Vulnerabilites CVE
Base de donnees CVE enrichie avec CISA KEV et NVD
| CVE ID | CVSS | Severite | KEV | Observations |
|---|---|---|---|---|
| CVE-2007-3153 The ares_init:randomize_key function in c-ares, on platforms other than Windows, uses a weak facility for producing a random number sequence (Unix rand), which makes it easier for remote attackers to ... | N/A | NONE | — | 0 |
| CVE-2007-3154 Unspecified vulnerability in Walter Zorn wz_tooltip.js (aka wz_tooltips) before 4.01, as used by eGroupWare before 1.2.107-2 and other packages, has unknown impact and remote attack vectors. | N/A | NONE | — | 0 |
| CVE-2007-3155 Unspecified vulnerability in eGroupWare before 1.2.107-2 has unknown impact and attack vectors related to ADOdb. NOTE: due to lack of details from the vendor, it is uncertain whether this issue is al... | N/A | NONE | — | 0 |
| CVE-2007-3156 Multiple cross-site scripting (XSS) vulnerabilities in pam_login.cgi in Webmin before 1.350 and Usermin before 1.280 allow remote attackers to inject arbitrary web script or HTML via the (1) cid, (2) ... | N/A | NONE | — | 0 |
| CVE-2007-3157 IPSecDrv.sys 10.4.0.12 in SafeNET High Assurance Remote 1.4.0 Build 12, and SoftRemote, allows remote attackers to cause a denial of service (infinite loop and system hang) via an invalid packet with ... | N/A | NONE | — | 0 |
| CVE-2007-3158 download_script.asp in ASP Folder Gallery allows remote attackers to read arbitrary files via a filename in the file parameter. | N/A | NONE | — | 0 |
| CVE-2007-3159 http.c in MiniWeb Http Server 0.8.x allows remote attackers to cause a denial of service (application crash) via a negative value in the Content-Length HTTP header. | N/A | NONE | — | 0 |
| CVE-2007-3160 PHP remote file inclusion vulnerability in admin/header.php in PHP Real Estate Classifieds Premium Plus allows remote attackers to execute arbitrary PHP code via a URL in the loc parameter. | N/A | NONE | — | 0 |
| CVE-2007-3161 Buffer overflow in Ace-FTP Client 1.24a allows user-assisted, remote FTP servers to execute arbitrary code via a long response. | N/A | NONE | — | 0 |
| CVE-2007-3162 Buffer overflow in the NotSafe function in the idaiehlp ActiveX control in idaiehlp.dll 1.9.1.74 in Internet Download Accelerator (ida) 5.2 allows remote attackers to cause a denial of service (Intern... | N/A | NONE | — | 0 |
| CVE-2007-3163 Incomplete blacklist vulnerability in the filemanager in Frederico Caldeira Knabben FCKeditor 2.4.2 allows remote attackers to upload arbitrary .php files via an alternate data stream syntax, as demon... | N/A | NONE | — | 0 |
| CVE-2007-3164 Microsoft Internet Explorer 7, when prompting for HTTP Basic Authentication for an IDN web site, uses ACE labels for the domain name in the status bar, but uses internationalized labels for this name ... | N/A | NONE | — | 0 |
| CVE-2007-3165 Tor before 0.1.2.14 can construct circuits in which an entry guard is in the same family as the exit node, which might compromise the anonymity of traffic sources and destinations by exposing traffic ... | N/A | NONE | — | 0 |
| CVE-2007-3166 Buffer overflow in Qualcomm Eudora 7.1.0.9 allows user-assisted, remote IMAP servers to execute arbitrary code via a long FLAGS response to a SELECT INBOX command. | N/A | NONE | — | 0 |
| CVE-2007-3167 Stack-based buffer overflow in the Vivotek Motion Jpeg ActiveX control (aka MjpegControl) in MjpegDecoder.dll 2.0.0.13 allows remote attackers to execute arbitrary code via a long PtzUrl property valu... | N/A | NONE | — | 0 |
| CVE-2007-3168 A certain ActiveX control in the EDraw Office Viewer Component (edrawofficeviewer.ocx) 4.0.5.20, and other versions before 5.0, allows remote attackers to delete arbitrary files via the DeleteLocalFil... | N/A | NONE | — | 0 |
