| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2007-6000 | KDE Konqueror 3.5.6 and earlier allows remote attackers to cause a denial of service (crash) via lar... | E | |
| CVE-2007-6001 | Multiple cross-site scripting (XSS) vulnerabilities in index.php in Bandersnatch 0.4 allow remote at... | | |
| CVE-2007-6002 | Cross-site scripting (XSS) vulnerability in Fenriru (1) Sleipnir 2.5.17 R2 and earlier and (2) Grani... | S | |
| CVE-2007-6003 | Cross-site scripting (XSS) vulnerability in cgi/b/ic/connect in the Thomson SpeedTouch 716 with firm... | | |
| CVE-2007-6004 | Multiple SQL injection vulnerabilities in index.php in Toko Instan 7.6 allow remote attackers to exe... | E | |
| CVE-2007-6005 | Unspecified vulnerability in the GpcContainer.GpcContainer.1 ActiveX control in WebEx allows remote ... | | |
| CVE-2007-6006 | TestLink before 1.7.1 does not enforce an unspecified authorization mechanism, which has unknown imp... | S | |
| CVE-2007-6007 | Integer overflow in the ID_PSP.apl plug-in for ACD ACDSee Photo Manager 9.0 build 108, Pro Photo Man... | S | |
| CVE-2007-6008 | Heap-based buffer overflow in emlsr.dll before 2.0.0.4 in Autonomy (formerly Verity) KeyView Viewer,... | S | |
| CVE-2007-6009 | Multiple buffer overflows in ACD products allow user-assisted remote attackers to execute arbitrary ... | | |
| CVE-2007-6010 | Unspecified vulnerability in pioneers (formerly gnocatan) 0.11.3 allows remote attackers to cause a ... | | |
| CVE-2007-6011 | Unspecified vulnerability in main.php of BugHotel Reservation System before 4.9.9 P3 allows remote a... | S | |
| CVE-2007-6012 | SQL injection vulnerability in SearchR.asp in DocuSafe 4.1.0 and 4.1.2 allows remote attackers to ex... | | |
| CVE-2007-6013 | Wordpress 1.5 through 2.3.1 uses cookie values based on the MD5 hash of a password MD5 hash, which a... | E | |
| CVE-2007-6014 | SQL injection vulnerability in post.php in Beehive Forum 0.7.1 and earlier allows remote attackers t... | S | |
| CVE-2007-6015 | Stack-based buffer overflow in the send_mailslot function in nmbd in Samba 3.0.0 through 3.0.27a, wh... | S | |
| CVE-2007-6016 | Multiple stack-based buffer overflows in the PVATLCalendar.PVCalendar.1 ActiveX control in pvcalenda... | E S | |
| CVE-2007-6017 | The PVATLCalendar.PVCalendar.1 ActiveX control in pvcalendar.ocx in the scheduler component in the M... | | |
| CVE-2007-6018 | IMP Webmail Client 4.1.5, Horde Application Framework 3.1.5, and Horde Groupware Webmail Edition 1.0... | S | |
| CVE-2007-6019 | Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows remote attackers to execu... | E S | |
| CVE-2007-6020 | Multiple stack-based buffer overflows in foliosr.dll in the Folio Flat File speed reader in Autonomy... | | |
| CVE-2007-6021 | Heap-based buffer overflow in Adobe PageMaker 7.0.1 and 7.0.2 allows user-assisted remote attackers ... | S | |
| CVE-2007-6025 | Stack-based buffer overflow in driver_wext.c in wpa_supplicant 0.6.0 and earlier allows remote attac... | S | |
| CVE-2007-6026 | Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used ... | | |
| CVE-2007-6027 | PHP remote file inclusion vulnerability in admin.jjgallery.php in the Carousel Flash Image Gallery (... | E | |
| CVE-2007-6028 | Multiple stack-based buffer overflows in the VSFlexGrid.VSFlexGridL ActiveX control in ComponentOne ... | | |
| CVE-2007-6029 | Unspecified vulnerability in ClamAV 0.91.1 and 0.91.2 allows remote attackers to execute arbitrary c... | | |
| CVE-2007-6030 | Unspecified vulnerability in Weird Solutions BOOTPTurbo 1.2 has unknown impact and remote attack vec... | | |
| CVE-2007-6031 | Unspecified vulnerability in VanDyke VShell 3.0.1 allows remote attackers to cause a denial of servi... | | |
| CVE-2007-6032 | SQL injection vulnerability in calendar/page.asp in Aleris Web Publishing Server 3.0 allows remote a... | E | |
| CVE-2007-6033 | Invensys Wonderware InTouch 8.0 creates a NetDDE share with insecure permissions (Everyone/Full Cont... | | |
| CVE-2007-6034 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6062. Reason: This candida... | R | |
| CVE-2007-6035 | SQL injection vulnerability in graph.php in Cacti before 0.8.7a allows remote attackers to execute a... | S | |
| CVE-2007-6036 | The parseRTSPRequestString function in LIVE555 Media Server 2007.11.01 and earlier allows remote att... | E | |
| CVE-2007-6037 | Cross-site scripting (XSS) vulnerability in ws/generic_api_call.pl in Citrix NetScaler 8.0 build 47.... | | |
| CVE-2007-6038 | PHP remote file inclusion vulnerability in xajax_functions.php in the JUser (com_juser) 1.0.14 compo... | E | |
| CVE-2007-6039 | PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service (application c... | | |
| CVE-2007-6040 | The Belkin F5D7230-4 Wireless G Router allows remote attackers to cause a denial of service (degrade... | | |
| CVE-2007-6041 | Buffer overflow in the Sequencer::queueMessage function in sequencer.cpp in the server in Rigs of Ro... | E S | |
| CVE-2007-6042 | PHP remote file inclusion vulnerability in fehler.inc.php in SWSoft Confixx Professional 3.2.1 allow... | | |
| CVE-2007-6043 | The CryptGenRandom function in Microsoft Windows 2000 generates predictable values, which makes it e... | | |
| CVE-2007-6044 | Multiple unspecified vulnerabilities in IBM WebSphere MQ 6.0 have unknown impact and remote attack v... | | |
| CVE-2007-6045 | Unspecified vulnerability in (1) DB2WATCH and (2) DB2FREEZE in IBM DB2 UDB 9.1 before Fixpak 4 has u... | S | |
| CVE-2007-6046 | Unspecified vulnerability in unspecified setuid programs in IBM DB2 UDB 9.1 before Fixpak 4 allows l... | S | |
| CVE-2007-6047 | Unspecified vulnerability in the DB2DART tool in IBM DB2 UDB 9.1 before Fixpak 4 allows attackers to... | S | |
| CVE-2007-6048 | IBM DB2 UDB 9.1 before Fixpak 4 uses incorrect permissions on ACLs for DB2NODES.CFG, which has unkno... | S | |
| CVE-2007-6049 | Unspecified vulnerability in the SSL LOAD GSKIT action in IBM DB2 UDB 9.1 before Fixpak 4 has unknow... | S | |
| CVE-2007-6050 | Unspecified vulnerability in DB2LICD in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attac... | S | |
| CVE-2007-6051 | IBM DB2 UDB 9.1 before Fixpak 4 assigns incorrect privileges to the (1) DB2ADMNS and (2) DB2USERS al... | S | |
| CVE-2007-6052 | IBM DB2 UDB 9.1 before Fixpak 4 does not properly perform vector aggregation, which might allow atta... | S | |
| CVE-2007-6053 | IBM DB2 UDB 9.1 before Fixpak 4 does not properly handle use of large numbers of file descriptors, w... | S | |
| CVE-2007-6054 | Cross-site scripting (XSS) vulnerability in the login page in the management interface in the Aruba ... | | |
| CVE-2007-6055 | Cross-site scripting (XSS) vulnerability in c/portal/login in Liferay Portal 4.1.0 and 4.1.1 allows ... | | |
| CVE-2007-6056 | frame.html in Aida-Web (Aida Web) allows remote attackers to bypass a protection mechanism and obtai... | E | |
| CVE-2007-6057 | PHP remote file inclusion vulnerability in index.php in datecomm Social Networking Script (aka Myspa... | E | |
| CVE-2007-6058 | Multiple SQL injection vulnerabilities in index.php in ProfileCMS 1.0 and earlier allow remote attac... | E | |
| CVE-2007-6059 | Javamail does not properly handle a series of invalid login attempts in which the same e-mail addres... | E | |
| CVE-2007-6060 | AhnLab Antivirus 3 Internet Security 2008 Platinum appends data to a filename string at a location i... | | |
| CVE-2007-6061 | Audacity 1.3.2 creates a temporary directory with a predictable name without checking for previous e... | E S | |
| CVE-2007-6062 | irc-channel.c in ngIRCd before 0.10.3 allows remote attackers to cause a denial of service (crash) v... | | |
| CVE-2007-6063 | Buffer overflow in the isdn_net_setcfg function in isdn_net.c in Linux kernel 2.6.23 allows local us... | | |
| CVE-2007-6067 | Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used ... | E S | |
| CVE-2007-6070 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-1382. Reason: This candidate... | R | |
| CVE-2007-6077 | The session fixation protection mechanism in cgi_process.rb in Rails 1.2.4, as used in Ruby on Rails... | S | |
| CVE-2007-6078 | Multiple SQL injection vulnerabilities in SkyPortal RC6 allow remote attackers to execute arbitrary ... | E | |
| CVE-2007-6079 | Directory traversal vulnerability in include/common.php in bcoos 1.0.10 allows remote attackers to i... | E | |
| CVE-2007-6080 | SQL injection vulnerability in modules/banners/click.php in the banners module for bcoos 1.0.10 allo... | E | |
| CVE-2007-6081 | AdventNet EventLog Analyzer build 4030 for Windows, and possibly other versions and platforms, insta... | | |
| CVE-2007-6082 | Direct static code injection vulnerability in acp/savenews.php in Sciurus Hosting Panel, possibly 2.... | E | |
| CVE-2007-6083 | SQL injection vulnerability in admin/index.php in IceBB 1.0-rc6 allows remote attackers to execute a... | E | |
| CVE-2007-6084 | SQL injection vulnerability in software-description.php in HotScripts Clone Script allows remote att... | E | |
| CVE-2007-6085 | Multiple cross-site scripting (XSS) vulnerabilities in index.php in VigileCMS 1.4 allow remote attac... | E | |
| CVE-2007-6086 | Directory traversal vulnerability in index.php in VigileCMS 1.4 allows remote attackers to include a... | E | |
| CVE-2007-6087 | Cross-site request forgery (CSRF) vulnerability in index.php in VigileCMS 1.4 allows remote attacker... | E | |
| CVE-2007-6088 | PHP remote file inclusion vulnerability in includes/functions_mod_user.php in phpBBViet 02.03.07 and... | E | |
| CVE-2007-6089 | PHP remote file inclusion vulnerability in index.php in meBiblio 0.4.5 allows remote attackers to ex... | E | |
| CVE-2007-6090 | Cross-site scripting (XSS) vulnerability in index.php in Nuked-Klan 1.7.5 allows remote attackers to... | E | |
| CVE-2007-6091 | Multiple SQL injection vulnerabilities in files/login.asp in JiRo's Banner System (JBS) 2.0, and pos... | E | |
| CVE-2007-6092 | Buffer overflow in libsrtp in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 has unknown im... | | |
| CVE-2007-6093 | The SRTP implementation in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 allows remote att... | | |
| CVE-2007-6094 | The IPsec module in the VPN component in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 all... | | |
| CVE-2007-6095 | The SIP component in Ingate Firewall before 4.6.0 and SIParator before 4.6.0, when Remote NAT Traver... | | |
| CVE-2007-6096 | Ingate Firewall before 4.6.0 and SIParator before 4.6.0 use cleartext storage for passwords of "admi... | | |
| CVE-2007-6097 | Unspecified vulnerability in the ICMP implementation in Ingate Firewall before 4.6.0 and SIParator b... | | |
| CVE-2007-6098 | Ingate Firewall before 4.6.0 and SIParator before 4.6.0 do not log truncated (1) ICMP, (2) UDP, and ... | | |
| CVE-2007-6099 | Unspecified vulnerability in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 might leave "me... | | |
| CVE-2007-6100 | Cross-site scripting (XSS) vulnerability in libraries/auth/cookie.auth.lib.php in phpMyAdmin before ... | S | |
| CVE-2007-6101 | Ability Mail Server before 2.61 allows remote authenticated users to cause a denial of service (daem... | S | |
| CVE-2007-6102 | Cross-site scripting (XSS) vulnerability in Feed to JavaScript (Feed2JS) 1.91 allows remote attacker... | | |
| CVE-2007-6103 | I Hear U (IHU) 0.5.6 and earlier allows remote attackers to cause (1) a denial of service (infinite ... | E S | |
| CVE-2007-6104 | Cross-site scripting (XSS) vulnerability in the Instant Web Publishing feature in FileMaker Pro 7 an... | | |
