Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2007-3701 TippingPoint IPS before 20070710 does not properly handle a hex-encoded alternate Unicode '/' (slash) character, which might allow remote attackers to send certain network traffic and avoid detection,... | N/A | NONE | β | 0 |
| CVE-2007-3702 Directory traversal vulnerability in the load function in cgi-bin/mail/mailmachine.cgi in Mail Machine 3.989 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the archi... | N/A | NONE | β | 0 |
| CVE-2007-3703 Stack-based buffer overflow in a certain ActiveX control in sasatl.dll 1.5.0.531 in Zenturi Program Checker (ProgramChecker) Pro allows remote attackers to execute arbitrary code via a long argument t... | N/A | NONE | β | 0 |
| CVE-2007-3704 Entertainment CMS allows remote attackers to bypass authentication and perform certain administrative actions by setting the adminLogged cookie to "Administrator." | N/A | NONE | β | 0 |
| CVE-2007-3705 SQL injection vulnerability in FuseTalk 2.0 allows remote attackers to execute arbitrary SQL commands via the FTVAR_SUBCAT (txForumID) parameter to forum/index.cfm and possibly other unspecified compo... | N/A | NONE | β | 0 |
| CVE-2007-3706 The _sanitize_globals function in CodeIgniter 1.5.3 before 20070628 allows remote attackers to unset arbitrary global variables with unspecified impact, as demonstrated by a _SERVER cookie. | N/A | NONE | β | 0 |
| CVE-2007-3707 Directory traversal vulnerability in index.php in CodeIgniter 1.5.3 before 20070628, when enable_query_strings is true, allows remote attackers to read arbitrary files via a .. (dot dot) in the c para... | N/A | NONE | β | 0 |
| CVE-2007-3708 Cross-site scripting (XSS) vulnerability in CodeIgniter 1.5.3 before 20070626 allows remote attackers to inject arbitrary web script or HTML via (1) String.fromCharCode and (2) malformed nested tag ma... | N/A | NONE | β | 0 |
| CVE-2007-3709 CRLF injection vulnerability in the redirect function in url_helper.php in CodeIgniter 1.5.3 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in an unspecified parameter, as... | N/A | NONE | β | 0 |
| CVE-2007-3710 PHP remote file inclusion vulnerability in example/gamedemo/inc.functions.php in PHP Comet-Server allows remote attackers to execute arbitrary PHP code via a URL in the projectPath parameter. | N/A | NONE | β | 0 |
| CVE-2007-3711 Unspecified vulnerability in TOS 2.1.x, 2.2.x before 2.2.5, and 2.5.x before 2.5.2 on TippingPoint IPS allows remote attackers to avoid detection by sending certain fragmented packets. | N/A | NONE | β | 0 |
| CVE-2007-3712 Multiple cross-site scripting (XSS) vulnerabilities in HiddenChest "is ve Bayi Basvuru Formu" (Yb ve Bayi Babvuru Formu) allow remote attackers to inject arbitrary web script or HTML via unspecified v... | N/A | NONE | β | 0 |
| CVE-2007-3713 Multiple buffer overflows in Konst CenterICQ 4.9.11 through 4.21 allow remote attackers to execute arbitrary code via unspecified vectors. NOTE: the provenance of this information is unknown; the deta... | N/A | NONE | β | 0 |
| CVE-2007-3714 Directory traversal vulnerability in Ada Image Server (ImgSvr) 0.6.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the template parameter to the default URI. NOTE: the provena... | N/A | NONE | β | 0 |
| CVE-2007-3715 Sun Java System Application Server and Web Server 7.0 through 9.0 before 20070710 do not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attacker... | N/A | NONE | β | 0 |
| CVE-2007-3716 The Java XML Digital Signature implementation in Sun JDK and JRE 6 before Update 2 does not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attac... | N/A | NONE | β | 0 |
| CVE-2026-1597 A vulnerability has been found in Bdtask SalesERP up to 20260116. This issue affects some unknown processing of the component Administrative Endpoint. Such manipulation of the argument ci_session lead... | 6.3 | MEDIUM | β | 0 |
| CVE-2006-5271 Integer underflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary ... | N/A | NONE | β | 0 |
| CVE-2006-5272 Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute ... | N/A | NONE | β | 0 |
| CVE-2006-5273 Heap-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 through 3.6.0.453 allows remote attackers to exe... | N/A | NONE | β | 0 |
| CVE-2006-5274 Integer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 allows remote attackers to cause a denial of service (CMA ... | N/A | NONE | β | 0 |
| CVE-2007-3509 Heap-based buffer overflow in the RPC subsystem in Symantec Backup Exec for Windows Servers 10.0, 10d, and 11d allows remote attackers to cause a denial of service (process exit) and possibly execute ... | N/A | NONE | β | 0 |
| CVE-2007-3717 rcp on Sun Solaris 8, 9, and 10 before 20070710 does not properly call certain helper applications, which allows local users to gain privileges by creating files with certain names, possibly containin... | N/A | NONE | β | 0 |
| CVE-2007-3718 Multiple unspecified vulnerabilities in the SVG parsing engine in Apple Safari 3 Beta for Windows have unspecified remote attack vectors and impact. NOTE: this issue contains no actionable informatio... | N/A | NONE | β | 0 |
| CVE-2007-3719 The process scheduler in the Linux kernel 2.6.16 gives preference to "interactive" processes that perform voluntary sleeps, which allows local users to cause a denial of service (CPU consumption), as ... | N/A | NONE | β | 0 |
| CVE-2007-3720 The process scheduler in the Linux kernel 2.4 performs scheduling based on CPU billing gathered from periodic process sampling ticks, which allows local users to cause a denial of service (CPU consump... | N/A | NONE | β | 0 |