| CVE-2007-3169 Buffer overflow in a certain ActiveX control in the EDraw Office Viewer Component (edrawofficeviewer.ocx) 4.0.5.20, and other versions before 5.0, allows remote attackers to cause a denial of service ... | N/A | NONE | — | 0 |
| CVE-2007-3170 Multiple cross-site scripting (XSS) vulnerabilities in Uebimiau Webmail allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO to redirect.php or (2) the selected_theme pa... | N/A | NONE | — | 0 |
| CVE-2007-3171 Uebimiau Webmail allows remote attackers to obtain sensitive information via a request to demo/pop3/error.php with an invalid value of the (1) smarty or (2) selected_theme parameter, which reveals the... | N/A | NONE | — | 0 |
| CVE-2007-3172 Directory traversal vulnerability in demo/pop3/error.php in Uebimiau Webmail allows remote attackers to determine the existence of arbitrary directories via an absolute pathname and .. (dot dot) in th... | N/A | NONE | — | 0 |
| CVE-2007-3173 Almnzm allows remote attackers to obtain sensitive information via an activateorder request to index.php with an invalid orderid parameter, probably related to '[' and ']' characters. | N/A | NONE | — | 0 |
| CVE-2024-52942 An issue was discovered in Veritas Enterprise Vault before 15.1 UPD882911, ZDI-CAN-24696. It allows an authenticated remote attacker to inject a parameter into an HTTP request, allowing for Cross-Site... | 5.4 | MEDIUM | — | 0 |
| CVE-2007-3174 Cross-site scripting (XSS) vulnerability in auth.w2b in W2B Online Banking allows remote attackers to inject arbitrary web script or HTML via the adtype parameter, a different vector than CVE-2006-198... | N/A | NONE | — | 0 |
| CVE-2007-3175 Multiple SQL injection vulnerabilities in W2B Online Banking allow remote attackers to execute arbitrary SQL commands via (1) the draft parameter to mailer.w2b or (2) the listDocPay parameter to DocPa... | N/A | NONE | — | 0 |
| CVE-2007-3176 Unspecified vulnerability in Ingate Firewall and SIParator before 4.5.2 allows remote authenticated users without full privileges to download a Support Report. | N/A | NONE | — | 0 |
| CVE-2007-3177 Ingate Firewall and SIParator before 4.5.2 allow remote attackers to bypass SIP authentication via a certain maddr parameter. | N/A | NONE | — | 0 |
| CVE-2007-3178 Multiple SQL injection vulnerabilities in Zindizayn Okul Web Sistemi 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id or (2) pass parameter to (a) mezungiris.asp or (b) ogre... | N/A | NONE | — | 0 |
| CVE-2007-2453 The random number feature in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, (1) does not properly seed pools when there is no entropy, or (2) uses an incorrect cast when extracting e... | N/A | NONE | — | 0 |
| CVE-2007-2873 SpamAssassin 3.1.x, 3.2.0, and 3.2.1 before 20070611, when running as root in unusual configurations using vpopmail or virtual users, allows local users to cause a denial of service (corrupt arbitrary... | N/A | NONE | — | 0 |
| CVE-2007-2876 The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) nf_conntrack_proto_sctp.c in Netfilter in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, allows remote attackers to cau... | N/A | NONE | — | 0 |
| CVE-2007-3179 Multiple SQL injection vulnerabilities in archives.php in Particle Blogger 1.2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the month parameter and other unspecified vect... | N/A | NONE | — | 0 |
| CVE-2007-3180 Buffer overflow in Help and Support Center before 4.4 C on HP Windows systems allows remote attackers to read or write arbitrary files via unknown vectors. | N/A | NONE | — | 0 |
| CVE-2007-2796 Arris Cadant C3 CMTS allows remote attackers to cause a denial of service (service termination) via a malformed IP packet with an invalid IP option. | N/A | NONE | — | 0 |
| CVE-2007-0218 Microsoft Internet Explorer 5.01 and 6 allows remote attackers to execute arbitrary code by instantiating certain COM objects from Urlmon.dll, which triggers memory corruption during a call to the IOb... | N/A | NONE | — | 0 |