| CVE-2007-6105 | Multiple PHP remote file inclusion vulnerabilities in TalkBack 2.2.7 allow remote attackers to execu... | E | |
| CVE-2007-6106 | SQL injection vulnerability in index.php in AlstraSoft E-Friends 4.98 and earlier allows remote atta... | E | |
| CVE-2007-6109 | Stack-based buffer overflow in emacs allows user-assisted attackers to cause a denial of service (ap... | | |
| CVE-2007-6110 | Cross-site scripting (XSS) vulnerability in htsearch in htdig 3.2.0b6 allows remote attackers to inj... | | |
| CVE-2007-6111 | Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) allow remote attackers to caus... | S | |
| CVE-2007-6112 | Buffer overflow in the PPP dissector Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to... | S | |
| CVE-2007-6113 | Integer signedness error in the DNP3 dissector in Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 al... | E S | |
| CVE-2007-6114 | Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attack... | S | |
| CVE-2007-6115 | Buffer overflow in the ANSI MAP dissector for Wireshark (formerly Ethereal) 0.99.5 to 0.99.6, when r... | S | |
| CVE-2007-6116 | The Firebird/Interbase dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to ... | S | |
| CVE-2007-6117 | Unspecified vulnerability in the HTTP dissector for Wireshark (formerly Ethereal) 0.10.14 to 0.99.6 ... | S | |
| CVE-2007-6118 | The MEGACO dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to ca... | S | |
| CVE-2007-6119 | The DCP ETSI dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a de... | S | |
| CVE-2007-6120 | The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to 0.99.6 allows remote attackers t... | S | |
| CVE-2007-6121 | Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers to cause a denial of service ... | S | |
| CVE-2007-6122 | The default_encrypt function in encrypt.c in IRC Services before 5.0.63, and 5.1.x before 5.1.7, all... | S | |
| CVE-2007-6123 | Unspecified vulnerability in IRC Services 5.1.8 has unknown impact and attack vectors.... | S | |
| CVE-2007-6124 | Cross-site scripting (XSS) vulnerability in signin.php in Softbiz Freelancers Script 1 allows remote... | E | |
| CVE-2007-6125 | SQL injection vulnerability in search_form.php in Softbiz Freelancers Script 1 allows remote attacke... | E | |
| CVE-2007-6126 | Multiple cross-site scripting (XSS) vulnerabilities in project alumni 1.0.9 and earlier allow remote... | E | |
| CVE-2007-6127 | Multiple SQL injection vulnerabilities in project alumni 1.0.9 and earlier allow remote attackers to... | E | |
| CVE-2007-6128 | SQL injection vulnerability in events.php in WorkingOnWeb 2.0.1400 allows remote attackers to execut... | E | |
| CVE-2007-6129 | Directory traversal vulnerability in scripts/include/show_content.php in Amber Script 1.0 allows rem... | E S | |
| CVE-2007-6130 | gnump3d 2.9final does not apply password protection to its plugins, which might allow remote attacke... | | |
| CVE-2007-6131 | buttonpressed.sh in scanbuttond 0.2.3 allows local users to overwrite arbitrary files via a symlink ... | E | |
| CVE-2007-6132 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi... | R | |
| CVE-2007-6133 | PHP remote file inclusion vulnerability in admin/kfm/initialise.php in DevMass Shopping Cart 1.0 and... | E | |
| CVE-2007-6134 | SQL injection vulnerability in pkinc/public/article.php in PHPKIT 1.6.4pl1 allows remote attackers t... | E S | |
| CVE-2007-6135 | Cross-site scripting (XSS) vulnerability in phpslideshow.php in PHPSlideShow 0.9.9.2, and possibly e... | E | |
| CVE-2007-6136 | Multiple cross-site scripting (XSS) vulnerabilities in index.php in M2Scripts MySpace Scripts Poll C... | | |
| CVE-2007-6137 | SQL injection vulnerability in news.php in Content Injector 1.52 allows remote attackers to execute ... | E | |
| CVE-2007-6138 | SQL injection vulnerability in redir.asp in VU Mass Mailer allows remote attackers to execute arbitr... | | |
| CVE-2007-6139 | PHP remote file inclusion vulnerability in index.php in Mp3 ToolBox 1.0 beta 5 allows remote attacke... | E | |
| CVE-2007-6140 | Multiple SQL injection vulnerabilities in Dora Emlak 2.0 allow remote attackers to execute arbitrary... | E | |
| CVE-2007-6141 | Cross-site scripting (XSS) vulnerability in vBTube.php in vBTube 1.1 Beta allows remote attackers to... | | |
| CVE-2007-6142 | Multiple cross-site scripting (XSS) vulnerabilities in ph03y3nk just another flat file (JAF) CMS 4.0... | | |
| CVE-2007-6143 | SQL injection vulnerability in default.asp (aka the Login Page) in VU Case Manager allows remote att... | E | |
| CVE-2007-6144 | Heap-based buffer overflow in the PPlayer.XPPlayer.1 ActiveX control in pplayer.dll_1_work in Xunlei... | E | |
| CVE-2007-6145 | Unspecified vulnerability in Hitachi JP1/File Transmission Server/FTP 01-00 through 08-10-01 allows ... | S | |
| CVE-2007-6146 | Hitachi JP1/File Transmission Server/FTP 01-00 through 08-10-02 on Windows might allow remote attack... | | |
| CVE-2007-6147 | Multiple PHP remote file inclusion vulnerabilities in IAPR COMMENCE 1.3 allow remote attackers to ex... | E | |
| CVE-2007-6148 | Use-after-free vulnerability in the Edge server in Adobe Flash Media Server 2 before 2.0.5, and Conn... | S | |
| CVE-2007-6149 | Multiple integer overflows in the Edge server in Adobe Flash Media Server 2 before 2.0.5, and Connec... | S | |
| CVE-2007-6150 | The "internal state tracking" code for the random and urandom devices in FreeBSD 5.5, 6.1 through 6.... | S | |
| CVE-2007-6151 | The isdn_ioctl function in isdn_common.c in Linux kernel 2.6.23 allows local users to cause a denial... | | |
| CVE-2007-6156 | Multiple cross-site scripting (XSS) vulnerabilities in base_qry_main.php in Base Analysis and Securi... | S | |
| CVE-2007-6157 | Cross-site scripting (XSS) vulnerability in index.php in SimpleGallery 0.1.3 allows remote attackers... | E | |
| CVE-2007-6158 | Multiple SQL injection vulnerabilities in caladmin.inc.php in Proverbs Web Calendar 1.1 and earlier ... | | |
| CVE-2007-6159 | SQL injection vulnerability in index.php in Tilde CMS 4.x and earlier allows remote attackers to exe... | | |
| CVE-2007-6160 | Cross-site scripting (XSS) vulnerability in index.php in Tilde CMS 4.x and earlier allows remote att... | | |
| CVE-2007-6161 | index.php in Tilde CMS 4.x and earlier allows remote attackers to obtain sensitive information via a... | | |
| CVE-2007-6162 | Cross-site scripting (XSS) vulnerability in index.php in FMDeluxe 2.1.0 allows remote attackers to i... | | |
| CVE-2007-6163 | SQL injection vulnerability in admin/index2.asp in GOUAE DWD Realty allows remote attackers to execu... | | |
| CVE-2007-6164 | Multiple SQL injection vulnerabilities in Eurologon CMS allow remote attackers to execute arbitrary ... | E | |
| CVE-2007-6165 | Mail in Apple Mac OS X Leopard (10.5.1) allows user-assisted remote attackers to execute arbitrary c... | E | |
| CVE-2007-6166 | Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows ... | E | |
| CVE-2007-6167 | Untrusted search path vulnerability in yast2-core in SUSE Linux might allow local users to execute a... | | |
| CVE-2007-6168 | SQL injection vulnerability in default.asp in VU Case Manager allows remote attackers to execute arb... | | |
| CVE-2007-6169 | SQL injection vulnerability in admin/index2.asp in GOUAE DWD Realty allows remote attackers to execu... | | |
| CVE-2007-6170 | SQL injection vulnerability in the Call Detail Record Postgres logging engine (cdr_pgsql) in Asteris... | S | |
| CVE-2007-6171 | SQL injection vulnerability in the Postgres Realtime Engine (res_config_pgsql) in Asterisk 1.4.x bef... | S | |
| CVE-2007-6172 | Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote attackers to execute arbitrary SQL... | E | |
| CVE-2007-6173 | Cross-site scripting (XSS) vulnerability in c/portal/login in Liferay Enterprise Portal 4.3.1 allows... | E | |
| CVE-2007-6174 | PHPDevShell before 0.7.0 allows remote authenticated users to gain privileges via a crafted request ... | S | |
| CVE-2007-6175 | Buffer overflow in Lhaplus 1.55 and earlier allows remote attackers to execute arbitrary code via a ... | S | |
| CVE-2007-6176 | kb_whois.cgi in K+B-Bestellsystem (aka KB-Bestellsystem) allows remote attackers to execute arbitrar... | E | |
| CVE-2007-6177 | PHP remote file inclusion vulnerability in Exchange/include.php in PHP_CON 1.3 allows remote attacke... | E | |
| CVE-2007-6178 | Multiple PHP remote file inclusion vulnerabilities in Easy Hosting Control Panel for Ubuntu (EHCP) 0... | E | |
| CVE-2007-6179 | Multiple PHP remote file inclusion vulnerabilities in Charray's CMS 0.9.3 allow remote attackers to ... | E | |
| CVE-2007-6180 | Race condition in the Remote Procedure Call kernel module (rpcmod) in Sun Solaris 8 through 10 allow... | E S | |
| CVE-2007-6181 | Heap-based buffer overflow in cygwin1.dll in Cygwin 1.5.7 and earlier allows context-dependent attac... | E S | |
| CVE-2007-6182 | The responder program in ISPsystem ISPmanager (aka ISPmgr) 4.2.15.1 allows local users to gain privi... | E | |
| CVE-2007-6183 | Format string vulnerability in the mdiag_initialize function in gtk/src/rbgtkmessagedialog.c in Ruby... | E | |
| CVE-2007-6184 | Directory traversal vulnerability in index.php in Project Alumni 1.0.9 allows remote attackers to in... | E S | |
| CVE-2007-6185 | Directory traversal vulnerability in users/files.php in Eurologon CMS allows remote attackers to rea... | E | |
| CVE-2007-6186 | Unspecified vulnerability in PHPDevShell before 0.7.0 has unknown impact and attack vectors, involvi... | S | |
| CVE-2007-6187 | Multiple directory traversal vulnerabilities in PHP Content Architect (aka NoAh) 0.9 pre 1.2 and ear... | E | |
| CVE-2007-6188 | Multiple directory traversal vulnerabilities in TuMusika Evolution 1.7R5 allow remote attackers to i... | E | |
| CVE-2007-6189 | A certain ActiveX control in (1) OScan8.ocx and (2) Oscan81.ocx in BitDefender Online Anti-Virus Sca... | E S | |
| CVE-2007-6190 | The HTTP daemon in the Cisco Unified IP Phone, when the Extension Mobility feature is enabled, allow... | | |
| CVE-2007-6191 | Multiple PHP remote file inclusion vulnerabilities in Armin Burger p.mapper 3.2.0 beta3 allow remote... | E | |
| CVE-2007-6192 | The web management interface in Citrix NetScaler 8.0 build 47.8 uses weak encryption (XOR of unpadde... | | |
| CVE-2007-6193 | The web management interface in Citrix NetScaler 8.0 build 47.8 stores the device's primary IP addre... | | |
| CVE-2007-6194 | Unspecified vulnerability in HP Select Identity 4.01 before 4.01.012 and 4.1x before 4.13.003 allows... | | |
| CVE-2007-6195 | Buffer overflow in the sw_rpc_agent_init function in swagentd in Software Distributor (SD), and poss... | S | |
| CVE-2007-6196 | Cross-site scripting (XSS) vulnerability in util.php in Calacode @Mail before 5.2 allows remote atta... | | |
| CVE-2007-6197 | The Plumtree portal in BEA AquaLogic Interaction 5.0.2 through 5.0.4 and 6.0.1.218452 allows remote ... | E S | |
| CVE-2007-6198 | portal/server.pt in the Plumtree portal in BEA AquaLogic Interaction 5.0.2 through 5.0.4 and 6.0.1.2... | E S | |
| CVE-2007-6199 | rsync before 3.0.0pre6, when running a writable rsync daemon that is not using chroot, allows remote... | S | |
| CVE-2007-6200 | Unspecified vulnerability in rsync before 3.0.0pre6, when running a writable rsync daemon, allows re... | S | |
| CVE-2007-6201 | Unspecified vulnerability in Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows attackers t... | S | |
| CVE-2007-6202 | SQL injection vulnerability in plugins/search/search.php in Neocrome Seditio CMS 121 and earlier all... | E S | |
