Логотип exploitDog
source:"nvd"
Консоль
Логотип exploitDog

exploitDog

source:"nvd"

Количество 327 090

Количество 327 090

nvd логотип

CVE-2007-0330

около 19 лет назад

Buffer overflow in wsbho2k0.dll, as used by wsftpurl.exe, in Ipswitch WS_FTP 2007 Professional allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long ftp:// URL in an HTML document, and possibly other vectors.

CVSS2: 7.5
EPSS: Низкий
nvd логотип

CVE-2007-0329

около 19 лет назад

download.php in Joonas Viljanen JV2 Folder Gallery allows remote attackers to read sensitive files via a relative pathname in the file parameter, as demonstrated by config/gallerysetup.php. NOTE: this issue might be resultant from a directory traversal vulnerability.

CVSS2: 5
EPSS: Низкий
nvd логотип

CVE-2007-0328

больше 18 лет назад

The DWUpdateService ActiveX control in the agent (agent.exe) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allows remote attackers to execute arbitrary commands via (1) the Execute method, and obtain the exit status using (2) the GetExitCode method.

CVSS2: 9.3
EPSS: Низкий
nvd логотип

CVE-2007-0326

больше 18 лет назад

Multiple stack-based buffer overflows in the PhotoChannel Networks PNI Digital Media Photo Upload Plugin ActiveX control before 2.0.0.10, as used by multiple retailers, allow remote attackers to execute arbitrary code via unspecified vectors.

CVSS2: 9.3
EPSS: Средний
nvd логотип

CVE-2007-0325

почти 19 лет назад

Multiple buffer overflows in the Trend Micro OfficeScan Web-Deployment SetupINICtrl ActiveX control in OfficeScanSetupINI.dll, as used in OfficeScan 7.0 before Build 1344, OfficeScan 7.3 before Build 1241, and Client / Server / Messaging Security 3.0 before Build 1197, allow remote attackers to execute arbitrary code via a crafted HTML document.

CVSS2: 9.3
EPSS: Высокий
nvd логотип

CVE-2007-0324

почти 19 лет назад

Multiple buffer overflows in the LizardTech DjVu Browser Plug-in before 6.1.1 allow remote attackers to execute arbitrary code via unspecified vectors.

CVSS2: 7.5
EPSS: Средний
nvd логотип

CVE-2007-0323

почти 19 лет назад

Buffer overflow in the SetLanguage function in Research In Motion (RIM) TeamOn Import Object ActiveX control (TOImport.dll) allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS2: 7.5
EPSS: Средний
nvd логотип

CVE-2007-0322

больше 18 лет назад

Multiple stack-based buffer overflows in the Intuit QuickBooks Online Edition ActiveX control before 10 allow remote attackers to execute arbitrary code via unspecified vectors.

CVSS2: 9.3
EPSS: Низкий
nvd логотип

CVE-2007-0321

почти 19 лет назад

Buffer overflow in the Update Service Agent ActiveX Control in isusweb.dll for Macrovision FLEXnet Connect (formerly InstallShield Update Service) allows remote attackers to execute arbitrary code via the Download method.

CVSS2: 9.3
EPSS: Низкий
nvd логотип

CVE-2007-0320

почти 19 лет назад

Multiple buffer overflows in (a) an ActiveX control (iftw.dll) and (b) Netscape plug-in (npiftw32.dll) for Macrovision (formerly InstallShield) InstallFromTheWeb allow remote attackers to execute arbitrary code via crafted HTML documents.

CVSS2: 9.3
EPSS: Низкий
nvd логотип

CVE-2007-0319

больше 18 лет назад

Multiple stack-based buffer overflows in the Motive ActiveEmailTest.EmailData (ActiveUtils EmailData) ActiveX control in ActiveUtils.dll in Motive Service Activation Manager 5.1 and Self Service Manager 5.1 and earlier allow remote attackers to execute arbitrary code via unspecified vectors.

CVSS2: 6.8
EPSS: Средний
nvd логотип

CVE-2007-0318

около 19 лет назад

The do_hfs_truncate function in Mac OS X 10.4.8 allows context-dependent attackers to cause a denial of service (kernel panic) via a crafted HFS+ filesystem in a DMG image, which causes an access of an invalid vnode structure during file removal.

CVSS2: 7.8
EPSS: Низкий
nvd логотип

CVE-2007-0317

около 19 лет назад

Format string vulnerability in the LogMessage function in FileZilla before 3.0.0-beta5 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted arguments. NOTE: some of these details are obtained from third party information.

CVSS2: 7.5
EPSS: Низкий
nvd логотип

CVE-2007-0316

около 19 лет назад

Multiple SQL injection vulnerabilities in All In One Control Panel (AIOCP) 1.3.010 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) xuser_name parameter to shared/code/cp_authorization.php, and the (2) did parameter to public/code/cp_downloads.php, different vectors than CVE-2007-0223.

CVSS2: 7.5
EPSS: Низкий
nvd логотип

CVE-2007-0315

около 19 лет назад

Multiple buffer overflows in FileZilla before 2.2.30a allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors related to (1) Options.cpp when storing settings in the registry, and (2) the transfer queue (QueueCtrl.cpp). NOTE: some of these details are obtained from third party information.

CVSS2: 9.3
EPSS: Низкий
nvd логотип

CVE-2007-0314

около 19 лет назад

Multiple PHP remote file inclusion vulnerabilities in Article System 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the INCLUDE_DIR parameter to (1) forms.php, (2) issue_edit.php, (3) client.php, and (4) classes.php.

