2007-5991 | SQL injection vulnerability in index.php in ExoPHPdesk allows remote attackers to execute arbitrary ... | | |
| CVE-2007-5992 | SQL injection vulnerability in index.php in datecomm Social Networking Script (aka Myspace Clone Scr... | E | |
| CVE-2007-5993 | Cross-site scripting (XSS) vulnerability in Visionary Technology in Library Solutions (VTLS) vtls.we... | | |
| CVE-2007-5994 | PHP remote file inclusion vulnerability in check_noimage.php in Fritz Berger yet another php photo a... | | |
| CVE-2007-5995 | PHP remote file inclusion vulnerability in examples/patExampleGen/bbcodeSource.php in patBBcode 1.0 ... | E | |
| CVE-2007-5996 | SQL injection vulnerability in searchresult.php in Softbiz Link Directory Script allows remote attac... | E | |
| CVE-2007-5997 | SQL injection vulnerability in campaign_stats.php in Softbiz Banner Exchange Network Script 1.0 allo... | E | |
| CVE-2007-5998 | SQL injection vulnerability in ads.php in Softbiz Ad Management plus Script 1 allows remote authenti... | E | |
| CVE-2007-5999 | SQL injection vulnerability in product_desc.php in Softbiz Auctions Script allows remote attackers t... | E |