| CVE-2007-6203 | Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP r... | E | |
| CVE-2007-6204 | Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7... | E S | |
| CVE-2007-6205 | Cross-site scripting (XSS) vulnerability in the remote RSS sidebar plugin (serendipity_plugin_remote... | E S | |
| CVE-2007-6206 | The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly... | | |
| CVE-2007-6207 | Xen 3.x, possibly before 3.1.2, when running on IA64 systems, does not check the RID value for mov_t... | S | |
| CVE-2007-6208 | sylprint.pl in claws mail tools (claws-mail-tools) allows local users to overwrite arbitrary files v... | | |
| CVE-2007-6209 | Util/difflog.pl in zsh 4.3.4 allows local users to overwrite arbitrary files via a symlink attack on... | | |
| CVE-2007-6210 | zabbix_agentd 1.1.4 in ZABBIX before 1.4.3 runs "UserParameter" scripts with gid 0, which might allo... | S | |
| CVE-2007-6211 | Send ICMP Nasty Garbage (sing) on Debian GNU/Linux allows local users to append to arbitrary files a... | E | |
| CVE-2007-6212 | Directory traversal vulnerability in region.php in KML share 1.1 allows remote attackers to read arb... | E | |
| CVE-2007-6213 | Multiple directory traversal vulnerabilities in mod/chat/index.php in WebED 0.0.9 allow remote attac... | E | |
| CVE-2007-6214 | Directory traversal vulnerability in include/file_download.php in LearnLoop 2.0 beta7 allows remote ... | E | |
| CVE-2007-6215 | Multiple directory traversal vulnerabilities in play.php in Web-MeetMe 3.0.3 allow remote attackers ... | E | |
| CVE-2007-6216 | Race condition in the Fibre Channel protocol (fcp) driver and Devices filesystem (devfs) in Sun Sola... | S | |
| CVE-2007-6217 | Multiple SQL injection vulnerabilities in login.asp in Irola My-Time (aka Timesheet) 3.5 allow remot... | E | |
| CVE-2007-6218 | Multiple PHP remote file inclusion vulnerabilities in Ossigeno CMS 2.2 pre1 allow remote attackers t... | E | |
| CVE-2007-6219 | Cross-site scripting (XSS) vulnerability in IBM Tivoli Netcool Security Manager 1.3.0 allows remote ... | S | |
| CVE-2007-6220 | typespeed before 0.6.4 allows remote attackers to cause a denial of service (application crash) via ... | S | |
| CVE-2007-6221 | TuMusika Evolution 1.7R5 allows remote attackers to obtain configuration information via a direct re... | | |
| CVE-2007-6222 | The CheckCustomerAccess function in functions.php in CRM-CTT Interleave before 4.2.0 (formerly CRM-C... | S | |
| CVE-2007-6223 | SQL injection vulnerability in garage.php in phpBB Garage 1.2.0 Beta3 allows remote attackers to exe... | E | |
| CVE-2007-6224 | The RealNetworks RealAudioObjects.RealAudio ActiveX control in rmoc3260.dll, as shipped with RealPla... | E | |
| CVE-2007-6225 | Unspecified vulnerability in Sun Solaris 10, when 64bit mode is used on the x86 platform, allows loc... | | |
| CVE-2007-6226 | The American Power Conversion (APC) AP7932 0u 30amp Switched Rack Power Distribution Unit (PDU), wit... | | |
| CVE-2007-6227 | QEMU 0.9.0 allows local users of a Windows XP SP2 guest operating system to overwrite the Translatio... | | |
| CVE-2007-6228 | Stack-based buffer overflow in the Helper class in the yt.ythelper.2 ActiveX control in Yahoo! Toolb... | E | |
| CVE-2007-6229 | PHP remote file inclusion vulnerability in common/classes/class_HeaderHandler.lib.php in Rayzz Scrip... | E | |
| CVE-2007-6230 | Directory traversal vulnerability in common/classes/class_HeaderHandler.lib.php in Rayzz Script 2.0 ... | E | |
| CVE-2007-6231 | Multiple PHP remote file inclusion vulnerabilities in tellmatic 1.0.7 allow remote attackers to exec... | E | |
| CVE-2007-6232 | Cross-site scripting (XSS) vulnerability in index.php in FTP Admin 0.1.0 allows remote attackers to ... | E | |
| CVE-2007-6233 | Directory traversal vulnerability in index.php in FTP Admin 0.1.0 allows remote authenticated users ... | E | |
| CVE-2007-6234 | index.php in FTP Admin 0.1.0 allows remote attackers to bypass authentication and obtain administrat... | E | |
| CVE-2007-6235 | A certain ActiveX control in RealNetworks RealPlayer 11 allows remote attackers to cause a denial of... | E | |
| CVE-2007-6236 | Microsoft Windows Media Player (WMP) allows remote attackers to cause a denial of service (applicati... | E | |
| CVE-2007-6237 | cp.php in DeluxeBB 1.09 does not verify that the membercookie parameter corresponds to the authentic... | | |
| CVE-2007-6238 | Unspecified vulnerability in Apple QuickTime 7.2 on Windows XP allows remote attackers to execute ar... | | |
| CVE-2007-6239 | The "cache update reply processing" functionality in Squid 2.x before 2.6.STABLE17 and Squid 3.0 all... | E S | |
| CVE-2007-6240 | SQL injection vulnerability in active.asp in Snitz Forums 2000 3.4.06 allows remote attackers to exe... | E | |
| CVE-2007-6241 | Multiple unspecified vulnerabilities in Beehive Forum 0.7.1 have unknown "critical" impact and attac... | S | |
| CVE-2007-6242 | Unspecified vulnerability in Adobe Flash Player 9.0.48.0 and earlier might allow remote attackers to... | | |
| CVE-2007-6243 | Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 does not sufficien... | | |
| CVE-2007-6244 | Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Player 9.x up to 9.0.48.0 and 8.x... | | |
| CVE-2007-6245 | Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 allows remote atta... | | |
| CVE-2007-6246 | Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0, when running on L... | | |
| CVE-2007-6247 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2007-6249 | etc-update in Portage before 2.1.3.11 on Gentoo Linux relies on the umask to set permissions for the... | E | |
| CVE-2007-6250 | Stack-based buffer overflow in AOL AOLMediaPlaybackControl (AOLMediaPlaybackControl.exe), as used by... | | |
| CVE-2007-6252 | Multiple stack-based buffer overflows in the Learn2 Corporation STRunner (aka Street Technologies) A... | | |
| CVE-2007-6253 | Multiple buffer overflows in Adobe Form Designer 5.0 and Form Client 5.0 allow remote attackers to e... | S | |
| CVE-2007-6254 | Stack-based buffer overflow in the SAP Business Objects BusinessObjects RptViewerAX ActiveX control ... | E S | |
| CVE-2007-6255 | Buffer overflow in the Microsoft HeartbeatCtl ActiveX control in HRTBEAT.OCX allows remote attackers... | | |
| CVE-2007-6256 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2007-6258 | Multiple stack-based buffer overflows in the legacy mod_jk2 2.0.3-DEV and earlier Apache module allo... | E S | |
| CVE-2007-6260 | The installation process for Oracle 10g and llg uses accounts with default passwords, which allows r... | | |
| CVE-2007-6261 | Integer overflow in the load_threadstack function in the Mach-O loader (mach_loader.c) in the xnu ke... | E | |
| CVE-2007-6262 | A certain ActiveX control in axvlc.dll in VideoLAN VLC 0.8.6 before 0.8.6d allows remote attackers t... | E S | |
| CVE-2007-6263 | The dataconn function in ftpd.c in netkit ftpd (netkit-ftpd) 0.17, when certain modifications to sup... | E | |
| CVE-2007-6265 | Unspecified vulnerability in avast! 4 Home and Professional Editions before 4.7.1098 allows remote a... | E S | |
| CVE-2007-6266 | Multiple SQL injection vulnerabilities in bcoos 1.0.10 and earlier allow remote attackers to execute... | E | |
| CVE-2007-6267 | Citrix EdgeSight 4.2 and 4.5 for Presentation Server, EdgeSight 4.2 and 4.5 for Endpoints, and EdgeS... | E S | |
| CVE-2007-6268 | Directory traversal vulnerability in pages/default.aspx in Absolute News Manager.NET 5.1 allows remo... | E S | |
| CVE-2007-6269 | Multiple SQL injection vulnerabilities in xlaabsolutenm.aspx in Absolute News Manager.NET 5.1 allow ... | E S | |
| CVE-2007-6270 | Multiple cross-site scripting (XSS) vulnerabilities in Absolute News Manager.NET 5.1 allow remote at... | E S | |
| CVE-2007-6271 | Absolute News Manager.NET 5.1 allows remote attackers to obtain sensitive information via a direct r... | E S | |
| CVE-2007-6272 | Multiple SQL injection vulnerabilities in index.php in Joomla! 1.5 RC3 allow remote attackers to exe... | E | |
| CVE-2007-6273 | Multiple format string vulnerabilities in the configuration file in SonicWALL GLobal VPN Client 3.1.... | E | |
| CVE-2007-6274 | Multiple cross-site scripting (XSS) vulnerabilities in modules/ecal/display.php in the Event Calenda... | E | |
| CVE-2007-6275 | SQL injection vulnerability in modules/adresses/ratefile.php in bcoos 1.0.10 and earlier allows remo... | E | |
| CVE-2007-6276 | The accept_connections function in the virtual private network daemon (vpnd) in Apple Mac OS X 10.5 ... | E | |
| CVE-2007-6277 | Multiple buffer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1 allow user-assist... | S | |
| CVE-2007-6278 | Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1 allows user-assisted remote attackers to force... | S | |
| CVE-2007-6279 | Multiple double free vulnerabilities in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1 allow ... | S | |
| CVE-2007-6281 | Heap-based buffer overflow in Open File Manager service (ofmnt.exe) in St. Bernard Open File Manager... | | |
| CVE-2007-6282 | The IPsec implementation in Linux kernel before 2.6.25 allows remote routers to cause a denial of se... | E | |
| CVE-2007-6283 | Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key file with world-readable permis... | | |
| CVE-2007-6284 | The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a d... | S | |
| CVE-2007-6285 | The default configuration for autofs 5 (autofs5) in some Linux distributions, such as Red Hat Enterp... | | |
| CVE-2007-6286 | Apache Tomcat 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15, when the native APR connector is used,... | | |
| CVE-2007-6287 | Cross-site scripting (XSS) vulnerability in the login page in Lxlabs HyperVM 2.0 allows remote attac... | E | |
| CVE-2007-6288 | Multiple SQL injection vulnerabilities in TCExam before 5.1.000 allow remote attackers to execute ar... | S | |
| CVE-2007-6289 | Multiple PHP remote file inclusion vulnerabilities in SerWeb 2.0.0 dev1 and earlier allow remote att... | E | |
| CVE-2007-6290 | Multiple directory traversal vulnerabilities in js/get_js.php in SERWeb 2.0.0 dev1 and earlier allow... | E | |
| CVE-2007-6291 | SQL injection vulnerability in abm.aspx in Xigla Absolute Banner Manager .NET 4.0 allows remote atta... | | |
| CVE-2007-6292 | SQL injection vulnerability in leggi_commenti.asp in MWOpen 1.4 and earlier allows remote attackers ... | E | |
| CVE-2007-6293 | Multiple unspecified vulnerabilities in IBM Hardware Management Console (HMC) 6 R1.3 allow attackers... | | |
| CVE-2007-6294 | Multiple unspecified vulnerabilities in IBM Hardware Management Console (HMC) 3 R3.7 allow attackers... | S | |
| CVE-2007-6295 | Cross-site scripting (XSS) vulnerability in the WebRunMenuFrame page in the online meeting center te... | | |
| CVE-2007-6296 | PHP remote file inclusion vulnerability in users_popupL.php3 in phpMyChat 0.14.5 allows remote attac... | | |
| CVE-2007-6297 | Multiple cross-site scripting (XSS) vulnerabilities in PHPMyChat 0.14.5 allow remote attackers to in... | E | |
| CVE-2007-6298 | Cross-site scripting (XSS) vulnerability in the Shoutbox module for Drupal 5.x before Shoutbox 5.x-1... | E S | |
| CVE-2007-6299 | Multiple SQL injection vulnerabilities in Drupal and vbDrupal 4.7.x before 4.7.9 and 5.x before 5.4 ... | S | |
| CVE-2007-6300 | Cross-site request forgery (CSRF) vulnerability in Fusion News 3.9.0 allows remote attackers to perf... | | |
| CVE-2007-6301 | Cross-site scripting (XSS) vulnerability in compose.php in OpenNewsletter 2.5 and earlier allows rem... | | |
