Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-1030 1 Niels Provos 1 Libevent 2026-04-23 N/A
Niels Provos libevent 1.2 and 1.2a allows remote attackers to cause a denial of service (infinite loop) via a DNS response containing a label pointer that references its own offset.
CVE-2007-1033 1 Drupal 1 Secure Site Module 2026-04-23 N/A
Unspecified vulnerability in the Secure site 4.7.x-1.x-dev and 5.x-1.x-dev module for Drupal allows remote attackers to bypass access restrictions via a crafted URL.
CVE-2007-1035 1 Drupal 3 Audio Module, Getid3, Mediafield Module 2026-04-23 N/A
Unspecified vulnerability in certain demonstration scripts in getID3 1.7.1, as used in the Mediafield and Audio modules for Drupal, allows remote attackers to read and delete arbitrary files, list arbitrary directories, and write to empty files or .mp3 files via unknown vectors.
CVE-2007-1038 1 Shemes.com 1 Grabit 2026-04-23 N/A
Shemes.com Grabit 1.5.3, and possibly earlier, allows remote attackers to cause a denial of service (application crash) via a .nzb file with a subject field containing ';' (semicolon) characters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-1039 1 Peanutkb 1 Peanut Knowledge Base 2026-04-23 N/A
Unspecified vulnerability in Peanut Knowledge Base (PeanutKB) 0.0.3 and earlier has unknown impact and attack vectors.
CVE-2007-1040 1 Xpression News 1 Xpression News 2026-04-23 N/A
Directory traversal vulnerability in archives.php in Xpression News (X-News) 1.0.1 allows remote attackers to include arbitrary files or obtain sensitive information via a .. (dot dot) in the xnews-template parameter.
CVE-2007-1043 9 Apple, Ezboo, Hp and 6 more 18 Mac Os X, Webstats, Hp-ux and 15 more 2026-04-23 N/A
Ezboo webstats, possibly 3.0.3, allows remote attackers to bypass authentication and gain access via a direct request to (1) update.php and (2) config.php.
CVE-2007-1046 1 Dem Trac 1 Dem Trac 2026-04-23 N/A
Dem_trac allows remote attackers to read log file contents via a direct request for /anc_sit.txt.
CVE-2007-1047 1 Distributed Checksum Clearinghouse 1 Dcc 2026-04-23 N/A
Unspecified vulnerability in Distributed Checksum Clearinghouse (DCC) before 1.3.51 allows remote attackers to delete or add hosts in /var/dcc/maps.
CVE-2007-1856 3 Gentoo, Paul Vixie, Redhat 3 Linux, Vixie Cron, Enterprise Linux 2026-04-23 N/A
Vixie Cron before 4.1-r10 on Gentoo Linux is installed with insecure permissions, which allows local users to cause a denial of service (cron failure) by creating hard links, which results in a failed st_nlink check in database.c.
CVE-2007-1858 2 Apache, Redhat 3 Tomcat, Network Satellite, Rhel Application Server 2026-04-23 N/A
The default SSL cipher configuration in Apache Tomcat 4.1.28 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.17 uses certain insecure ciphers, including the anonymous cipher, which allows remote attackers to obtain sensitive information or have other, unspecified impacts.
CVE-2007-1872 1 Toenda Software Development 1 Toendacms 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in toendaCMS 1.5.3 allows remote attackers to inject arbitrary web script or HTML via the searchword parameter in a search id.
CVE-2007-1863 3 Apache, Apple, Redhat 5 Http Server, Mac Os X Server, Certificate System and 2 more 2026-04-23 N/A
cache_util.c in the mod_cache module in Apache HTTP Server (httpd), when caching is enabled and a threaded Multi-Processing Module (MPM) is used, allows remote attackers to cause a denial of service (child processing handler crash) via a request with the (1) s-maxage, (2) max-age, (3) min-fresh, or (4) max-stale Cache-Control headers without a value.
CVE-2007-1866 1 Dproxy 1 Dproxy 2026-04-23 N/A
Stack-based buffer overflow in the dns_decode_reverse_name function in dns_decode.c in dproxy-nexgen allows remote attackers to execute arbitrary code by sending a crafted packet to port 53/udp, a different issue than CVE-2007-1465.
CVE-2007-1867 1 Irfanview 1 Irfanview 2026-04-23 N/A
Buffer overflow in IrfanView 3.99 allows remote attackers to execute arbitrary code via a crafted animated cursor (ANI) file.
CVE-2007-1868 1 Ibm 1 Tivoli Provisioning Manager Os Deployment 2026-04-23 N/A
The management service in IBM Tivoli Provisioning Manager for OS Deployment before 5.1 Fix Pack 2 does not properly handle multipart/form-data in HTTP POST requests, which allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via crafted POST requests to port 8080/tcp or 443/tcp.
CVE-2007-1869 1 Lighttpd 1 Lighttpd 2026-04-23 N/A
lighttpd 1.4.12 and 1.4.13 allows remote attackers to cause a denial of service (cpu and resource consumption) by disconnecting while lighttpd is parsing CRLF sequences, which triggers an infinite loop and file descriptor consumption.
CVE-2007-1870 1 Lighttpd 1 Lighttpd 2026-04-23 N/A
lighttpd before 1.4.14 allows attackers to cause a denial of service (crash) via a request to a file whose mtime is 0, which results in a NULL pointer dereference.
CVE-2007-1876 2 Microsoft, Vmware 3 Windows 2003 Server, Windows Xp, Workstation 2026-04-23 N/A
VMware Workstation before 5.5.4, when running a 64-bit Windows guest on a 64-bit host, allows local users to "corrupt the virtual machine's register context" by debugging a local program and stepping into a "syscall instruction."
CVE-2007-1877 1 Vmware 1 Workstation 2026-04-23 N/A
VMware Workstation before 5.5.4 allows attackers to cause a denial of service against the guest OS by causing the virtual machine process (VMX) to store malformed configuration information.