| CVE-2007-0934 Unspecified vulnerability in Microsoft Visio 2002 allows remote user-assisted attackers to execute arbitrary code via a Visio (.VSD, VSS, .VST) file with a crafted version number that triggers memory ... | N/A | NONE | — | 0 |
| CVE-2007-0936 Multiple unspecified vulnerabilities in Microsoft Visio 2002 allow remote user-assisted attackers to execute arbitrary code via a Visio (.VSD, VSS, .VST) file with a crafted packed object that trigger... | N/A | NONE | — | 0 |
| CVE-2007-1750 Unspecified vulnerability in Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code via a crafted Cascading Style Sheets (CSS) tag that triggers memory corruption. | N/A | NONE | — | 0 |
| CVE-2013-0676 Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly assign privileges for the database containing WebNavigator credentials, which allows remote authe... | N/A | NONE | — | 0 |
| CVE-2007-1751 Microsoft Internet Explorer 5.01, 6, and 7 allows remote attackers to execute arbitrary code by causing Internet Explorer to access an uninitialized or deleted object, related to prototype variables a... | N/A | NONE | — | 0 |
| CVE-2007-2218 Unspecified vulnerability in the Windows Schannel Security Package for Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2, allows remote servers to execute arbitrary code or cause a denia... | N/A | NONE | — | 0 |
| CVE-2007-2222 Multiple buffer overflows in the (1) ActiveListen (Xlisten.dll) and (2) ActiveVoice (Xvoice.dll) speech controls, as used by Microsoft Internet Explorer 5.01, 6, and 7, allow remote attackers to execu... | N/A | NONE | — | 0 |
| CVE-2007-2229 Microsoft Windows Vista uses insecure default permissions for unspecified "local user information data stores" in the registry and the file system, which allows local users to obtain sensitive informa... | N/A | NONE | — | 0 |
| CVE-2026-1445 A vulnerability was found in iJason-Liu Books_Manager up to 298ba736387ca37810466349af13a0fdf828e99c. This vulnerability affects unknown code of the file controllers/books_center/upload_bookCover.php.... | 4.7 | MEDIUM | — | 0 |
| CVE-2007-3027 Race condition in Microsoft Internet Explorer 5.01, 6, and 7 allows remote attackers to execute arbitrary code by causing Internet Explorer to install multiple language packs in a way that triggers me... | N/A | NONE | — | 0 |
| CVE-2007-2219 Unspecified vulnerability in the Win32 API on Microsoft Windows 2000, XP SP2, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via certain parameters to an unspecified fun... | N/A | NONE | — | 0 |
| CVE-2007-2225 A component in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle certain HTTP headers when processing MHTML protocol URLs, which allows remote attackers to obtain ... | N/A | NONE | — | 0 |
| CVE-2007-0245 Heap-based buffer overflow in OpenOffice.org (OOo) 2.2.1 and earlier allows remote attackers to execute arbitrary code via a RTF file with a crafted prtdata tag with a length parameter inconsistency, ... | N/A | NONE | — | 0 |
| CVE-2007-2227 The MHTML protocol handler in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle Content-Disposition "notifications," which allows remote attackers to obtain sensit... | N/A | NONE | — | 0 |
| CVE-2007-3184 Cisco Trust Agent (CTA) before 2.1.104.0, when running on MacOS X, allows attackers with physical access to bypass authentication and modify System Preferences, including passwords, by invoking the Ap... | N/A | NONE | — | 0 |
| CVE-2007-3185 Apple Safari Beta 3.0.1 for Windows public beta allows remote attackers to cause a denial of service (crash) via unspecified DHTML manipulations that trigger memory corruption, as demonstrated using H... | N/A | NONE | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.