| CVE-2007-6302 | Multiple heap-based buffer overflows in avirus.exe in Novell NetMail 3.5.2 before Messaging Architec... | S | |
| CVE-2007-6303 | MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the DEFINER ... | E | |
| CVE-2007-6304 | The federated engine in MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4, whe... | E | |
| CVE-2007-6305 | Multiple unspecified vulnerabilities in IBM Hardware Management Console (HMC) 7 R3.2.0 allow attacke... | S | |
| CVE-2007-6306 | Multiple cross-site scripting (XSS) vulnerabilities in the image map feature in JFreeChart 1.0.8 all... | E S | |
| CVE-2007-6307 | Multiple cross-site scripting (XSS) vulnerabilities in clickstats.php in wwwstats 3.21 allow remote ... | E S | |
| CVE-2007-6308 | Cross-site scripting (XSS) vulnerability in HttpLogger 0.8.1 allows remote attackers to inject arbit... | | |
| CVE-2007-6309 | Multiple cross-site scripting (XSS) vulnerabilities in index.php in webSPELL 4.1.2 allow remote atta... | E | |
| CVE-2007-6310 | Multiple cross-site scripting (XSS) vulnerabilities in Falt4Extreme RC4 10.9.2007 allow remote attac... | E S | |
| CVE-2007-6311 | SQL injection vulnerability in (1) index.php, and possibly (2) admin/index.php, in Falt4Extreme RC4 ... | E S | |
| CVE-2007-6312 | Cross-site scripting (XSS) vulnerability in the logon page in Web Reporting Tools portal in Websense... | S | |
| CVE-2007-6313 | MySQL Server 5.1.x before 5.1.23 and 6.0.x before 6.0.4 does not check the rights of the entity exec... | | |
| CVE-2007-6314 | BarracudaDrive Web Server before 3.8 allows remote attackers to read the source code for web scripts... | E S | |
| CVE-2007-6315 | Group Chat in BarracudaDrive Web Server before 3.8 allows remote authenticated users to cause a deni... | E S | |
| CVE-2007-6316 | Cross-site scripting (XSS) vulnerability in BarracudaDrive Web Server before 3.8 allows remote attac... | E S | |
| CVE-2007-6317 | Multiple directory traversal vulnerabilities in BarracudaDrive Web Server before 3.8 allow (1) remot... | E S | |
| CVE-2007-6318 | SQL injection vulnerability in wp-includes/query.php in WordPress 2.3.1 and earlier allows remote at... | E | |
| CVE-2007-6319 | Multiple unspecified vulnerabilities in Lyris ListManager 8.x before 8.95d, 9.2 before 9.2c, and 9.3... | S | |
| CVE-2007-6320 | Feature 4.7.x-dev and 5.x-dev before 20071206, a Drupal module, does not follow Drupal's Forms API s... | S | |
| CVE-2007-6321 | Cross-site scripting (XSS) vulnerability in RoundCube webmail 0.1rc2, 2007-12-09, and earlier versio... | E | |
| CVE-2007-6322 | Directory traversal vulnerability in filedownload.php in xml2owl 0.1.1 allows remote attackers to re... | E | |
| CVE-2007-6323 | Multiple directory traversal vulnerabilities in MMS Gallery PHP 1.0 allow remote attackers to read a... | E | |
| CVE-2007-6324 | PHP remote file inclusion vulnerability in head.php in CityWriter 0.9.7 allows remote attackers to e... | E | |
| CVE-2007-6325 | PHP remote file inclusion vulnerability in adminbereich/designconfig.php in Fastpublish CMS 1.9999 a... | E | |
| CVE-2007-6326 | Sergey Lyubka Simple HTTPD (shttpd) 1.3 on Windows allows remote attackers to cause a denial of serv... | E | |
| CVE-2007-6327 | Buffer overflow in a certain ActiveX control in Online Media Technologies AVSMJPEGFILE.DLL 1.1.1.102... | E | |
| CVE-2007-6328 | DOSBox 0.72 and earlier allows local users to obtain access to the filesystem on the host operating ... | | |
| CVE-2007-6329 | Microsoft Office 2007 12.0.6015.5000 and MSO 12.0.6017.5000 do not sign the metadata of Office Open ... | | |
| CVE-2007-6330 | Meridian Prolog Manager 2007, and 7.5 and earlier, sends all usernames and passwords to the client i... | | |
| CVE-2007-6331 | Absolute path traversal vulnerability in the HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0... | E | |
| CVE-2007-6332 | The HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center (hpinfoc... | E | |
| CVE-2007-6333 | The HPInfoDLL.HPInfo.1 ActiveX control in HPInfoDLL.dll 1.0, as shipped with HP Info Center (hpinfoc... | E | |
| CVE-2007-6334 | Ingres 2.5 and 2.6 on Windows, as used in multiple CA products and possibly other products, assigns ... | S | |
| CVE-2007-6335 | Integer overflow in libclamav in ClamAV before 0.92 allows remote attackers to execute arbitrary cod... | E | |
| CVE-2007-6336 | Off-by-one error in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a craft... | S | |
| CVE-2007-6337 | Unspecified vulnerability in the bzip2 decompression algorithm in nsis/bzlib_private.h in ClamAV bef... | S | |
| CVE-2007-6338 | SQL injection vulnerability in userlogin.jsp in Trivantis CourseMill Enterprise Learning Management ... | E | |
| CVE-2007-6339 | The Akamai Download Manager (aka DLM or dlmanager) ActiveX control (DownloadManagerV2.ocx) before 2.... | S | |
| CVE-2007-6340 | Geert Moernaut LSrunasE 1.0 and Supercrypt 1.0 use the RC4 stream cipher without constructing a uniq... | S | |
| CVE-2007-6341 | Net/DNS/RR/A.pm in Net::DNS 0.60 build 654, as used in packages such as SpamAssassin and OTRS, allow... | E | |
| CVE-2007-6342 | SQL injection vulnerability in the David Castro AuthCAS module (AuthCAS.pm) 0.4 for the Apache HTTP ... | | |
| CVE-2007-6343 | Cross-site scripting (XSS) vulnerability in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, an... | S | |
| CVE-2007-6344 | Directory traversal vulnerability in modules/cms/index.php in Mcms Easy Web Make 1.3, allows remote ... | E | |
| CVE-2007-6345 | SQL injection vulnerability in aurora framework before 20071208 allows remote attackers to execute a... | S | |
| CVE-2007-6346 | Cross-site scripting (XSS) vulnerability in Rainboard before 2.10 allows remote attackers to inject ... | | |
| CVE-2007-6347 | PHP remote file inclusion vulnerability in blocks/block_site_map.php in ViArt (1) CMS 3.3.2, (2) Hel... | E | |
| CVE-2007-6348 | SquirrelMail 1.4.11 and 1.4.12, as distributed on sourceforge.net before 20071213, has been external... | | |
| CVE-2007-6349 | P4Webs.exe in Perforce P4Web 2006.2 and earlier, when running on Windows, allows remote attackers to... | S | |
| CVE-2007-6350 | scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execut... | | |
| CVE-2007-6351 | libexif 0.6.16 and earlier allows context-dependent attackers to cause a denial of service (infinite... | S | |
| CVE-2007-6352 | Integer overflow in libexif 0.6.16 and earlier allows context-dependent attackers to execute arbitra... | | |
| CVE-2007-6353 | Integer overflow in exif.cpp in exiv2 library allows context-dependent attackers to execute arbitrar... | | |
| CVE-2007-6354 | Unspecified vulnerability in exiftags before 1.01 has unknown impact and attack vectors, resulting f... | | |
| CVE-2007-6355 | Integer overflow in exiftags before 1.01 has unknown impact and attack vectors, resulting from a "fi... | | |
| CVE-2007-6356 | exiftags before 1.01 allows attackers to cause a denial of service (infinite loop) via recursive IFD... | | |
| CVE-2007-6357 | Stack-based buffer overflow in Microsoft Office Access allows remote, user-assisted attackers to exe... | | |
| CVE-2007-6358 | pdftops.pl before 1.20 in alternate pdftops filter allows local users to overwrite arbitrary files v... | E | |
| CVE-2007-6359 | The cs_validate_page function in bsd/kern/ubc_subr.c in the xnu kernel 1228.0 and earlier in Apple M... | E | |
| CVE-2007-6360 | Unspecified vulnerability in the Sun eXtended System Control Facility (XSCF) Control Package (XCP) f... | S | |
| CVE-2007-6361 | Gekko 0.8.2 and earlier stores sensitive information under the web root with possibly insufficient a... | | |
| CVE-2007-6362 | SQL injection vulnerability in index.php in the RSGallery (com_rsgallery) 2.0 beta 5 and earlier com... | E | |
| CVE-2007-6363 | IBM Tivoli Netcool Security Manager 1.3.0 before Interim Fix 1, when using Active Directory (AD) LDA... | | |
| CVE-2007-6364 | Cross-site scripting (XSS) vulnerability in modificarPerfil.php in JLMForo System allows remote auth... | | |
| CVE-2007-6365 | Cross-site scripting (XSS) vulnerability in modules/ecal/display.php in the Event Calendar in bcoos ... | | |
| CVE-2007-6366 | Multiple SQL injection vulnerabilities in SineCMS 2.3.4 and earlier allow remote attackers to execut... | E | |
| CVE-2007-6367 | Multiple cross-site scripting (XSS) vulnerabilities in the guestbook in SineCMS 2.3.4 and earlier al... | E | |
| CVE-2007-6368 | Directory traversal vulnerability in index.php in ezContents 1.4.5 allows remote attackers to read a... | E | |
| CVE-2007-6369 | Multiple directory traversal vulnerabilities in resize.php in the PictPress 0.91 and earlier plugin ... | E | |
| CVE-2007-6370 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-5583. Reason: This candida... | R | |
| CVE-2007-6371 | Nokia N95 cell phone with RM-159 12.0.013 firmware allows remote attackers to cause a denial of serv... | E | |
| CVE-2007-6372 | Unspecified vulnerability in Juniper JUNOS 7.3 through 8.4 allows remote attackers to cause a denial... | | |
| CVE-2007-6373 | Multiple SQL injection vulnerabilities in GestDown 1.00 Beta allow remote attackers to execute arbit... | E | |
| CVE-2007-6374 | Multiple cross-site scripting (XSS) vulnerabilities in Bitweaver 2.0.0 and earlier allow remote atta... | E | |
| CVE-2007-6375 | Multiple SQL injection vulnerabilities in Bitweaver 2.0.0 and earlier allow remote attackers to exec... | E | |
| CVE-2007-6376 | Directory traversal vulnerability in autohtml.php in Francisco Burzi PHP-Nuke 8.0 allows remote atta... | E | |
| CVE-2007-6377 | Stack-based buffer overflow in the PassThru functionality in ext.dll in BadBlue 2.72b and earlier al... | E | |
| CVE-2007-6378 | Directory traversal vulnerability in upload.dll in BadBlue 2.72b and earlier allows remote attackers... | E | |
| CVE-2007-6379 | BadBlue 2.72b and earlier allows remote attackers to obtain sensitive information via an invalid bro... | E | |
| CVE-2007-6380 | Multiple SQL injection vulnerabilities in e-Xoops (exoops) 1.08, and 1.05 Rev 1 through 3, allow rem... | E | |
| CVE-2007-6381 | SQL injection vulnerability in the indexed_search system extension in TYPO3 3.x, 4.0 through 4.0.7, ... | S | |
| CVE-2007-6382 | The Event Dispatch Thread in Robocode before 1.5.1 allows remote attackers to execute arbitrary Java... | S | |
| CVE-2007-6383 | The DAV component in Chandler Server (Cosmo) before 0.10.1 does not check resource creation permissi... | | |
| CVE-2007-6384 | Unspecified vulnerability in the Image Converter functionality in BEA WebLogic Mobility Server 3.3, ... | S | |
| CVE-2007-6385 | The proxy server in Kerio WinRoute Firewall before 6.4.1 does not properly enforce authentication fo... | S | |
| CVE-2007-6386 | Stack-based buffer overflow in PccScan.dll before build 1451 in Trend Micro AntiVirus plus AntiSpywa... | S | |
| CVE-2007-6387 | Multiple stack-based buffer overflows in the awApi4.AnswerWorks.1 ActiveX control in awApi4.dll 4.0.... | E S | |
| CVE-2007-6388 | Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6... | S | |
| CVE-2007-6389 | The notify feature in GNOME screensaver (gnome-screensaver) 2.20.0 might allow local users to read t... | | |
| CVE-2007-6390 | Cross-site request forgery (CSRF) vulnerability in the mycalendar plugin before 0.13 for Serendipity... | | |
| CVE-2007-6391 | SQL injection vulnerability in patch/comments.php in SH-News 3.0 allows remote attackers to execute ... | E | |
| CVE-2007-6392 | SQL injection vulnerability in DWdirectory 2.1 and earlier allows remote attackers to execute arbitr... | E | |
