Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-0315 | 1 Google | 1 Chrome | 2026-04-23 | N/A |
| WebKit before r53607, as used in Google Chrome before 4.0.249.89, allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets[0].href property value, related to an IFRAME element. | ||||
| CVE-2007-2977 | 1 Domjudge | 1 Domjudge | 2026-04-23 | N/A |
| Buffer overflow in the receive function in submit/submitcommon.c in the submit daemon in DOMjudge before 2.0.0RC1 allows remote attackers to cause a denial of service or have other unspecified impact. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-2979 | 1 Techno Dreams | 1 Web Directory | 2026-04-23 | N/A |
| Techno Dreams Web Directory / Search Engine 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for Database.mdb. | ||||
| CVE-2007-2982 | 1 Bt | 1 Business Connect Webhelper Activex Control | 2026-04-23 | N/A |
| Multiple buffer overflows in the British Telecommunications Business Connect webhelper ActiveX control before 1.0.0.7 in btbconnectwebcontrol.dll allow remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2007-2986 | 1 Nexen | 1 Adminbot Mx | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in lib/live_status.lib.php in AdminBot MX 9.0.5 allows remote attackers to execute arbitrary PHP code via a URL in the ROOT parameter. | ||||
| CVE-2007-2988 | 1 Inout Scripts | 1 Inout Meta Search Engine | 2026-04-23 | N/A |
| A certain admin script in Inout Meta Search Engine sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to inject arbitrary PHP code, as demonstrated by a request to admin/create_engine.php followed by a request to admin/generate_tabs.php. | ||||
| CVE-2007-2989 | 1 Sun | 1 Solaris | 2026-04-23 | N/A |
| The libike library in Sun Solaris 9 before 20070529 contains a logic error related to a certain pointer, which allows remote attackers to cause a denial of service (in.iked daemon crash) by sending certain UDP packets with a source port different from 500. NOTE: this issue might overlap CVE-2006-2298. | ||||
| CVE-2007-2990 | 1 Sun | 1 Solaris | 2026-04-23 | N/A |
| Unspecified vulnerability in inetd in Sun Solaris 10 before 20070529 allows local users to cause a denial of service (daemon termination) via unspecified manipulations of the /var/run/.inetd.uds Unix domain socket file. | ||||
| CVE-2007-2991 | 1 Evenzia | 1 Evenzia Cms | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in includes/send.inc.php in Evenzia CMS allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. | ||||
| CVE-2007-2992 | 1 Omegasoft | 1 Interneserviceslosungen | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in OmegaMw7.asp in OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL) allow remote attackers to execute arbitrary SQL commands via (1) user-created text fields; the (2) F05003, (3) F05005, and (4) F05015 fields; and other unspecified standard fields. | ||||
| CVE-2007-2993 | 1 Omegasoft | 1 Interneserviceslosungen | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in OmegaMw7.asp in OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL) allow remote attackers to inject arbitrary web script or HTML via (1) user-created text fields; the (2) F05003, (3) F05005, and (4) F05015 fields; and other unspecified standard fields. | ||||
| CVE-2007-2994 | 1 Dian Gemilang | 1 Dgnews | 2026-04-23 | N/A |
| SQL injection vulnerability in news.php in DGNews 2.1 allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a fullnews action, a different vector than CVE-2007-0693. | ||||
| CVE-2007-2995 | 1 Ibm | 1 Aix | 2026-04-23 | N/A |
| Unspecified vulnerability in sysmgt.websm.rte in IBM AIX 5.2.0 and 5.3.0 has unknown impact and attack vectors. | ||||
| CVE-2007-2996 | 1 Ibm | 1 Aix | 2026-04-23 | N/A |
| Unspecified vulnerability in perl.rte 5.8.0.10 through 5.8.0.95 on IBM AIX 5.2, and 5.8.2.10 through 5.8.2.50 on AIX 5.3, allows local users to gain privileges via unspecified vectors related to the installation and "waiting for a legitimate user to execute a binary that ships with Perl." | ||||
| CVE-2007-2998 | 1 Hp | 1 Openvms | 2026-04-23 | N/A |
| The Pascal run-time library (PAS$RTL.EXE) before 20070418 on OpenVMS for Integrity Servers 8.3, and PAS$RTL.EXE before 20070419 on OpenVMS Alpha 8.3, does not properly restore PC and PSL values, which allows local users to cause a denial of service (system crash) via certain Pascal code. | ||||
| CVE-2007-2999 | 1 Microsoft | 1 Windows 2003 Server | 2026-04-23 | N/A |
| Microsoft Windows Server 2003, when time restrictions are in effect for user accounts, generates different error messages for failed login attempts with a valid user name than for those with an invalid user name, which allows context-dependent attackers to determine valid Active Directory account names. | ||||
| CVE-2007-3000 | 1 Php Jackknife | 1 Php Jackknife | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in PHP JackKnife (PHPJK) allow remote attackers to execute arbitrary SQL commands via (1) the iCategoryUnq parameter to G_Display.php or (2) the iSearchID parameter to Search/DisplayResults.php. | ||||
| CVE-2007-3001 | 1 Php Jackknife | 1 Php Jackknife | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PHP JackKnife (PHPJK) allow remote attackers to inject arbitrary web script or HTML via (1) the sUName parameter to UserArea/Authenticate.php, (2) the sAccountUnq parameter to UserArea/NewAccounts/index.php, or the (3) iCategoryUnq, (4) iDBLoc, (5) iTtlNumItems, (6) iNumPerPage, or (7) sSort parameter to G_Display.php, different vectors than CVE-2005-4239. | ||||
| CVE-2007-3002 | 1 Php Jackknife | 1 Php Jackknife | 2026-04-23 | N/A |
| PHP JackKnife (PHPJK) allows remote attackers to obtain sensitive information via (1) a request to index.php with an invalid value of the iParentUnq[] parameter, or a request to G_Display.php with an invalid (2) iCategoryUnq[] or (3) sSort[] array parameter, which reveals the path in various error messages. | ||||
| CVE-2007-3003 | 1 Mywebland | 1 Mybloggie | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in myBloggie 2.1.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) cat_id or (2) year parameter to index.php in a viewuser action, different vectors than CVE-2005-1500 and CVE-2005-4225. | ||||