Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-0578 1 Mpg123 1 Mpg123 2026-04-23 N/A
The http_open function in httpget.c in mpg123 before 0.64 allows remote attackers to cause a denial of service (infinite loop) by closing the HTTP connection early.
CVE-2007-0591 1 Vu Le An 1 Virtual Path 2026-04-23 N/A
PHP remote file inclusion vulnerability in configure.php in Vu Le An Virtual Path (VirtualPath) 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
CVE-2007-0598 1 Aztek Forum 1 Aztek Forum 2026-04-23 N/A
SQL injection vulnerability in forum/load.php in Aztek Forum 4.00 allows remote attackers to execute arbitrary SQL commands via the fid cookie to forum.php.
CVE-2007-0606 1 W-agora 1 W-agora 2026-04-23 N/A
w-agora 4.2.1 allows remote attackers to obtain sensitive information by via the (1) bn[] array parameter to index.php, which expects a string, and (2) certain parameters to delete_forum.php, which displays the path name in the resulting error message.
CVE-2007-0613 1 Apple 3 Ichat, Instant Message Framework, Mdnsresponder 2026-04-23 N/A
The Bonjour functionality in mDNSResponder, iChat 3.1.6, and InstantMessage framework 428 in Apple Mac OS X 10.4.8 does not check for duplicate entries when adding newly discovered available contacts, which allows remote attackers to cause a denial of service (disrupted communication) via a flood of duplicate _presence._tcp mDNS queries.
CVE-2007-0623 1 Maxdev 1 Mdpro 2026-04-23 N/A
SQL injection vulnerability in index.php in MAXdev MDPro 1.0.76 allows remote attackers to execute arbitrary SQL commands via the startrow parameter.
CVE-2007-0631 1 Eclectic Designs 1 Cascadianfaq 2026-04-23 N/A
SQL injection vulnerability in index.php in Eclectic Designs CascadianFAQ 4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter.
CVE-2007-0639 1 Guppy 1 Guppy 2026-04-23 N/A
Multiple static code injection vulnerabilities in error.php in GuppY 4.5.16 and earlier allow remote attackers to inject arbitrary PHP code into a .inc file in the data/ directory via (1) a REMOTE_ADDR cookie or (2) a cookie specifying an element of the msg array with an error number in the first dimension and 0 in the second dimension, as demonstrated by msg[999][0].
CVE-2007-0648 1 Cisco 1 Ios 2026-04-23 N/A
Cisco IOS after 12.3(14)T, 12.3(8)YC1, 12.3(8)YG, and 12.4, with voice support and without Session Initiated Protocol (SIP) configured, allows remote attackers to cause a denial of service (crash) by sending a crafted packet to port 5060/UDP.
CVE-2007-0661 1 Intel 9 Enterprise Southbridge 2 Bmc, Enterprise Southbridge Bmc, Server Board S5000pal and 6 more 2026-04-23 N/A
Intel Enterprise Southbridge 2 Baseboard Management Controller (BMC), Intel Server Boards 5000XAL, S5000PAL, S5000PSL, S5000XVN, S5000VCL, S5000VSA, SC5400RA, and OEM Firmware for Intel Enterprise Southbridge Baseboard Management Controller before 20070119, when Intelligent Platform Management Interface (IPMI) is enabled, allow remote attackers to connect and issue arbitrary IPMI commands, possibly triggering a denial of service.
CVE-2007-0668 1 Sun 1 Solaris 2026-04-23 N/A
The Loopback Filesystem (LOFS) in Sun Solaris 10 allows local users in a non-global zone to move and rename files in a read-only filesystem, which could lead to a denial of service.
CVE-2007-0679 1 Nicolas Grandjean 1 Phpmyring 2026-04-23 N/A
PHP remote file inclusion vulnerability in lang/leslangues.php in Nicolas Grandjean PHPMyRing 4.1.3b and earlier allows remote attackers to execute arbitrary PHP code via a URL in the fichier parameter.
CVE-2007-0688 1 Hunkaray Duyuru 1 Scripti 2026-04-23 N/A
SQL injection vulnerability in oku.asp in Hunkaray Duyuru Scripti allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2007-0702 1 Phpeventman 1 Phpeventman 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in phpEventMan 1.0.2 allow remote attackers to execute arbitrary PHP code via a URL in the level parameter to (1) Shared/controller/text.ctrl.php or (2) UserMan/controller/common.function.php.
CVE-2007-0709 1 Comodo 1 Comodo Firewall Pro 2026-04-23 N/A
cmdmon.sys in Comodo Firewall Pro (formerly Comodo Personal Firewall) 2.4.16.174 and earlier does not validate arguments that originate in user mode for the (1) NtCreateSection, (2) NtOpenProcess, (3) NtOpenSection, (4) NtOpenThread, and (5) NtSetValueKey hooked SSDT functions, which allows local users to cause a denial of service (system crash) and possibly gain privileges via invalid arguments.
CVE-2007-0723 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Unspecified vulnerability in the authentication feature for DirectoryService (DS Plug-Ins) for Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote authenticated LDAP users to modify the root password and gain privileges via unknown vectors.
CVE-2007-0731 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Stack-based buffer overflow in the Apple-specific Samba module (SMB File Server) in Apple Mac OS X 10.4 through 10.4.8 allows context-dependent attackers to execute arbitrary code via a long ACL.
CVE-2007-0742 1 Apple 1 Mac Os X 2026-04-23 N/A
The WebFoundation framework in Apple Mac OS X 10.3.9 and earlier allows subdomain cookies to be accessed by the parent domain, which allows remote attackers to obtain sensitive information.
CVE-2007-0749 1 Apple 2 Darwin Streaming Server, Mac Os X Server 2026-04-23 N/A
Multiple stack-based buffer overflows in the is_command function in proxy.c in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allow remote attackers to execute arbitrary code via a long (1) cmd or (2) server value in an RTSP request.
CVE-2007-0759 1 Umberto Caldera 1 Easymoblog 2026-04-23 N/A
Multiple SQL injection vulnerabilities in EasyMoblog 0.5.1 allow remote attackers to execute arbitrary SQL commands via the (1) i or (2) post_id parameter to add_comment.php, which triggers an injection in libraries.inc.php; or (3) the i parameter to list_comments.php, which triggers an injection in libraries.inc.php.