| CVE-2007-3721 The ULE process scheduler in the FreeBSD kernel gives preference to "interactive" processes that perform voluntary sleeps, which allows local users to cause a denial of service (CPU consumption), as d... | N/A | NONE | β | 0 |
| CVE-2007-3722 The 4BSD process scheduler in the FreeBSD kernel performs scheduling based on CPU billing gathered from periodic process sampling ticks, which allows local users to cause a denial of service (CPU cons... | N/A | NONE | β | 0 |
| CVE-2007-3723 The process scheduler in the Sun Solaris kernel does not make use of the process statistics kept by the kernel and performs scheduling based upon CPU billing gathered from periodic process sampling ti... | N/A | NONE | β | 0 |
| CVE-2007-3724 The process scheduler in the Microsoft Windows XP kernel does not make use of the process statistics kept by the kernel, performs scheduling based on CPU billing gathered from periodic process samplin... | N/A | NONE | β | 0 |
| CVE-2007-3725 The RAR VM (unrarvm.c) in Clam Antivirus (ClamAV) before 0.91 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted RAR archive, resulting in a NULL pointer derefere... | N/A | NONE | β | 0 |
| CVE-2007-3726 Integer signedness error in the SET_VALUE function in rarvm.cpp in unrar 3.70 beta 3, as used in products including WinRAR and RAR for OS X, allows user-assisted remote attackers to cause a denial of ... | N/A | NONE | β | 0 |
| CVE-2026-1598 A vulnerability was found in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. Impacted is an unknown function of the file /dashboard/home/profile of the component User Information... | 3.5 | LOW | β | 0 |
| CVE-2007-3727 Multiple unspecified vulnerabilities in Webmatic before 2.7 have unknown impact and attack vectors, related to the "administration area." | N/A | NONE | β | 0 |
| CVE-2007-3728 Buffer overflow in lib/silcclient/client_notify.c of SILC Client and SILC Toolkit before 1.1.2 allows remote attackers to cause a denial of service via "NICK_CHANGE" notifications. | N/A | NONE | β | 0 |
| CVE-2007-3729 The default configuration of the POP server in TCP/IP Services 5.6 for HP OpenVMS 8.3 generates different responses depending on whether or not a username is valid, which allows remote attackers to en... | N/A | NONE | β | 0 |
| CVE-2007-3730 The default configuration of the POP server in TCP/IP Services 5.6 for HP OpenVMS 8.3 does not log the source IP address or attempted username for login attempts, which might help remote attackers to ... | N/A | NONE | β | 0 |
| CVE-2007-3641 archive_read_support_format_tar.c in libarchive before 2.2.4 does not properly compute the length of a certain buffer when processing a malformed pax extension header, which allows user-assisted remot... | N/A | NONE | β | 0 |
| CVE-2007-3644 archive_read_support_format_tar.c in libarchive before 2.2.4 allows user-assisted remote attackers to cause a denial of service (infinite loop) via (1) an end-of-file condition within a pax extension ... | N/A | NONE | β | 0 |
| CVE-2006-5277 Off-by-one error in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to e... | N/A | NONE | β | 0 |
| CVE-2007-2392 Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via a crafted movie file that triggers memory corruption. | N/A | NONE | β | 0 |
| CVE-2007-2393 The design of QuickTime for Java in Apple Quicktime before 7.2 allows remote attackers to bypass certain security controls and write to process memory via Java applets, possibly leading to arbitrary c... | N/A | NONE | β | 0 |
| CVE-2026-1599 A vulnerability was determined in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. The affected element is an unknown function of the file /hungry/placeorder of the component Chec... | 4.3 | MEDIUM | β | 0 |
| CVE-2007-2394 Integer overflow in Apple Quicktime before 7.2 on Mac OS X 10.3.9 and 10.4.9 allows user-assisted remote attackers to execute arbitrary code via crafted (1) title and (2) author fields in an SMIL file... | N/A | NONE | β | 0 |
| CVE-2007-2396 The JDirect support in QuickTime for Java in Apple Quicktime before 7.2 exposes certain dangerous interfaces, which allows remote attackers to execute arbitrary code via crafted Java applets. | N/A | NONE | β | 0 |
| CVE-2007-2397 QuickTime for Java in Apple Quicktime before 7.2 does not properly check permissions, which allows remote attackers to disable security controls and execute arbitrary code via crafted Java applets. | N/A | NONE | β | 0 |
| CVE-2007-2402 QuickTime for Java in Apple Quicktime before 7.2 does not perform sufficient "access control," which allows remote attackers to obtain sensitive information (screen content) via crafted Java applets. | N/A | NONE | β | 0 |
| CVE-2007-2417 Heap-based buffer overflow in _mprosrv.exe in Progress Software Progress 9.1E and OpenEdge 10.1x, as used by the RSA Authentication Manager 6.0 and 6.1, SecurID Appliance 2.0, ACE/Server 5.2, and poss... | N/A | NONE | β | 0 |
| CVE-2007-3645 archive_read_support_format_tar.c in libarchive before 2.2.4 allows user-assisted remote attackers to cause a denial of service (crash) via (1) an end-of-file condition within a tar header that follow... | N/A | NONE | β | 0 |
| CVE-2007-3673 Symantec symtdi.sys before 7.0.0, as distributed in Symantec AntiVirus Corporate Edition 9 through 10.1 and Client Security 2.0 through 3.1, Norton AntiSpam 2005, and Norton AntiVirus, Internet Securi... | N/A | NONE | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.