Search Results (351250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-6176 1 Amensa-soft 1 K\+b-bestellsystem 2026-04-23 N/A
kb_whois.cgi in K+B-Bestellsystem (aka KB-Bestellsystem) allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) domain or (2) tld parameter in a check_owner action.
CVE-2007-6194 1 Hp 1 Select Identity 2026-04-23 N/A
Unspecified vulnerability in HP Select Identity 4.01 before 4.01.012 and 4.1x before 4.13.003 allows remote attackers to obtain unspecified access via unknown vectors.
CVE-2007-6202 1 Neocrome 1 Seditio 2026-04-23 N/A
SQL injection vulnerability in plugins/search/search.php in Neocrome Seditio CMS 121 and earlier allows remote attackers to execute arbitrary SQL commands via the pag_sub[] parameter to plug.php.
CVE-2007-6201 1 Wesnoth 1 Wesnoth 2026-04-23 N/A
Unspecified vulnerability in Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows attackers to cause a denial of service (hang) via a "faulty add-on" and possibly execute other commands via unknown vectors related to the turn_cmd option.
CVE-2007-6221 1 Tumusika Evolution 1 Tumusika Evolution 2026-04-23 N/A
TuMusika Evolution 1.7R5 allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-6227 1 Qemu 1 Qemu 2026-04-23 N/A
QEMU 0.9.0 allows local users of a Windows XP SP2 guest operating system to overwrite the TranslationBlock (code_gen_buffer) buffer, and probably have unspecified other impacts related to an "overflow," via certain Windows executable programs, as demonstrated by qemu-dos.com.
CVE-2007-6229 1 Rayzz 1 Rayzz Script 2026-04-23 N/A
PHP remote file inclusion vulnerability in common/classes/class_HeaderHandler.lib.php in Rayzz Script 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the CFG[site][project_path] parameter.
CVE-2007-6230 1 Rayzz 1 Rayzz Script 2026-04-23 N/A
Directory traversal vulnerability in common/classes/class_HeaderHandler.lib.php in Rayzz Script 2.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the CFG[site][project_path] parameter.
CVE-2007-6235 1 Realnetworks 1 Realplayer 2026-04-23 N/A
A certain ActiveX control in RealNetworks RealPlayer 11 allows remote attackers to cause a denial of service (application crash) via a malformed .au file that triggers a divide-by-zero error. NOTE: this might be related to CVE-2007-4904.
CVE-2007-6273 1 Sonicwall 1 Global Vpn Client 2026-04-23 N/A
Multiple format string vulnerabilities in the configuration file in SonicWALL GLobal VPN Client 3.1.556 and 4.0.0.810 allow user-assisted remote attackers to execute arbitrary code via format string specifiers in the (1) Hostname tag or the (2) name attribute in the Connection tag. NOTE: there might not be any realistic circumstances in which this issue crosses privilege boundaries.
CVE-2007-6281 1 Stbernard 1 Open File Manager 2026-04-23 N/A
Heap-based buffer overflow in Open File Manager service (ofmnt.exe) in St. Bernard Open File Manager 9.5 allows remote attackers to execute arbitrary code via a long request.
CVE-2007-6282 1 Redhat 3 Enterprise Linux, Enterprise Linux Desktop, Enterprise Mrg 2026-04-23 N/A
The IPsec implementation in Linux kernel before 2.6.25 allows remote routers to cause a denial of service (crash) via a fragmented ESP packet in which the first fragment does not contain the entire ESP header and IV.
CVE-2007-6291 1 Xigla 1 Absolute Banner Manager.net 2026-04-23 N/A
SQL injection vulnerability in abm.aspx in Xigla Absolute Banner Manager .NET 4.0 allows remote attackers to execute arbitrary SQL commands via the z parameter.
CVE-2007-6279 1 Flac 1 Libflac 2026-04-23 N/A
Multiple double free vulnerabilities in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via malformed (1) Seektable values or (2) Seektable Data Offsets in a .FLAC file.
CVE-2007-6290 1 Iptel 1 Serweb 2026-04-23 N/A
Multiple directory traversal vulnerabilities in js/get_js.php in SERWeb 2.0.0 dev1 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) mod and (2) js parameters.
CVE-2007-6301 1 Open Newsletter 1 Open Newsletter 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in compose.php in OpenNewsletter 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the type parameter.
CVE-2007-6315 1 Real Time Logic 2 Barracudadrive Web Server, Barracudadrive Web Server Home Server 2026-04-23 N/A
Group Chat in BarracudaDrive Web Server before 3.8 allows remote authenticated users to cause a denial of service (crash) via a HTTP request to /eh/chat.ehintf/C. that does not contain a Connection ID, which results in a NULL pointer dereference.
CVE-2007-6316 1 Real Time Logic 2 Barracudadrive Web Server, Barracudadrive Web Server Home Server 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in BarracudaDrive Web Server before 3.8 allows remote attackers to inject arbitrary web script or HTML via the URI path in an HTTP GET request, which is activated by administrators viewing log files via the Trace page.
CVE-2007-6337 2 Clam Anti-virus, Gentoo 2 Clamav, Linux 2026-04-23 N/A
Unspecified vulnerability in the bzip2 decompression algorithm in nsis/bzlib_private.h in ClamAV before 0.92 has unknown impact and remote attack vectors.
CVE-2007-6323 1 Mms Gallery 1 Mms Gallery Php 2026-04-23 N/A
Multiple directory traversal vulnerabilities in MMS Gallery PHP 1.0 allow remote attackers to read arbitrary files via a .. (dot dot) in the id parameter to (1) get_image.php or (2) get_file.php in mms_template/.