| CVE-2007-6393 | SQL injection vulnerability in albums.php in Ace Image Hosting Script allows remote authenticated us... | E | |
| CVE-2007-6394 | SQL injection vulnerability in index.php in Content Injector 1.53 allows remote attackers to execute... | E | |
| CVE-2007-6395 | Flat PHP Board 1.2 and earlier stores sensitive information under the web root with insufficient acc... | E | |
| CVE-2007-6396 | Direct static code injection vulnerability in index.php in Flat PHP Board 1.2 and earlier allows rem... | E | |
| CVE-2007-6397 | Multiple directory traversal vulnerabilities in index.php in Flat PHP Board 1.2 and earlier allow re... | E | |
| CVE-2007-6398 | Flat PHP Board 1.2 and earlier allows remote attackers to bypass authentication and obtain limited a... | E | |
| CVE-2007-6399 | index.php in Flat PHP Board 1.2 and earlier allows remote authenticated users to obtain the password... | E | |
| CVE-2007-6400 | Directory traversal vulnerability in download_file.php in PolDoc CMS (aka PDDMS) 0.96 allows remote ... | E | |
| CVE-2007-6401 | Stack-based buffer overflow in mplayer2.exe in Microsoft Windows Media Player (WMP) 6.4, when used w... | E S | |
| CVE-2007-6402 | Stack-based buffer overflow in mplayerc.exe in Media Player Classic (MPC) 6.4.9, when used with the ... | E | |
| CVE-2007-6403 | Stack-based buffer overflow in Nullsoft Winamp 5.32 allows user-assisted remote attackers to execute... | | |
| CVE-2007-6404 | Directory traversal vulnerability in Sergey Lyubka Simple HTTPD (shttpd) 1.38 and earlier on Windows... | E | |
| CVE-2007-6405 | Sergey Lyubka Simple HTTPD (shttpd) 1.38 and earlier on Windows allows remote attackers to download ... | E | |
| CVE-2007-6406 | Multiple cross-site scripting (XSS) vulnerabilities in CA (formerly Computer Associates) eTrust Thre... | | |
| CVE-2007-6407 | Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli Provisioning Manager Express allow... | | |
| CVE-2007-6408 | IBM Tivoli Provisioning Manager Express provides unspecified information in error messages when (1) ... | | |
| CVE-2007-6409 | The gg protocol handler in Gadu-Gadu, when this product is installed but not running, does not prope... | | |
| CVE-2007-6410 | Gadu-Gadu does not properly perform protocol handling, which allows remote attackers to conduct cros... | | |
| CVE-2007-6411 | Multiple buffer overflows in the HandleEmotsConfig function in the GG Client in Gadu-Gadu 7.7 Build ... | E | |
| CVE-2007-6412 | Direct static code injection vulnerability in wiki/index.php in Bitweaver 2.0.0 and earlier, when co... | E | |
| CVE-2007-6413 | Sun Solaris 10 with the 120011-04 and 120012-04 patches, and later 120011-* and 120012-* patches, al... | S | |
| CVE-2007-6414 | admin/administrator.php in Adult Script 1.6 and earlier sends a redirect to the web browser but does... | E | |
| CVE-2007-6415 | scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execut... | E S | |
| CVE-2007-6416 | The copy_to_user function in the PAL emulation functionality for Xen 3.1.2 and earlier, when running... | E | |
| CVE-2007-6417 | The shmem_getpage function (mm/shmem.c) in Linux kernel 2.6.11 through 2.6.23 does not properly clea... | | |
| CVE-2007-6418 | The libdspam7-drv-mysql cron job in Debian GNU/Linux includes the MySQL dspam database password in a... | | |
| CVE-2007-6419 | Unspecified vulnerability in rpc.yppasswdd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote a... | S | |
| CVE-2007-6420 | Cross-site request forgery (CSRF) vulnerability in the balancer-manager in mod_proxy_balancer for Ap... | S | |
| CVE-2007-6421 | Cross-site scripting (XSS) vulnerability in balancer-manager in mod_proxy_balancer in the Apache HTT... | | |
| CVE-2007-6422 | The balancer_handler function in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6, w... | | |
| CVE-2007-6423 | Unspecified vulnerability in mod_proxy_balancer for Apache HTTP Server 2.2.x before 2.2.7-dev, when ... | | |
| CVE-2007-6424 | registry.pl in Fonality Trixbox 2.0 PBX products, when running in certain environments, reads and ex... | E | |
| CVE-2007-6425 | Unspecified vulnerability in HP-UX B.11.31, when running ARPA Transport, allows remote attackers to ... | | |
| CVE-2007-6426 | Multiple heap-based buffer overflows in EMC RepliStor 6.2 SP2, and possibly earlier versions, allow ... | | |
| CVE-2007-6427 | The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arb... | S | |
| CVE-2007-6428 | The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver before 1.4.1 a... | S | |
| CVE-2007-6429 | Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execut... | S | |
| CVE-2007-6430 | Asterisk Open Source 1.2.x before 1.2.26 and 1.4.x before 1.4.16, and Business Edition B.x.x before ... | | |
| CVE-2007-6431 | Unspecified vulnerability in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server ... | S | |
| CVE-2007-6432 | Stack-based buffer overflow in AldFs32.dll in Adobe PageMaker 7.0.1 and 7.0.2 allows user-assisted r... | S | |
| CVE-2007-6433 | The getRenderedEjbql method in the org.jboss.seam.framework.Query class in JBoss Seam 2.x before 2.0... | E | |
| CVE-2007-6434 | Linux kernel 2.6.23 allows local users to create low pages in virtual userspace memory and bypass mm... | E | |
| CVE-2007-6435 | Stack-based buffer overflow in Novell GroupWise before 6.5.7, when HTML preview of e-mail is enabled... | E | |
| CVE-2007-6436 | Stack-based buffer overflow in JSGCI.DLL in JustSystems Ichitaro 2005, 2006, and 2007 allows user-as... | | |
| CVE-2007-6437 | Balabit syslog-ng 2.0.x before 2.0.6 and 2.1.x before 2.1.8 allows remote attackers to cause a denia... | | |
| CVE-2007-6438 | Unspecified vulnerability in the SMB dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote... | | |
| CVE-2007-6439 | Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite ... | | |
| CVE-2007-6440 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6112. Reason: This candida... | R | |
| CVE-2007-6441 | The WiMAX dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denia... | | |
| CVE-2007-6442 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6114. Reason: This candida... | R | |
| CVE-2007-6443 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6115. Reason: This candida... | R | |
| CVE-2007-6444 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6113. Reason: This candida... | R | |
| CVE-2007-6445 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6117. Reason: This candida... | R | |
| CVE-2007-6446 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6118. Reason: This candida... | R | |
| CVE-2007-6447 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6114. Reason: This candida... | R | |
| CVE-2007-6448 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6120. Reason: This candida... | R | |
| CVE-2007-6449 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6121. Reason: This candida... | R | |
| CVE-2007-6450 | The RPL dissector in Wireshark (formerly Ethereal) 0.9.8 to 0.99.6 allows remote attackers to cause ... | | |
| CVE-2007-6451 | Unspecified vulnerability in the CIP dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 all... | | |
| CVE-2007-6452 | Unspecified vulnerability in the benchmark reporting system in Google Web Toolkit (GWT) before 1.4.6... | S | |
| CVE-2007-6453 | Directory traversal vulnerability in raidenhttpd-admin/workspace.php in RaidenHTTPD 2.0.19, when the... | E | |
| CVE-2007-6454 | Heap-based buffer overflow in the handshakeHTTP function in servhs.cpp in PeerCast 0.1217 and earlie... | E S | |
| CVE-2007-6455 | Multiple cross-site scripting (XSS) vulnerabilities in index.php in Mambo 4.6.2 allow remote attacke... | | |
| CVE-2007-6456 | Unspecified vulnerability in OpenOffice.org code in Planamesa NeoOffice 2.2.2 before Patch 4 has unk... | S | |
| CVE-2007-6457 | Stack-based buffer overflow in the webmail feature in SurgeMail 38k4 allows remote attackers to caus... | E | |
| CVE-2007-6458 | SQL injection vulnerability in shop/mainfile.php in 123tkShop 0.9.1 allows remote attackers to execu... | E | |
| CVE-2007-6459 | Anon Proxy Server 0.100, and probably 0.101, allows remote attackers to execute arbitrary commands v... | E | |
| CVE-2007-6460 | Multiple cross-site scripting (XSS) vulnerabilities in Anon Proxy Server before 0.101 allow remote a... | E | |
| CVE-2007-6461 | Multiple cross-site scripting (XSS) vulnerabilities in index.php in Flyspray 0.9.9 through 0.9.9.3 a... | | |
| CVE-2007-6462 | SQL injection vulnerability in fullnews.php in PHP Real Estate Classifieds allows remote attackers t... | E S | |
| CVE-2007-6463 | Multiple cross-site scripting (XSS) vulnerabilities in the admin panel in PHP Real Estate Classified... | | |
| CVE-2007-6464 | Multiple PHP remote file inclusion vulnerabilities in Form tools 1.5.0b allow remote attackers to ex... | E | |
| CVE-2007-6465 | Multiple cross-site scripting (XSS) vulnerabilities in ganglia-web in Ganglia before 3.0.6 allow rem... | S | |
| CVE-2007-6466 | Multiple SQL injection vulnerabilities in index.php in FreeWebshop 2.2.1 allow remote attackers to e... | E | |
| CVE-2007-6467 | SQL injection vulnerability in index.php in MKPortal 1.1 RC1 allows remote attackers to execute arbi... | E | |
| CVE-2007-6468 | Buffer overflow in the HuffDecode function in hw_utils/hwrcon/huffman.c and hexenworld/Client/huffma... | E | |
| CVE-2007-6469 | SQL injection vulnerability in index.php in phpRPG 0.8, when magic_qutoes_gpc is disabled, allows re... | | |
| CVE-2007-6470 | phpRPG 0.8 stores sensitive information under the web root with insufficient access control, which a... | E | |
| CVE-2007-6471 | Incomplete blacklist vulnerability in main.php in phPay 2.02.01 on Windows allows remote attackers t... | E | |
| CVE-2007-6472 | Multiple SQL injection vulnerabilities in phpMyRealty (PMR) 1.0.9 allow (1) remote attackers to exec... | E | |
| CVE-2007-6473 | Heap-based buffer overflow in Texas Imperial Software WFTPD Pro Explorer 1.0 allows remote FTP serve... | E | |
| CVE-2007-6474 | Multiple cross-site scripting (XSS) vulnerabilities in GF-3XPLORER 2.4 allow remote attackers to inj... | E | |
| CVE-2007-6475 | Multiple directory traversal vulnerabilities in GF-3XPLORER 2.4 allow remote attackers to include an... | E | |
| CVE-2007-6476 | GF-3XPLORER 2.4 allows remote attackers to obtain configuration information via a direct request to ... | E S | |
| CVE-2007-6477 | Cross-site scripting (XSS) vulnerability in the on-line help feature in Citrix Web Interface 2.0 and... | S | |
| CVE-2007-6478 | Stack-based buffer overflow in Rosoft Media Player 4.1.7, 4.1.8, and possibly earlier versions allow... | E | |
| CVE-2007-6479 | Unrestricted file upload vulnerability in the "My productions" component for main/auth/profile.php (... | E | |
| CVE-2007-6480 | The Oracle database component in Sun Management Center (Sun MC) 3.6.1, 3.6, and 3.5 Update 1 has a d... | S | |
| CVE-2007-6481 | Unspecified vulnerability in the Device Manager daemon (utdevmgrd) in Sun Ray Server Software 2.0, 3... | S | |
| CVE-2007-6482 | Unspecified vulnerability in the Device Manager daemon (utdevmgrd) in Sun Ray Server Software 2.0, 3... | S | |
| CVE-2007-6483 | Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.0.0 through 7.4.0 and poss... | E S | |
| CVE-2007-6484 | SQL injection vulnerability in index.php in phpRPG 0.8 allows remote attackers to execute arbitrary ... | | |
| CVE-2007-6485 | Multiple PHP remote file inclusion vulnerabilities in Centreon 1.4.1 (aka Oreon 1.4) allow remote at... | E | |
| CVE-2007-6486 | Multiple cross-site scripting (XSS) vulnerabilities in shout.php (aka the shoutbox) in LineShout 1.0... | | |
