Total
29908 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-1750 | 1 Microsoft | 5 Internet Explorer, Windows 2000, Windows 2003 Server and 2 more | 2026-04-23 | N/A |
| Unspecified vulnerability in Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code via a crafted Cascading Style Sheets (CSS) tag that triggers memory corruption. | ||||
| CVE-2007-1766 | 1 Msxstudios | 1 Advanced Login | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in login/engine/db/profiledit.php in Advanced Login 0.76 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root parameter. | ||||
| CVE-2007-1775 | 1 Jbrowser | 1 Jbrowser | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in upload.php3 in JBrowser 2.4 and earlier allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-1784 | 1 Ibm | 1 Lotus Sametime | 2026-04-23 | N/A |
| The JNILoader ActiveX control (STJNILoader.ocx) 3.1.0.26 in IBM Lotus Notes Sametime before 7.5 allows remote attackers to load arbitrary DLL libraries and execute arbitrary code via arbitrary arguments to the loadLibrary function. | ||||
| CVE-2007-1794 | 2 Mozilla, Sun | 3 Mozilla, Solaris, Sunos | 2026-04-23 | N/A |
| The Javascript engine in Mozilla 1.7 and earlier on Sun Solaris 8, 9, and 10 might allow remote attackers to execute arbitrary code via vectors involving garbage collection that causes deletion of a temporary object that is still being used. NOTE: this issue might be related to CVE-2006-3805. | ||||
| CVE-2007-1795 | 1 Jccorp | 1 Urlshrink | 2026-04-23 | N/A |
| JCcorp URLshrink 1.3.1 allows remote attackers to execute arbitrary PHP code via the email address field in an HTML link. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-1798 | 1 Ibm | 1 Aix | 2026-04-23 | N/A |
| Buffer overflow in the drmgr command in IBM AIX 5.2 and 5.3 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long path name. | ||||
| CVE-2006-6913 | 1 Phpmyfaq | 1 Phpmyfaq | 2026-04-23 | N/A |
| Unspecified vulnerability in phpMyFAQ 1.6.7 and earlier allows remote attackers to upload arbitrary PHP scripts via unspecified vectors. | ||||
| CVE-2006-4839 | 1 Sophos | 1 Sophos Anti-virus | 2026-04-23 | N/A |
| Sophos Anti-Virus 5.1 allows remote attackers to cause a denial of service (memory consumption) via a file that is compressed with Petite and contains a large number of sections. | ||||
| CVE-2007-1799 | 1 Joris Guisson | 1 Ktorrent | 2026-04-23 | N/A |
| Directory traversal vulnerability in torrent.cpp in KTorrent before 2.1.3 only checks for the ".." string, which allows remote attackers to overwrite arbitrary files via modified ".." sequences in a torrent filename, as demonstrated by "../" sequences, due to an incomplete fix for CVE-2007-1384. | ||||
| CVE-2007-0667 | 2 Ledgersmb, Sql-ledger | 2 Ledgersmb, Sql-ledger | 2026-04-23 | N/A |
| The redirect function in Form.pm for (1) LedgerSMB before 1.1.5 and (2) SQL-Ledger allows remote authenticated users to execute arbitrary code via redirects, related to callbacks, a different issue than CVE-2006-5872. | ||||
| CVE-2007-1813 | 1 Inconnueteam | 1 Ecal | 2026-04-23 | N/A |
| SQL injection vulnerability in display.php in the eCal 2.24 and earlier module for Xoops allows remote attackers to execute arbitrary SQL commands via the katid parameter. | ||||
| CVE-2007-1814 | 1 Xoops | 1 Core Module | 2026-04-23 | N/A |
| SQL injection vulnerability in viewcat.php in the Core module for Xoops allows remote attackers to execute arbitrary SQL commands via the cid parameter, a different vector than CVE-2007-0377. | ||||
| CVE-2007-1820 | 1 Nortel | 2 Callpilot, Meridian Mail | 2026-04-23 | N/A |
| Nortel Networks CallPilot and Meridian Mail voicemail systems, when a mailbox has auto logon enabled, allow remote attackers to retrieve or remove messages, or reconfigure the mailbox, by spoofing Calling Number Identification (CNID, aka Caller ID). | ||||
| CVE-2007-1834 | 1 Cisco | 2 Unified Callmanager, Unified Presence Server | 2026-04-23 | N/A |
| Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allow remote attackers to cause a denial of service (loss of voice services) via a flood of ICMP echo requests, aka bug ID CSCsf12698. | ||||
| CVE-2007-1840 | 1 Ldap Account Manager | 1 Ldap Account Manager | 2026-04-23 | N/A |
| lib/modules.inc in LDAP Account Manager (LAM) before 1.3.0 does not escape HTML special characters in LDAP data, which allows remote attackers to have an unknown impact, probably cross-site scripting (XSS). | ||||
| CVE-2006-5008 | 1 Ibm | 1 Aix | 2026-04-23 | N/A |
| Unspecified vulnerability in utape in IBM AIX 5.2.0 and 5.3.0 allows attackers to execute arbitrary commands and overwrite arbitrary files via unspecified vectors. | ||||
| CVE-2007-1844 | 1 Avatic | 1 Aardvark Topsites Php | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Aardvark Topsites PHP 5 allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) button/settings_sql.php, (2) settings_sql.php, and (3) sources/misc/new_day.php. | ||||
| CVE-2007-1849 | 1 Drake Team | 1 Drake Cms | 2026-04-23 | N/A |
| Directory traversal vulnerability in 404.php in Drake CMS allows remote attackers to include and execute arbitrary local arbitrary files via a .. (dot dot) in the d_private parameter. NOTE: some of these details are obtained from third party information. NOTE: Drake CMS has only a beta version available, and the vendor has previously stated "We do not consider security reports valid until the first official release of Drake CMS." | ||||
| CVE-2007-1854 | 1 Hitachi | 7 Cosminexus Component Container, Electronic Form Workflow, Ucosminexus Application Server and 4 more | 2026-04-23 | N/A |
| Unspecified vulnerability in Hitachi Cosminexus Component Container 07-00 through 07-00-10, and 07-10 through 07-10-03, as used in uCosminexus Application Server Enterprise and Standard; uCosminexus Service Platform; uCosminexus Developer Standard and Professional; uCosminexus Service Architect; Electronic Form Workflow Standard Set, Professional Library Set, and Developer Client Set; and uCosminexus ERP Integrator, does not properly manage session information, which has an unspecified impact related to "unintended other requests." | ||||