Export limit exceeded: 29923 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29923 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-3359 | 1 Iptel | 1 Serweb | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in SerWeb 0.9.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the _SERWEB[serwebdir] parameter to (1) html/load_apu.php or (2) html/mail_prepend.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-3360 | 1 Bitchx | 1 Bitchx | 2026-04-23 | N/A |
| hook.c in BitchX 1.1-final allows remote IRC servers to execute arbitrary commands by sending a client certain data containing NICK and EXEC strings, which exceeds the bounds of a hash table, and injects an EXEC hook function that receives and executes shell commands. | ||||
| CVE-2007-3361 | 1 Nortel | 1 Pc Client Soft Phone Sip | 2026-04-23 | N/A |
| The Nortel PC Client SIP Soft Phone 4.1 3.5.208[20051015] allows remote attackers to cause a denial of service (device crash) via a SIP message with a malformed header. | ||||
| CVE-2007-3362 | 3 Ageet, Htc, Microsoft | 3 Agephone, Hytn, Windows Mobile | 2026-04-23 | N/A |
| ageet AGEphone before 1.6.2, running on Windows Mobile 5 on the HTC HyTN Pocket PC device, allows remote attackers to (1) cause a denial of service (call disruption and device hang) via a SIP message with a malformed header and (2) cause a denial of service (call disruption, false ring indication, and device outage) via a SIP message with a malformed SDP delimiter. | ||||
| CVE-2007-3363 | 1 Ageet | 1 Agephone | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in ageet AGEphone before 1.6.3 allow remote attackers to have an unknown impact via malformed SIP packets. | ||||
| CVE-2007-3364 | 1 Myserver | 1 Myserver | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in the cgi-bin/post.mscgi sample page in MyServer 0.8.9 allows remote attackers to inject arbitrary web script or HTML via the body content. | ||||
| CVE-2007-3366 | 1 Cpanel | 1 Cpanel | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Simple CGI Wrapper (scgiwrap) in cPanel before 10.9.1, and 11.x before 11.4.19-R14378, allows remote attackers to inject arbitrary web script or HTML via the URI. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-3367 | 1 Cpanel | 1 Cpanel | 2026-04-23 | N/A |
| Simple CGI Wrapper (scgiwrap) in cPanel before 10.9.1, and 11.x before 11.4.19-R14378, allows remote attackers to obtain sensitive information via a direct request, which reveals the path in an error message. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-3368 | 1 Polycom | 1 Soundpoint Ip 650 | 2026-04-23 | N/A |
| Buffer overflow in the HTTP server on the Polycom SoundPoint IP 601 SIP phone with BootROM 3.0.x+ allows remote attackers to cause a denial of service (device reboot) via a malformed CGI parameter. | ||||
| CVE-2007-3370 | 1 Kim Kyoung Min | 1 Sun Board | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Sun Board 1.00.00 Alpha allow remote attackers to execute arbitrary PHP code via a URL in (1) the sunPath parameter to include.php or (2) the dir parameter to skin/board/default/doctype.php. | ||||
| CVE-2007-3371 | 1 Powl | 1 Powl | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in plugins/widgets/htmledit/htmledit.php in Powl 0.94 allows remote attackers to execute arbitrary PHP code via a URL in the _POWL[installPath] parameter. | ||||
| CVE-2007-3372 | 1 Avahi | 1 Avahi | 2026-04-23 | N/A |
| The Avahi daemon in Avahi before 0.6.20 allows attackers to cause a denial of service (exit) via empty TXT data over D-Bus, which triggers an assert error. | ||||
| CVE-2007-3398 | 1 Perception | 1 Liteweb | 2026-04-23 | N/A |
| LiteWEB 2.7 allows remote attackers to cause a denial of service (hang) via a large number of requests for nonexistent pages. | ||||
| CVE-2007-3376 | 2 Apple, Microsoft | 2 Safari, Windows Xp | 2026-04-23 | N/A |
| Buffer overflow in Apple Safari 3.0.2 on Windows XP SP2 allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long value in the title HTML tag, which triggers the overflow when the user adds the page as a bookmark. | ||||
| CVE-2007-3377 | 2 Nlnet Labs, Redhat | 2 Net Dns, Enterprise Linux | 2026-04-23 | N/A |
| Header.pm in Net::DNS before 0.60, a Perl module, (1) generates predictable sequence IDs with a fixed increment and (2) can use the same starting ID for all child processes of a forking server, which allows remote attackers to spoof DNS responses, as originally reported for qpsmtp and spamassassin. | ||||
| CVE-2007-3383 | 1 Apache | 1 Tomcat | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in SendMailServlet in the examples web application (examples/jsp/mail/sendmail.jsp) in Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.36 allows remote attackers to inject arbitrary web script or HTML via the From field and possibly other fields, related to generation of error messages. | ||||
| CVE-2007-3384 | 1 Apache | 1 Tomcat | 2026-04-23 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in examples/servlet/CookieExample in Apache Tomcat 3.3 through 3.3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Name or (2) Value field, related to error messages. | ||||
| CVE-2007-3388 | 2 Redhat, Trolltech | 2 Enterprise Linux, Qt | 2026-04-23 | N/A |
| Multiple format string vulnerabilities in (1) qtextedit.cpp, (2) qdatatable.cpp, (3) qsqldatabase.cpp, (4) qsqlindex.cpp, (5) qsqlrecord.cpp, (6) qglobal.cpp, and (7) qsvgdevice.cpp in QTextEdit in Trolltech Qt 3 before 3.3.8 20070727 allow remote attackers to execute arbitrary code via format string specifiers in text used to compose an error message. | ||||
| CVE-2007-3390 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2026-04-23 | N/A |
| Wireshark 0.99.5 and 0.10.x up to 0.10.14, when running on certain systems, allows remote attackers to cause a denial of service (crash) via crafted iSeries capture files that trigger a SIGTRAP. | ||||
| CVE-2007-3392 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2026-04-23 | N/A |
| Wireshark before 0.99.6 allows remote attackers to cause a denial of service via malformed (1) SSL or (2) MMS packets that trigger an infinite loop. | ||||