Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-5538 | 1 Cisco | 2 Unified Callmanager, Unified Communications Manager | 2017-07-28 | 10.0 HIGH | N/A |
| Buffer overflow in the Centralized TFTP File Locator Service in Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(3), and Unified CallManager 5.0, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors involving the processing of filenames, aka CSCsh47712. | |||||
| CVE-2007-5539 | 1 Cisco | 4 Unified Contact Center Enterprise, Unified Contact Center Hosted, Unified Icm Hosted and 1 more | 2017-07-28 | 9.0 HIGH | N/A |
| Unspecified vulnerability in Cisco Unified Intelligent Contact Management Enterprise (ICME), Unified ICM Hosted (ICMH), Unified Contact Center Enterprise (UCCE), Unified Contact Center Hosted (UCCH), and System Unified Contact Center Enterprise (SUCCE) 7.1(5) allows remote authenticated users to gain privileges, and read reports or change the SUCCE configuration, via certain web interfaces, aka CSCsj55686. | |||||
| CVE-2007-5541 | 1 Opera | 1 Opera Browser | 2017-07-28 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Opera before 9.24, when using an "external" newsgroup or e-mail client, allows remote attackers to execute arbitrary commands via unknown vectors. | |||||
| CVE-2007-5562 | 1 Netgear | 1 Ssl312 | 2017-07-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in cgi-bin/welcome (aka the login page) in Netgear SSL312 PROSAFE SSL VPN-Concentrator 25 allows remote attackers to inject arbitrary web script or HTML via the err parameter in the context of an error page. | |||||
| CVE-2007-5567 | 1 Galmeta | 1 Galmeta Post | 2017-07-28 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in _lib/fckeditor/upload_config.php in Galmeta Post 0.11 allows remote attackers to execute arbitrary PHP code via a URL in the DDS parameter. | |||||
| CVE-2007-5575 | 1 Treble Designs | 1 1024 Cms | 2017-07-28 | 4.3 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in 1024 CMS 1.2.5 allows remote attackers to perform some actions as administrators, as demonstrated by (1) an unspecified action that creates a file containing PHP code and (2) unspecified use of the forum component. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-5578 | 1 Secureideas | 1 Basic Analysis And Security Engine | 2017-07-28 | 7.5 HIGH | N/A |
| Basic Analysis and Security Engine (BASE) before 1.3.8 sends a redirect to the web browser but does not exit, which allows remote attackers to bypass authentication via (1) base_main.php, (2) base_qry_alert.php, and possibly other vectors. | |||||
| CVE-2007-5579 | 1 Pligg | 1 Pligg Cms | 2017-07-28 | 7.5 HIGH | N/A |
| login.php in Pligg CMS 9.5 uses a guessable confirmation code when resetting a forgotten password, which allows remote attackers with knowledge of a username to reset that user's password by calculating the confirmationcode parameter. | |||||
| CVE-2007-5581 | 1 Cisco | 1 Unified Meetingplace | 2017-07-28 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in mpweb/scripts/mpx.dll in Cisco Unified MeetingPlace 5.4 and earlier and 6.0 allow remote attackers to inject arbitrary web script or HTML via the (1) FirstName and (2) LastName parameters. | |||||
| CVE-2007-5584 | 1 Cisco | 3 7600 Router, Catalyst 6500, Firewall Services Module | 2017-07-28 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Cisco Firewall Services Module (FWSM) 3.2(3) allows remote attackers to cause a denial of service (device reload) via crafted "data in the control-plane path with Layer 7 Application Inspections." | |||||
| CVE-2007-5588 | 1 Mnogosearch | 1 Mnogosearch | 2017-07-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in mnoGoSearch before 3.2.43 allows remote attackers to inject arbitrary web script or HTML via the t parameter in search.cgi, as reachable from search.htm-dist. | |||||
| CVE-2007-5590 | 1 Miranda-im | 1 Miranda | 2017-07-28 | 6.8 MEDIUM | N/A |
| Multiple buffer overflows in Miranda before 0.7.1 allow remote attackers to execute arbitrary code via unspecified vectors involving (1) IRC options, (2) Jabber forms, and unspecified aspects of the (3) ICQ and (4) Yahoo! instant messaging functionality. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-5601 | 1 Realnetworks | 1 Realplayer | 2017-07-28 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the Database Component in MPAMedia.dll in RealNetworks RealPlayer 10.5 and 11 beta, and earlier versions including 10, RealOne Player, and RealOne Player 2, allows remote attackers to execute arbitrary code via certain playlist names, as demonstrated via the import method to the IERPCtl ActiveX control in ierpplug.dll. | |||||
| CVE-2007-5604 | 1 Hp | 1 Instant Support | 2017-07-28 | 7.5 HIGH | N/A |
| Buffer overflow in the ExtractCab function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5605, CVE-2007-5606, and CVE-2007-5607. | |||||
| CVE-2007-5605 | 1 Hp | 1 Instant Support | 2017-07-28 | 9.3 HIGH | N/A |
| Buffer overflow in the GetFileTime function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability than CVE-2007-5604, CVE-2007-5606, and CVE-2007-5607. | |||||
| CVE-2007-5606 | 1 Hp | 1 Instant Support | 2017-07-28 | 10.0 HIGH | N/A |
| Buffer overflow in the MoveFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5607. | |||||
| CVE-2007-5607 | 1 Hp | 1 Instant Support | 2017-07-28 | 7.5 HIGH | N/A |
| Buffer overflow in the RegistryString function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long first argument, a different vulnerability than CVE-2007-5604, CVE-2007-5605, and CVE-2007-5606. | |||||
| CVE-2007-5608 | 1 Hp | 1 Instant Support | 2017-07-28 | 9.3 HIGH | N/A |
| The DownloadFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to force a download of an arbitrary file onto a client machine via a URL in the first argument and a destination filename in the second argument, a different vulnerability than CVE-2008-0952 and CVE-2008-0953. | |||||
| CVE-2007-5610 | 1 Hp | 1 Instant Support | 2017-07-28 | 10.0 HIGH | N/A |
| The DeleteSingleFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to delete an arbitrary file via a full pathname in the argument. | |||||
| CVE-2007-5612 | 1 Ibm | 1 Director | 2017-07-28 | 7.8 HIGH | N/A |
| CIM Server in IBM Director 5.20.1 and earlier allows remote attackers to cause a denial of service (CPU consumption, connection slot exhaustion, and daemon crash) via a large number of idle connections. | |||||