| CVE-2007-6487 | Unspecified vulnerability in Plain Black WebGUI 7.4.0 through 7.4.17 allows remote authenticated use... | | |
| CVE-2007-6488 | Multiple PHP remote file inclusion vulnerabilities in Falcon Series One CMS 1.4.3 allow remote attac... | E | |
| CVE-2007-6489 | Multiple cross-site scripting (XSS) vulnerabilities in Falcon Series One CMS 1.4.3 allow remote atta... | E | |
| CVE-2007-6490 | Cross-site request forgery (CSRF) vulnerability in Falcon Series One CMS 1.4.3 allows remote attacke... | E | |
| CVE-2007-6491 | Multiple SQL injection vulnerabilities in Kvaliitti WebDoc 3.0 CMS allow remote attackers to execute... | | |
| CVE-2007-6492 | The IMWeb.IMWebControl.1 ActiveX control in IMWeb.dll 7.0.0.x, and possibly IMWebControl.dll, in iMe... | E | |
| CVE-2007-6493 | The IMWeb.IMWebControl.1 ActiveX control in IMWeb.dll 7.0.0.x, and possibly IMWebControl.dll, in iMe... | E | |
| CVE-2007-6494 | Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote attackers to obtain login access via a ... | E | |
| CVE-2007-6495 | inc_newuser.asp in Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users ... | E | |
| CVE-2007-6496 | Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote attackers to register arbitrary users v... | E | |
| CVE-2007-6497 | Hosting Controller 6.1 Hot fix 3.3 and earlier (1) allows remote attackers to change arbitrary user ... | E | |
| CVE-2007-6498 | Multiple SQL injection vulnerabilities in Hosting Controller 6.1 Hot fix 3.3 and earlier allow remot... | E | |
| CVE-2007-6499 | Unspecified vulnerability in Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authentica... | E | |
| CVE-2007-6500 | Unspecified vulnerability in Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authentica... | E | |
| CVE-2007-6501 | Unspecified vulnerability in Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authentica... | E | |
| CVE-2007-6502 | Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to obtain sensitive... | E | |
| CVE-2007-6503 | Multiple unspecified vulnerabilities in Hosting Controller 6.1 Hot fix 3.3 and earlier allow remote ... | E | |
| CVE-2007-6504 | Unspecified vulnerability in IIS/iibind.asp in Hosting Controller 6.1 Hot fix 3.3 and earlier allows... | E | |
| CVE-2007-6505 | Solaris 9, with Solaris Auditing enabled and certain patches for sshd installed, can generate audit ... | S | |
| CVE-2007-6506 | The HPRulesEngine.ContentCollection.1 ActiveX Control in RulesEngine.dll for HP Software Update 4.00... | E | |
| CVE-2007-6507 | SpntSvc.exe daemon in Trend Micro ServerProtect 5.58 for Windows, before Security Patch 4, exposes u... | | |
| CVE-2007-6508 | Directory traversal vulnerability in view.php in xeCMS 1.0 allows remote attackers to read arbitrary... | E | |
| CVE-2007-6509 | Unspecified vulnerability in Appian Enterprise Business Process Management (BPM) Suite 5.6 SP1 allow... | | |
| CVE-2007-6510 | Multiple stack-based buffer overflows in ProWizard 4 PC (prowiz) 1.62 and earlier allow remote attac... | | |
| CVE-2007-6511 | Websense Enterprise 6.3.1 allows remote attackers to bypass content filtering by visiting http URLs ... | | |
| CVE-2007-6512 | PHP MySQL Banner Exchange 2.2.1 stores sensitive information under the web root with insufficient ac... | | |
| CVE-2007-6513 | HP eSupportDiagnostics ActiveX control (hpediag.dll) 1.0.11.0 exports dangerous methods, which allow... | | |
| CVE-2007-6514 | Apache HTTP Server, when running on Linux with a document root on a Windows share mounted using smbf... | | |
| CVE-2007-6515 | support/dispatch.cgi in SiteScape Forum allows remote attackers to execute arbitrary TCL code via co... | E S | |
| CVE-2007-6516 | Buffer overflow in RavWare Software MAS Flic ActiveX Control (masflc.ocx) 1.0.0.1 allows remote atta... | E | |
| CVE-2007-6517 | SQL injection vulnerability in the forget password section (LostPwd.asp) in Eagle Software Aeries Br... | | |
| CVE-2007-6518 | Multiple SQL injection vulnerabilities in search.php in WoltLab Burning Board (wBB) Lite 1.0.2 pl3e ... | E | |
| CVE-2007-6519 | Unspecified vulnerability in the File-on-File Mounting File System (FFM) in HP Tru64 UNIX 5.1B-4 and... | S | |
| CVE-2007-6520 | Opera before 9.25 allows remote attackers to conduct cross-domain scripting attacks via unknown vect... | S | |
| CVE-2007-6521 | Unspecified vulnerability in Opera before 9.25 allows remote attackers to execute arbitrary code via... | S | |
| CVE-2007-6522 | The rich text editing functionality in Opera before 9.25 allows remote attackers to conduct cross-do... | S | |
| CVE-2007-6523 | Algorithmic complexity vulnerability in Opera 9.50 beta and 9.x before 9.25 allows remote attackers ... | E | |
| CVE-2007-6524 | Opera before 9.25 allows remote attackers to obtain potentially sensitive memory contents via a craf... | S | |
| CVE-2007-6525 | Unspecified vulnerability in eClient in IBM DB2 Content Manager (CM) Toolkit 8.3 before fix pack 7 f... | | |
| CVE-2007-6526 | Cross-site scripting (XSS) vulnerability in tiki-special_chars.php in TikiWiki before 1.9.9 allows r... | S | |
| CVE-2007-6527 | uploadimg.php in the Automatic Image Upload with Thumbnails (imgUpload) module 1.3.2 for PunBB only ... | | |
| CVE-2007-6528 | Directory traversal vulnerability in tiki-listmovies.php in TikiWiki before 1.9.9 allows remote atta... | E S | |
| CVE-2007-6529 | Multiple unspecified vulnerabilities in TikiWiki before 1.9.9 have unknown impact and attack vectors... | | |
| CVE-2007-6530 | Buffer overflow in the XUpload.ocx ActiveX control in Persits Software XUpload 2.1.0.1, and probably... | E | |
| CVE-2007-6531 | Stack-based buffer overflow in the Panel (xfce4-panel) component in Xfce before 4.4.2 might allow re... | | |
| CVE-2007-6532 | Double free vulnerability in the Widget Library (libxfcegui4) in Xfce before 4.4.2 might allow remot... | | |
| CVE-2007-6533 | Buffer overflow in Zoom Player 6.00 beta 2 and earlier allows user-assisted remote attackers to exec... | E | |
| CVE-2007-6534 | Multiple unspecified vulnerabilities in Microsoft Office Publisher allow user-assisted remote attack... | | |
| CVE-2007-6535 | Buffer overflow in the YShortcut ActiveX control in YShortcut.dll 2006.8.15.1 in Yahoo! Toolbar migh... | | |
| CVE-2007-6536 | The Custom Button Installer dialog in Google Toolbar 4 and 5 beta presents certain domain names in t... | E | |
| CVE-2007-6537 | Stack-based buffer overflow in the zfile_gunzip function in zfile.c in WinUAE 1.4.4 and earlier allo... | E S | |
| CVE-2007-6538 | SQL injection vulnerability in ing/blocks/mrbs/code/web/view_entry.php in the MRBS plugin for Moodle... | E | |
| CVE-2007-6539 | PHP local file inclusion vulnerability in index.php in IDevspot iSupport 1.8 allows remote attackers... | E | |
| CVE-2007-6540 | SQL injection vulnerability in neuron news 1.0 allows remote attackers to execute arbitrary SQL comm... | | |
| CVE-2007-6541 | Multiple cross-site scripting (XSS) vulnerabilities in neuron news 1.0 allow remote attackers to inj... | | |
| CVE-2007-6542 | PHP remote file inclusion vulnerability in admin/frontpage_right.php in Arcadem LE 2.04 and earlier ... | E | |
| CVE-2007-6543 | SQL injection vulnerability in suggest-link.php in eSyndiCat Link Exchange Script allows remote atta... | E | |
| CVE-2007-6544 | Multiple SQL injection vulnerabilities in RunCMS before 1.6.1 allow remote attackers to execute arbi... | E S | |
| CVE-2007-6545 | Multiple cross-site scripting (XSS) vulnerabilities in RunCMS before 1.6.1 allow remote attackers to... | E S | |
| CVE-2007-6546 | RunCMS before 1.6.1 uses a predictable session id, which makes it easier for remote attackers to hij... | E | |
| CVE-2007-6547 | RunCMS before 1.6.1 does not require entry of the old password during a password change, which allow... | E S | |
| CVE-2007-6548 | Multiple direct static code injection vulnerabilities in RunCMS before 1.6.1 allow remote authentica... | E S | |
| CVE-2007-6549 | Unspecified vulnerability in RunCMS before 1.6.1 has unknown impact and attack vectors, related to "... | | |
| CVE-2007-6550 | form.php in PMOS Help Desk 2.4 and earlier sends a redirect to the web browser but does not exit, wh... | E | |
| CVE-2007-6551 | SQL injection vulnerability in showMsg.php in MailMachine Pro 2.2.4, and other versions before 2.2.6... | E | |
| CVE-2007-6552 | Directory traversal vulnerability in index.php in AuraCMS 2.2 allows remote authenticated users to i... | E | |
| CVE-2007-6553 | Multiple PHP remote file inclusion vulnerabilities in TeamCal Pro 3.1.000 and earlier allow remote a... | E | |
| CVE-2007-6554 | Multiple directory traversal vulnerabilities in TeamCal Pro 3.1.000 and earlier allow remote attacke... | E | |
| CVE-2007-6555 | PHP remote file inclusion vulnerability in modules/mod_pxt_latest.php in the mosDirectory (com_direc... | E | |
| CVE-2007-6556 | Multiple SQL injection vulnerabilities in websihirbazi 5.1.1 allow remote attackers to execute arbit... | E | |
| CVE-2007-6557 | Multiple SQL injection vulnerabilities in MeGaCheatZ 1.1 allow remote attackers to execute arbitrary... | E | |
| CVE-2007-6558 | TotalPlayer 3.0 allows user-assisted remote attackers to cause a denial of service (application cras... | | |
| CVE-2007-6559 | Multiple SQL injection vulnerabilities in Logaholic before 2.0 RC8 allow remote attackers to execute... | E | |
| CVE-2007-6560 | Multiple cross-site scripting (XSS) vulnerabilities in Logaholic before 2.0 RC8 allow remote attacke... | E | |
| CVE-2007-6561 | Multiple stack-based buffer overflows in PDFLib allow user-assisted remote attackers to execute arbi... | E | |
| CVE-2007-6562 | Multiple stack-based buffer overflows in the use of FD_SET in TCPreen before 1.4.4 allow remote atta... | S | |
| CVE-2007-6563 | Heap-based buffer overflow in WinAce 2.65 and earlier, and possibly other versions before 2.69, allo... | S | |
| CVE-2007-6564 | Cross-site scripting (XSS) vulnerability in admin.php in Limbo CMS 1.0.4.2 allows remote attackers t... | E | |
| CVE-2007-6565 | Multiple SQL injection vulnerabilities in Blakord Portal 1.3.A Beta and earlier allow remote attacke... | E | |
| CVE-2007-6566 | SQL injection vulnerability in post.php in XZero Community Classifieds 4.95.11 and earlier allows re... | E | |
| CVE-2007-6567 | Directory traversal vulnerability in index.php in XZero Community Classifieds 4.95.11 and earlier al... | E | |
| CVE-2007-6568 | PHP remote file inclusion vulnerability in config.inc.php in XZero Community Classifieds 4.95.11 and... | E | |
| CVE-2007-6569 | Cross-site scripting (XSS) vulnerability in the View Error Log functionality in Sun Java System Web ... | S | |
| CVE-2007-6570 | Cross-site scripting (XSS) vulnerability in the View URL Database functionality in Sun Java System W... | S | |
| CVE-2007-6571 | Cross-site scripting (XSS) vulnerability in Sun Java System Web Proxy Server 3.6 before SP11 on Wind... | S | |
| CVE-2007-6572 | Cross-site scripting (XSS) vulnerability in Sun Java System Web Server 6.1 before SP8 and 7.0 before... | S | |
| CVE-2007-6573 | QK SMTP Server 3 allows remote attackers to cause a denial of service (daemon crash) via a long (1) ... | | |
| CVE-2007-6574 | Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.4 and earlier allow remote attacke... | E | |
| CVE-2007-6575 | SQL injection vulnerability in default.php in MMSLamp allows remote attackers to execute arbitrary S... | E | |
| CVE-2007-6576 | Multiple SQL injection vulnerabilities in Adult Script 1.6.5 and earlier allow remote attackers to e... | E | |
| CVE-2007-6577 | Multiple SQL injection vulnerabilities in index.php in zBlog 1.2 allow remote attackers to execute a... | E | |
