Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-0620 | 1 Vlad Leont | 1 Fd Script | 2018-10-16 | 5.0 MEDIUM | N/A |
| download.php in FD Script 1.3.2 and earlier allows remote attackers to read source of files under the web document root with certain extensions, including .php, via a relative pathname in the fname parameter, as demonstrated by downloading config.php. | |||||
| CVE-2007-0584 | 1 G-neric | 1 Php Generic Library And Framework | 2018-10-16 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in membres/membreManager.php in PhP Generic Library & Framework for comm (g-neric) allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter. | |||||
| CVE-2007-0603 | 1 Pgp | 1 Corporate Desktop | 2018-10-16 | 7.1 HIGH | N/A |
| PGP Desktop before 9.5.1 does not validate data objects received over the (1) \pipe\pgpserv named pipe for PGPServ.exe or the (2) \pipe\pgpsdkserv named pipe for PGPsdkServ.exe, which allows remote authenticated users to gain privileges by sending a data object representing an absolute pointer, which causes code execution at the corresponding address. | |||||
| CVE-2007-0602 | 1 Trend Micro | 1 Viruswall | 2018-10-16 | 6.9 MEDIUM | N/A |
| Buffer overflow in libvsapi.so in the VSAPI library in Trend Micro VirusWall 3.81 for Linux, as used by IScan.BASE/vscan, allows local users to gain privileges via a long command line argument, a different vulnerability than CVE-2005-0533. | |||||
| CVE-2007-0609 | 1 Advanced Guestbook | 1 Advanced Guestbook | 2018-10-16 | 5.1 MEDIUM | N/A |
| Directory traversal vulnerability in Advanced Guestbook 2.4.2 allows remote attackers to bypass .htaccess settings, and execute arbitrary PHP local files or read arbitrary local templates, via a .. (dot dot) in a lang cookie, followed by a filename without its .php extension, as demonstrated via a request to index.php. | |||||
| CVE-2007-0332 | 1 Xentraz | 1 Liens Dynamiques | 2018-10-16 | 7.5 HIGH | N/A |
| (1) admin/adminlien.php3 and (2) admin/modif.php3 in liens_dynamiques 2.1 do not require authentication, which allows remote attackers to perform unauthorized administrative actions using a direct request. | |||||
| CVE-2007-0324 | 1 Lizardtech | 1 Djvu Browser Plug-in | 2018-10-16 | 7.5 HIGH | N/A |
| Multiple buffer overflows in the LizardTech DjVu Browser Plug-in before 6.1.1 allow remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2007-0323 | 1 Rim | 1 Teamon Import Object Activex Control | 2018-10-16 | 7.5 HIGH | N/A |
| Buffer overflow in the SetLanguage function in Research In Motion (RIM) TeamOn Import Object ActiveX control (TOImport.dll) allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2007-0249 | 1 Nwom | 1 Nwom Topsites | 2018-10-16 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Nwom topsites 3.0 allows remote attackers to inject arbitrary web script or HTML via the o parameter. | |||||
| CVE-2007-0250 | 1 Nwom | 1 Nwom Topsites | 2018-10-16 | 5.0 MEDIUM | N/A |
| index.php in Nwom topsites 3.0 allows remote attackers to obtain potentially sensitive information via a ' (quote) character in the o parameter, which forces a SQL error. | |||||
| CVE-2007-0251 | 1 Snort | 1 Snort | 2018-10-16 | 7.8 HIGH | N/A |
| Integer underflow in the DecodeGRE function in src/decode.c in Snort 2.6.1.2 allows remote attackers to trigger dereferencing of certain memory locations via crafted GRE packets, which may cause corruption of log files or writing of sensitive information into log files. | |||||
| CVE-2007-0490 | 1 Open-realty | 1 Open-realty | 2018-10-16 | 5.0 MEDIUM | N/A |
| index.php in Open-Realty 2.3.4 allows remote attackers to obtain sensitive information (the full path) via an invalid listingID parameter in a listingview action. | |||||
| CVE-2007-0487 | 1 Zoneo-soft | 1 Freeforum | 2018-10-16 | 7.5 HIGH | N/A |
| ** DISPUTED ** PHP remote file inclusion vulnerability in index.php in FreeForum 0.9.0 allows remote attackers to execute arbitrary PHP code via a URL in the fpath parameter. NOTE: this issue has been disputed by third party researchers, stating that fpath variable is initialized before being used. | |||||
| CVE-2007-0485 | 1 Webchat.org | 1 Webchat | 2018-10-16 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in defines.php in WebChat 0.77 allows remote attackers to execute arbitrary PHP code via a URL in the WEBCHATPATH parameter. | |||||
| CVE-2007-0469 | 1 Rubyforge | 1 Rubygems | 2018-10-16 | 9.3 HIGH | N/A |
| The extract_files function in installer.rb in RubyGems before 0.9.1 does not check whether files exist before overwriting them, which allows user-assisted remote attackers to overwrite arbitrary files, cause a denial of service, or execute arbitrary code via crafted GEM packages. | |||||
| CVE-2007-0468 | 1 Microsoft | 1 Visual Studio | 2018-10-16 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in rcdll.dll in msdev.exe in Visual C++ (MSVC) in Microsoft Visual Studio 6.0 SP6 allows user-assisted remote attackers to execute arbitrary code via a long file path in the "1 TYPELIB MOVEABLE PURE" option in an RC file. | |||||
| CVE-2007-0453 | 1 Samba | 1 Samba | 2018-10-16 | 4.6 MEDIUM | N/A |
| Buffer overflow in the nss_winbind.so.1 library in Samba 3.0.21 through 3.0.23d, as used in the winbindd daemon on Solaris, allows attackers to execute arbitrary code via the (1) gethostbyname and (2) getipnodebyname functions. | |||||
| CVE-2007-0452 | 1 Samba | 1 Samba | 2018-10-16 | 6.8 MEDIUM | N/A |
| smbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users to cause a denial of service (memory and CPU exhaustion) by renaming a file in a way that prevents a request from being removed from the deferred open queue, which triggers an infinite loop. | |||||
| CVE-2007-0443 | 1 Gracenote | 1 Cddbcontrol Activex Control | 2018-10-16 | 9.3 HIGH | N/A |
| Multiple buffer overflows in the CDDBControl ActiveX control in Gracenote CDDB before 20070418 allow remote attackers to execute arbitrary code via long values for certain Proxy configuration parameters. | |||||
| CVE-2007-0441 | 1 Hp | 1 Openview Network Node Manager | 2018-10-16 | 5.1 MEDIUM | N/A |
| Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, and 7.50 allows remote attackers to execute arbitrary commands via unknown vectors. | |||||