Export limit exceeded: 363262 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363262 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-5764 1 Ibm 1 Aix 2026-04-23 N/A
Buffer overflow in the pioout program in printers.rte in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via a long command line option.
CVE-2007-5766 1 Oracle 1 E-business Suite 2026-04-23 N/A
SQL injection vulnerability in okxLOV.jsp in Oracle E-Business Suite 11 and 12 allows remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: this is probably the same issue as CVE-2007-5527 or CVE-2007-5528, but there are insufficient details to be sure.
CVE-2007-5767 1 Novell 1 Bordermanager 2026-04-23 N/A
Heap-based buffer overflow in the Client Trust application (clntrust.exe) in Novell BorderManager 3.8 before Update 1.5 allows remote attackers to execute arbitrary code via a validation request in which the Novell tree name is not properly delimited with a wide-character backslash or NULL character.
CVE-2007-5768 1 Globe7 1 Globe7 2026-04-23 N/A
The Globe7 soft phone client 7.3 sends username and password information in cleartext, which allows remote attackers to obtain sensitive information by sniffing the HTTP traffic.
CVE-2007-5769 1 Netkit-ftp 1 Netkit Ftp 2026-04-23 N/A
Double free vulnerability in the getreply function in ftp.c in netkit ftp (netkit-ftp) 0.17 20040614 and later allows remote FTP servers to cause a denial of service (application crash) and possibly have unspecified other impact via some types of FTP protocol behavior. NOTE: the netkit-ftpd issue is covered by CVE-2007-6263.
CVE-2007-5770 2 Redhat, Ruby-lang 2 Enterprise Linux, Ruby 2026-04-23 N/A
The (1) Net::ftptls, (2) Net::telnets, (3) Net::imap, (4) Net::pop, and (5) Net::smtp libraries in Ruby 1.8.5 and 1.8.6 do not verify that the commonName (CN) field in a server certificate matches the domain name in a request sent over SSL, which makes it easier for remote attackers to intercept SSL transmissions via a man-in-the-middle attack or spoofed web site, different components than CVE-2007-5162.
CVE-2007-5771 1 Flatnuke3 1 Flatnuke3 2026-04-23 N/A
Flatnuke 3 (aka FlatnuX) allows remote attackers to obtain administrative access via a myforum%00 cookie.
CVE-2007-5772 1 Flatnuke3 1 Flatnuke3 2026-04-23 N/A
Direct static code injection vulnerability in the download module in Flatnuke 3 allows remote authenticated administrators to inject arbitrary PHP code into a description.it.php file in a subdirectory of Download/ by saving a description and setting fneditmode to 1. NOTE: unauthenticated remote attackers can exploit this by leveraging a cookie manipulation issue.
CVE-2007-5773 1 Flatnuke3 1 Flatnuke3 2026-04-23 N/A
Cross-site request forgery (CSRF) vulnerability in index.php in the File Manager module in Flatnuke 3 allows remote attackers to perform certain actions as administrators via requests containing the pathname in the dir parameter and the filename in the ffile parameter.
CVE-2007-5774 1 Flatnuke3 1 Flatnuke3 2026-04-23 N/A
index.php in the File Manager module in Flatnuke 3 allows remote attackers to obtain sensitive information via an invalid argumentname parameter in a disc op action, which reveals the path in an error message.
CVE-2007-5775 1 Bitdefender 3 Antivirus, Internet Security, Total Security 2026-04-23 9.8 Critical
Unspecified vulnerability in BitDefender allows attackers to execute arbitrary code via unspecified vectors, aka EEYEB-20071024. NOTE: as of 20071029, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.
CVE-2007-5776 1 Blue-collar Productions 1 I-gallery 2026-04-23 N/A
Directory traversal vulnerability in igallery.asp in Blue-Collar Productions i-Gallery 3.4 allows remote attackers to read arbitrary files via encoded backslash sequences in the d parameter, as demonstrated by a "%5c../../%5c" sequence.
CVE-2007-5777 1 Blue-collar Productions 1 I-gallery 2026-04-23 N/A
Blue-Collar Productions i-Gallery 3.4 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a file containing a base64-encoded password via a direct request for igallery.mdb.
CVE-2007-5778 1 Flexispy 1 Mobile Spy 2026-04-23 7.5 High
Mobile Spy (1) stores login credentials in cleartext under the RetinaxStudios registry key, and (2) sends login credentials and log data over a cleartext HTTP connection, which allows attackers to obtain sensitive information by reading the registry or sniffing the network.
CVE-2007-5779 1 Gom Player 1 Gom Player 2026-04-23 N/A
Buffer overflow in the GomManager (GomWeb Control) ActiveX control in GomWeb3.dll 1.0.0.12 in Gretech Online Movie Player (GOM Player) 2.1.6.3499 allows remote attackers to execute arbitrary code via a long argument to the OpenUrl method.
CVE-2007-5780 1 Telematic Lab 1 Teatro 2026-04-23 N/A
PHP remote file inclusion vulnerability in pub/pub08_comments.php in teatro 1.6 allows remote attackers to execute arbitrary PHP code via a URL in the basePath parameter.
CVE-2007-5781 1 Sige 1 Sige 2026-04-23 N/A
PHP remote file inclusion vulnerability in inc/sige_init.php in Sige 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the SYS_PATH parameter.
CVE-2007-5783 1 Emagic-cms 1 Emagic Cms.net 2026-04-23 N/A
SQL injection vulnerability in emc.asp in emagiC CMS.Net 4.0 allows remote attackers to execute arbitrary SQL commands via the pageId parameter.
CVE-2007-5784 1 Caupo.net 1 Cauposhop Pro 2026-04-23 N/A
PHP remote file inclusion vulnerability in index.php in CaupoShop Pro 2.x allows remote attackers to execute arbitrary PHP code via a URL in the action parameter.
CVE-2007-5785 1 Jobsiteprofessional 1 Jobsite Professional 2026-04-23 N/A
SQL injection vulnerability in file.php in JobSite Professional 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.