| CVE-2007-6578 | SQL injection vulnerability in go.php in PHP ZLink 0.3 allows remote attackers to execute arbitrary ... | E | |
| CVE-2007-6579 | Multiple SQL injection vulnerabilities in Ip Reg 0.3 allow remote attackers to execute arbitrary SQL... | E | |
| CVE-2007-6580 | Multiple SQL injection vulnerabilities in Wallpaper Site 1.0.09 allow remote attackers to execute ar... | E | |
| CVE-2007-6581 | Multiple directory traversal vulnerabilities in Social Engine 2.0 allow remote attackers to include ... | E | |
| CVE-2007-6582 | Directory traversal vulnerability in index.php in mBlog 1.2 allows remote attackers to read arbitrar... | E | |
| CVE-2007-6583 | SQL injection vulnerability in admin/ops/findip/ajax/search.php in 1024 CMS 1.3.1 allows remote atta... | E | |
| CVE-2007-6584 | Multiple directory traversal vulnerabilities in 1024 CMS 1.3.1 allow remote attackers to include and... | E | |
| CVE-2007-6585 | PHP remote file inclusion vulnerability in confirmUnsubscription.php in NmnNewsletter 1.0.7 allows r... | E | |
| CVE-2007-6586 | SQL injection vulnerability in sezione_news.php in nicLOR-CMS allows remote attackers to execute arb... | E | |
| CVE-2007-6587 | SQL injection vulnerability in plog-rss.php in Plogger 1.0 Beta 3.0 allows remote attackers to execu... | E | |
| CVE-2007-6588 | Cross-site scripting (XSS) vulnerability in PHCDownload 1.10 allows remote attackers to inject arbit... | | |
| CVE-2007-6589 | The jar protocol handler in Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 does not upda... | | |
| CVE-2007-6590 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-2809. Reason: This candida... | R | |
| CVE-2007-6591 | KDE Konqueror 3.5.5 and 3.95.00, when a user accepts an SSL server certificate on the basis of the C... | | |
| CVE-2007-6592 | Apple Safari 2, when a user accepts an SSL server certificate on the basis of the CN domain name in ... | | |
| CVE-2007-6593 | Multiple stack-based buffer overflows in l123sr.dll in Autonomy (formerly Verity) KeyView SDK, as us... | | |
| CVE-2007-6594 | IBM Lotus Notes 8 for Linux before 8.0.1 uses (1) unspecified weak permissions for the installation ... | | |
| CVE-2007-6595 | ClamAV 0.92 allows local users to overwrite arbitrary files via a symlink attack on (1) temporary fi... | | |
| CVE-2007-6596 | ClamAV 0.92 does not recognize Base64 UUEncoded archives, which allows remote attackers to bypass th... | | |
| CVE-2007-6597 | Multiple cross-site scripting (XSS) vulnerabilities in IPortalX before Build 033 allow remote attack... | E | |
| CVE-2007-6598 | Dovecot before 1.0.10, with certain configuration options including use of %variables, does not prop... | | |
| CVE-2007-6599 | Race condition in fileserver in OpenAFS 1.3.50 through 1.4.5 and 1.5.0 through 1.5.27 allows remote ... | | |
| CVE-2007-6600 | PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before... | S | |
| CVE-2007-6601 | The DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7... | S | |
| CVE-2007-6602 | SQL injection vulnerability in app/models/identity.php in NoseRub 0.5.2 and earlier allows remote at... | E S | |
| CVE-2007-6603 | Hot or Not Clone has insufficient access control for producing and reading database backups, which a... | E | |
| CVE-2007-6604 | Multiple directory traversal vulnerabilities in index.php in XCMS 1.82 and earlier allow remote atta... | E | |
| CVE-2007-6605 | Buffer overflow in a certain ActiveX control in SkyFexClient.ocx 1.0.2.77 in SkyFex Client 1.0 allow... | E | |
| CVE-2007-6606 | OpenBiblio 0.5.2-pre4 and earlier allows remote attackers to obtain configuration information via a ... | E S | |
| CVE-2007-6607 | OpenBiblio 0.5.2-pre4 and earlier allows remote attackers to obtain sensitive information via a dire... | E S | |
| CVE-2007-6608 | Multiple cross-site scripting (XSS) vulnerabilities in OpenBiblio 0.5.2-pre4 and earlier allow remot... | E S | |
| CVE-2007-6609 | Multiple stack-based buffer overflows in the CPLI_ReadTag_OGG function in CPI_PlaylistItem.c in Cool... | | |
| CVE-2007-6610 | unp 1.0.12, and other versions before 1.0.14, does not properly escape file names, which might allow... | | |
| CVE-2007-6611 | Cross-site scripting (XSS) vulnerability in view.php in Mantis before 1.1.0 allows remote attackers ... | S | |
| CVE-2007-6612 | Directory traversal vulnerability in DirHandler (lib/mongrel/handlers.rb) in Mongrel 1.0.4 and 1.1.x... | E | |
| CVE-2007-6613 | Stack-based buffer overflow in the print_iso9660_recurse function in iso-info (src/iso-info.c) in GN... | E S | |
| CVE-2007-6614 | PHP remote file inclusion vulnerability in admin/frontpage_right.php in Agares Media phpAutoVideo 2.... | E S | |
| CVE-2007-6615 | Directory traversal vulnerability in includes/block.php in Agares Media phpAutoVideo 2.21 allows rem... | E S | |
| CVE-2007-6616 | Cross-site scripting (XSS) vulnerability in simpleforum.cgi in SimpleForum 4.6.2 and earlier allows ... | | |
| CVE-2007-6617 | Cross-site scripting (XSS) vulnerability in 500page.jsp in JIRA Enterprise Edition before 3.12.1 all... | S | |
| CVE-2007-6618 | JIRA Enterprise Edition before 3.12.1 allows remote attackers to delete another user's shared filter... | S | |
| CVE-2007-6619 | The Setup Wizard in Atlassian JIRA Enterprise Edition before 3.12.1 does not properly restrict setup... | S | |
| CVE-2007-6620 | Directory traversal vulnerability in include/images.inc.php in Joovili 2.x allows remote attackers t... | E | |
| CVE-2007-6621 | Directory traversal vulnerability in joovili.images.php in Joovili 3.0.0 through 3.0.6 allows remote... | E | |
| CVE-2007-6622 | SQL injection vulnerability in security.php in ZeusCMS 0.3 and earlier allows remote attackers to ex... | E | |
| CVE-2007-6623 | Absolute path traversal vulnerability in ZeusCMS 0.3 and earlier might allow remote attackers to lis... | E | |
| CVE-2007-6624 | Directory traversal vulnerability in printview.php in PNphpBB2 1.2i and earlier allows remote attack... | E | |
| CVE-2007-6625 | The Platform Service Process (asampsp) in Fan-Out Driver Platform Services for Novell Identity Manag... | S | |
| CVE-2007-6626 | Multiple buffer overflows in the RTSP_valid_response_msg function in RTSP_state_machine.c in LScube ... | E | |
| CVE-2007-6627 | Integer overflow in the RTSP_remove_msg function in RTSP_lowlevel.c in LScube Feng 0.1.15 and earlie... | E | |
| CVE-2007-6628 | LScube Feng 0.1.15 and earlier allows remote attackers to cause a denial of service (NULL dereferenc... | E | |
| CVE-2007-6629 | Interpretation conflict in LScube Feng 0.1.15 and earlier allows remote attackers to cause a denial ... | E | |
| CVE-2007-6630 | The Url_init function in utils/url.c in Netembryo 0.0.4, when used by LScube Feng, allows remote att... | E | |
| CVE-2007-6631 | Multiple buffer overflows in LScube libnemesi 0.6.4-rc1 and earlier allow remote attackers to execut... | E S | |
| CVE-2007-6632 | showCode.php in xml2owl 0.1.1 allows remote attackers to execute arbitrary commands via shell metach... | E | |
| CVE-2007-6633 | Multiple cross-site scripting (XSS) vulnerabilities in FAQMasterFlexPlus, possibly 1.5 or 1.52, allo... | E | |
| CVE-2007-6634 | Multiple SQL injection vulnerabilities in FAQMasterFlexPlus, possibly 1.5 or 1.52, allow remote atta... | E | |
| CVE-2007-6635 | FAQMasterFlexPlus, possibly 1.5 or 1.52, stores the admin password in cleartext in a database, which... | E | |
| CVE-2007-6636 | Unspecified vulnerability in the StorageFarabDb module in Bitflu before 0.42 allows user-assisted re... | S | |
| CVE-2007-6637 | Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Player allow remote attackers to ... | | |
| CVE-2007-6638 | March Networks DVR 3204 stores sensitive information under the web root with insufficient access con... | E | |
| CVE-2007-6639 | SQL injection vulnerability in index.php in IPTBB 0.5.4 and earlier allows remote attackers to execu... | E | |
| CVE-2007-6640 | Creammonkey 0.9 through 1.1 and GreaseKit 1.2 through 1.3 does not properly prevent access to danger... | | |
| CVE-2007-6641 | Cross-site scripting (XSS) vulnerability in dir.php in milliscripts Redirection allows remote attack... | E | |
| CVE-2007-6642 | Multiple cross-site request forgery (CSRF) vulnerabilities in Joomla! before 1.5 RC4 allow remote at... | | |
| CVE-2007-6643 | Cross-site scripting (XSS) vulnerability in the com_poll component in Joomla! before 1.5 RC4 allows ... | | |
| CVE-2007-6644 | Joomla! before 1.5 RC4 allows remote authenticated administrators to promote arbitrary users to the ... | | |
| CVE-2007-6645 | Unspecified vulnerability in Joomla! before 1.5 RC4 allows remote authenticated users to gain privil... | | |
| CVE-2007-6646 | Multiple cross-site scripting (XSS) vulnerabilities in LiveCart 1.0.1, and possibly other versions b... | E | |
| CVE-2007-6647 | SQL injection vulnerability in index.php in w-Agora 4.2.1 and earlier allows remote attackers to exe... | E | |
| CVE-2007-6648 | Directory traversal vulnerability in index.php in SanyBee Gallery 0.1.0 and 0.1.1 allows remote atta... | E | |
| CVE-2007-6649 | PHP remote file inclusion vulnerability in includes/tumbnail.php in MatPo Bilder Galerie 1.1 allows ... | E | |
| CVE-2007-6650 | Unrestricted file upload vulnerability in fisheye/upload.php in Bitweaver R2 CMS allows remote attac... | E | |
| CVE-2007-6651 | Directory traversal vulnerability in wiki/edit.php in Bitweaver R2 CMS allows remote attackers to ob... | E | |
| CVE-2007-6652 | cpie.php in XCMS 1.83 and earlier sends a redirect to the web browser but does not exit, which allow... | E | |
| CVE-2007-6653 | Directory traversal vulnerability in download.php in Mihalism Multi Host 2.0.7 allows remote attacke... | E | |
| CVE-2007-6654 | Buffer overflow in a certain ActiveX control in Macrovision InstallShield Update Service Web Agent 5... | E | |
| CVE-2007-6655 | PHP remote file inclusion vulnerability in includes/function.php in Kontakt Formular 1.4 allows remo... | E | |
| CVE-2007-6656 | SQL injection vulnerability in content_css.php in the TinyMCE module for CMS Made Simple 1.2.2 and e... | E | |
| CVE-2007-6657 | PHP remote file inclusion vulnerability in source/includes/load_forum.php in Mihalism Multi Forum Ho... | E | |
| CVE-2007-6658 | SQL injection vulnerability in admin.php/vars.php in CustomCMS (CCMS) 3.1 Demo allows remote attacke... | E | |
| CVE-2007-6659 | Multiple cross-site scripting (XSS) vulnerabilities in 2z project 0.9.6.1 allow remote attackers to ... | E | |
| CVE-2007-6660 | 2z project 0.9.6.1 allows remote attackers to obtain sensitive information via (1) a request to inde... | E | |
| CVE-2007-6661 | 2z project 0.9.6.1 allows attackers to change the password without supplying the old password.... | E | |
| CVE-2007-6662 | Directory traversal vulnerability in file.php in CuteNews 2.6 allows remote attackers to read arbitr... | | |
| CVE-2007-6663 | SQL injection vulnerability in (1) Puarcade.php and (2) PUarcade.html.php in Pragmatic Utopia PU Arc... | E | |
| CVE-2007-6664 | SQL injection vulnerability in index.php in WebPortal CMS 0.6.0 and earlier allows remote attackers ... | E | |
| CVE-2007-6665 | SQL injection vulnerability in admin/login.asp in Netchemia oneSCHOOL allows remote attackers to exe... | E | |
| CVE-2007-6666 | SQL injection vulnerability in rss.php in Zenphoto 1.1 through 1.1.3 allows remote attackers to exec... | E | |
| CVE-2007-6667 | SQL injection vulnerability in faq.php in MyPHP Forum 3.0 and earlier allows remote attackers to exe... | E | |
| CVE-2007-6668 | admin/uploadgames.php in MySpace Content Zone (MCZ) 3.x does not require administrative privileges, ... | E | |
| CVE-2007-6669 | Cross-site scripting (XSS) vulnerability in search.php in PHCDownload 1.1.0 allows remote attackers ... | E | |
| CVE-2007-6670 | SQL injection vulnerability in search.php in PHCDownload 1.1.0 allows remote attackers to execute ar... | E | |
| CVE-2007-6671 | SQL injection vulnerability in login_form.asp in Instant Softwares Dating Site allows remote attacke... | E | |
| CVE-2007-6672 | Mortbay Jetty 6.1.5 and 6.1.6 allows remote attackers to bypass protection mechanisms and read the s... | | |
| CVE-2007-6673 | Cross-site scripting (XSS) vulnerability in Makale Scripti allows remote attackers to inject arbitra... | E | |
| CVE-2007-6674 | Cross-site scripting (XSS) vulnerability in Default.asp in RapidShare Database allows remote attacke... | E | |
| CVE-2007-6675 | The b_system_comments_show function in htdocs/modules/system/blocks/system_blocks.php in XOOPS befor... | E | |
| CVE-2007-6676 | The default configuration of Uber Uploader (UU) 5.3.6 and earlier does not block uploads of (1) .htm... | | |
| CVE-2007-6677 | Cross-site scripting (XSS) vulnerability in Peter's Random Anti-Spam Image 0.2.4 and earlier plugin ... | | |
| CVE-2007-6678 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6167. Reason: This candida... | R | |
| CVE-2007-6679 | Unspecified vulnerability in the Administrative Console in IBM WebSphere Application Server 6.1 befo... | | |
| CVE-2007-6680 | Trusted Execution in IBM AIX 6.1 uses an incorrect pathname argument in a call to the trustchk_block... | S | |
| CVE-2007-6681 | Stack-based buffer overflow in modules/demux/subtitle.c in VideoLAN VLC 0.8.6d allows remote attacke... | E | |
| CVE-2007-6682 | Format string vulnerability in the httpd_FileCallBack function (network/httpd.c) in VideoLAN VLC 0.8... | E | |
| CVE-2007-6683 | The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to overwrite arbitrary files via (... | E | |
| CVE-2007-6684 | The RTSP module in VideoLAN VLC 0.8.6d allows remote attackers to cause a denial of service (crash) ... | | |
| CVE-2007-6685 | Unspecified vulnerability in the Publish XP module Menalto Gallery before 2.2.4 allows attackers to ... | S | |
| CVE-2007-6686 | The URL rewrite module in Menalto Gallery before 2.2.4 allows attackers to include and execute arbit... | | |
| CVE-2007-6687 | Multiple cross-site scripting (XSS) vulnerabilities in Menalto Gallery before 2.2.4 allow remote att... | S | |
| CVE-2007-6688 | Unspecified vulnerability in the Installation application in Menalto Gallery before 2.2.4 has unknow... | S | |
| CVE-2007-6689 | Menalto Gallery before 2.2.4 does not properly check for malicious file extensions during file uploa... | S | |
| CVE-2007-6690 | The Gallery Remote module in Menalto Gallery before 2.2.4 does not check permissions for unspecified... | | |
| CVE-2007-6691 | Multiple unspecified vulnerabilities in Menalto Gallery before 2.2.4 have unknown impact, related to... | S | |
| CVE-2007-6692 | Open redirect vulnerability in Menalto Gallery before 2.2.4 allows remote attackers to redirect user... | | |
| CVE-2007-6693 | Unspecified vulnerability in the WebCam module in Menalto Gallery before 2.2.4 has unknown impact an... | S | |
| CVE-2007-6694 | The chrp_show_cpuinfo function (chrp/setup.c) in Linux kernel 2.4.21 through 2.6.18-53, when running... | | |
| CVE-2007-6695 | Cross-site scripting (XSS) vulnerability in index.php in Drake CMS 0.4.9 allows remote attackers to ... | E | |
| CVE-2007-6696 | Multiple cross-site scripting (XSS) vulnerabilities in WebCalendar 1.1.6 allow remote attackers to i... | E | |
| CVE-2007-6697 | Buffer overflow in the LWZReadByte function in IMG_gif.c in SDL_image before 1.2.7 allows remote att... | E S | |
| CVE-2007-6698 | The BDB backend for slapd in OpenLDAP before 2.3.36 allows remote authenticated users to cause a den... | | |
| CVE-2007-6699 | Multiple buffer overflows in the AIM PicEditor 9.5.1.8 ActiveX control in YGPPicEdit.dll in AOL You'... | E | |
| CVE-2007-6700 | Cross-site scripting (XSS) vulnerability in cgi-bin/bgplg in the web interface for the BGPD daemon i... | E S | |
| CVE-2007-6701 | Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP4... | E S | |
| CVE-2007-6702 | goform/QuickStart_c0 on the GoAhead Web Server on the FS4104-AW (aka rooter) VDSL device contains a ... | E | |
| CVE-2007-6703 | Unspecified vulnerability in vdccm before 0.10.1 in SynCE (SynCE-dccm) might allow attackers to caus... | | |
| CVE-2007-6704 | Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass 4100 SSL VPN 5.4.1 through 5.5.2 ... | E | |
| CVE-2007-6705 | The WebSphere MQ XA 5.3 before FP13 and 6.0.x before 6.0.2.1 client for Windows, when running in an ... | | |
| CVE-2007-6706 | Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus Notes 6.5, 7.0.x before 7.0.2 CC... | | |
| CVE-2007-6707 | Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gat... | E | |
| CVE-2007-6708 | Multiple cross-site request forgery (CSRF) vulnerabilities on the Cisco Linksys WAG54GS Wireless-G A... | E | |
| CVE-2007-6709 | The Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware has "admin" as i... | E | |
| CVE-2007-6711 | Unspecified vulnerability in customer.php in FreeWebshop.org 2.2.5, 2.2.6 and 2.2.7WIP1/2 allows rem... | S | |
| CVE-2007-6712 | Integer overflow in the hrtimer_forward function (hrtimer.c) in Linux kernel 2.6.21-rc4, when runnin... | | |
| CVE-2007-6713 | Unspecified vulnerability in Flip4Mac WMV before 2.2.0.49 has unknown impact and attack vectors rela... | | |
| CVE-2007-6714 | DBMail before 2.2.9, when using authldap with an LDAP server that supports anonymous login such as A... | S | |
| CVE-2007-6715 | Mozilla Firefox allows remote attackers to cause a denial of service (crash) via crafted image, as d... | | |
| CVE-2007-6716 | fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 does not properly zero out the... | E S | |
| CVE-2007-6717 | Buffer overflow in tftp in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to gain ... | S | |
| CVE-2007-6718 | MPlayer, possibly 1.0rc1, allows remote attackers to cause a denial of service (SIGSEGV and applicat... | | |
| CVE-2007-6719 | SQL injection vulnerability in Wiz-Ad 1.3 allows remote attackers to execute arbitrary SQL commands ... | | |
| CVE-2007-6720 | libmikmod 3.1.9 through 3.2.0, as used by MikMod, SDL-mixer, and possibly other products, relies on ... | | |
| CVE-2007-6721 | The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Crypto Provide... | S | |
| CVE-2007-6722 | Vidalia bundle before 0.1.2.18, when running on Windows and Mac OS X, installs Privoxy with a config... | E | |
| CVE-2007-6723 | TorK before 0.22, when running on Windows and Mac OS X, installs Privoxy with a configuration file (... | E | |
| CVE-2007-6724 | Vidalia bundle before 0.1.2.18, when running on Windows, installs Privoxy with a configuration file ... | E | |
| CVE-2007-6725 | The CCITTFax decoding filter in Ghostscript 8.60, 8.61, and possibly other versions, allows remote a... | E | |
| CVE-2007-6726 | Multiple cross-site scripting (XSS) vulnerabilities in Dojo 0.4.1 and 0.4.2, as used in Apache Strut... | S | |
| CVE-2007-6727 | SQL injection vulnerability in topic.php in KerviNet Forum 1.1 allows remote attackers to execute ar... | E | |
| CVE-2007-6728 | Cross-site scripting (XSS) vulnerability in XMB 1.5 allows remote attackers to inject arbitrary web ... | E | |
| CVE-2007-6729 | Cross-site scripting (XSS) vulnerability in the web management interface in the ZyXEL P-330W router ... | E | |
| CVE-2007-6730 | Multiple cross-site request forgery (CSRF) vulnerabilities in the web management interface in the Zy... | E | |
| CVE-2007-6731 | Extended Module Player (XMP) 2.5.1 and earlier allow remote attackers to execute arbitrary code via ... | E | |
| CVE-2007-6732 | Multiple buffer overflows in the dtt_load function in loaders/dtt_load.c Extended Module Player (XMP... | E | |
| CVE-2007-6733 | The nfs_lock function in fs/nfs/file.c in the Linux kernel 2.6.9 does not properly remove POSIX lock... | E | |
| CVE-2007-6734 | NWFTPD.nlm before 5.08.07 in the FTP server in Novell NetWare 6.5 SP7 does not properly implement th... | | |
| CVE-2007-6735 | NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial match... | | |
| CVE-2007-6736 | Multiple directory traversal vulnerabilities in FTPServer.py in pyftpdlib before 0.2.0 allow remote ... | S | |
| CVE-2007-6737 | FTPServer.py in pyftpdlib before 0.2.0 does not increment the attempted_logins count for a USER comm... | | |
| CVE-2007-6738 | pyftpdlib before 0.1.1 does not choose a random value for the port associated with the PASV command,... | | |
| CVE-2007-6739 | FTPServer.py in pyftpdlib before 0.2.0 allows remote attackers to cause a denial of service via a lo... | S | |
| CVE-2007-6740 | The ftp_STOU function in FTPServer.py in pyftpdlib before 0.2.0 does not limit the number of attempt... | | |
| CVE-2007-6741 | The ftp_PORT function in FTPServer.py in pyftpdlib before 0.2.0 does not prevent TCP connections to ... | | |
| CVE-2007-6742 | The get_filter_list function in IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0006... | S | |
| CVE-2007-6743 | Double free vulnerability in IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0005 al... | S | |
| CVE-2007-6744 | Flexera Macrovision InstallShield before 2008 sends a digital-signature password to an unintended ap... | | |
| CVE-2007-6745 | clamav 0.91.2 suffers from a floating point exception when using ScanOLE2.... | | |
| CVE-2007-6746 | telepathy-idle before 0.1.15 does not verify (1) that the issuer is a trusted CA, (2) that the serve... | | |
| CVE-2007-6747 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2007-6748 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2007-6749 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2007-6750 | The Apache HTTP Server 1.x and 2.x allows remote attackers to cause a denial of service (daemon outa... | | |
| CVE-2007-6751 | Cross-site scripting (XSS) vulnerability in the MailForm plugin before 1.20 for Movable Type allows ... | S | |
| CVE-2007-6752 | Cross-site request forgery (CSRF) vulnerability in Drupal 7.12 and earlier allows remote attackers t... | E | |
| CVE-2007-6753 | Untrusted search path vulnerability in Shell32.dll in Microsoft Windows 2000, Windows XP, Windows Vi... | | |
| CVE-2007-6754 | The ipalloc function in libc/stdlib/malloc.c in jemalloc in libc for FreeBSD 6.4 and NetBSD does not... | S | |
| CVE-2007-6755 | The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation... | | |
| CVE-2007-6756 | ZOLL Defibrillator / Monitor M Series, E Series, and R Series have a default password for System Con... | | |
| CVE-2007-6757 | GE Healthcare Centricity DMS 4.2, 4.1, and 4.0 has a password of Muse!Admin for the Museadmin user, ... | | |
| CVE-2007-6758 | Server-side request forgery (SSRF) vulnerability in feed-proxy.php in extjs 5.0.0.... | E | |
| CVE-2007-6759 | Dataprobe iBootBar (with 2007-09-20 and possibly later released firmware) allows remote attackers to... | | |
| CVE-2007-6760 | Dataprobe iBootBar (with 2007-09-20 and possibly later beta firmware) allows remote attackers to byp... | | |
| CVE-2007-6761 | drivers/media/video/videobuf-vmalloc.c in the Linux kernel before 2.6.24 does not initialize videobu... | S | |
| CVE-2007-6762 | In the Linux kernel before 2.6.20, there is an off-by-one bug in net/netlabel/netlabel_cipso_v4.c wh... | S | |
| CVE-2007-6763 | SAS Drug Development (SDD) before 32DRG02 mishandles logout actions, which allows a user (who was pr... | |