CVSS2: 7.5
EPSS: Низкий
nvd логотип

CVE-2007-0313

около 19 лет назад

Unspecified vulnerability in GONICUS System Administration (GOsa) before 2.5.8 allows remote authenticated users to modify certain settings, including the admin password, via crafted POST requests.

CVSS2: 9
EPSS: Низкий
nvd логотип

CVE-2007-0312

около 19 лет назад

wcSimple Poll stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain password hashes via a direct request for password.txt.

CVSS2: 7.8
EPSS: Низкий
nvd логотип

CVE-2007-0311

около 19 лет назад

Texas Imperial Software WFTPD and WFTPD Pro Server 3.25 and earlier allow remote attackers to cause a denial of service (application crash) via a long SITE ADMIN command.

CVSS2: 5
EPSS: Низкий
nvd логотип

CVE-2007-0310

около 19 лет назад

BMC Remedy Action Request System 5.01.02 Patch 1267 generates different error messages for failed login attempts with a valid username than for those with an invalid username, which allows remote attackers to determine valid account names.

CVSS2: 5
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
nvd логотип
CVE-2007-0330

Buffer overflow in wsbho2k0.dll, as used by wsftpurl.exe, in Ipswitch WS_FTP 2007 Professional allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long ftp:// URL in an HTML document, and possibly other vectors.

CVSS2: 7.5
1%
Низкий
около 19 лет назад
nvd логотип
CVE-2007-0329

download.php in Joonas Viljanen JV2 Folder Gallery allows remote attackers to read sensitive files via a relative pathname in the file parameter, as demonstrated by config/gallerysetup.php. NOTE: this issue might be resultant from a directory traversal vulnerability.

CVSS2: 5
7%
Низкий
около 19 лет назад
nvd логотип
CVE-2007-0328

The DWUpdateService ActiveX control in the agent (agent.exe) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allows remote attackers to execute arbitrary commands via (1) the Execute method, and obtain the exit status using (2) the GetExitCode method.

CVSS2: 9.3
4%
Низкий
больше 18 лет назад
nvd логотип
CVE-2007-0326

Multiple stack-based buffer overflows in the PhotoChannel Networks PNI Digital Media Photo Upload Plugin ActiveX control before 2.0.0.10, as used by multiple retailers, allow remote attackers to execute arbitrary code via unspecified vectors.

CVSS2: 9.3
12%
Средний
больше 18 лет назад
nvd логотип
CVE-2007-0325

Multiple buffer overflows in the Trend Micro OfficeScan Web-Deployment SetupINICtrl ActiveX control in OfficeScanSetupINI.dll, as used in OfficeScan 7.0 before Build 1344, OfficeScan 7.3 before Build 1241, and Client / Server / Messaging Security 3.0 before Build 1197, allow remote attackers to execute arbitrary code via a crafted HTML document.

CVSS2: 9.3
76%
Высокий
почти 19 лет назад
nvd логотип
CVE-2007-0324

Multiple buffer overflows in the LizardTech DjVu Browser Plug-in before 6.1.1 allow remote attackers to execute arbitrary code via unspecified vectors.

CVSS2: 7.5
25%
Средний
почти 19 лет назад
nvd логотип
CVE-2007-0323

Buffer overflow in the SetLanguage function in Research In Motion (RIM) TeamOn Import Object ActiveX control (TOImport.dll) allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS2: 7.5
21%
Средний
почти 19 лет назад
nvd логотип
CVE-2007-0322

Multiple stack-based buffer overflows in the Intuit QuickBooks Online Edition ActiveX control before 10 allow remote attackers to execute arbitrary code via unspecified vectors.

CVSS2: 9.3
6%
Низкий
больше 18 лет назад
nvd логотип
CVE-2007-0321

Buffer overflow in the Update Service Agent ActiveX Control in isusweb.dll for Macrovision FLEXnet Connect (formerly InstallShield Update Service) allows remote attackers to execute arbitrary code via the Download method.

CVSS2: 9.3
8%
Низкий
почти 19 лет назад
nvd логотип
CVE-2007-0320

Multiple buffer overflows in (a) an ActiveX control (iftw.dll) and (b) Netscape plug-in (npiftw32.dll) for Macrovision (formerly InstallShield) InstallFromTheWeb allow remote attackers to execute arbitrary code via crafted HTML documents.

CVSS2: 9.3
10%
Низкий
почти 19 лет назад
nvd логотип
CVE-2007-0319

Multiple stack-based buffer overflows in the Motive ActiveEmailTest.EmailData (ActiveUtils EmailData) ActiveX control in ActiveUtils.dll in Motive Service Activation Manager 5.1 and Self Service Manager 5.1 and earlier allow remote attackers to execute arbitrary code via unspecified vectors.

CVSS2: 6.8
16%
Средний
больше 18 лет назад
nvd логотип
CVE-2007-0318

The do_hfs_truncate function in Mac OS X 10.4.8 allows context-dependent attackers to cause a denial of service (kernel panic) via a crafted HFS+ filesystem in a DMG image, which causes an access of an invalid vnode structure during file removal.

CVSS2: 7.8
2%
Низкий
около 19 лет назад
nvd логотип
CVE-2007-0317

Format string vulnerability in the LogMessage function in FileZilla before 3.0.0-beta5 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted arguments. NOTE: some of these details are obtained from third party information.

CVSS2: 7.5
2%
Низкий
около 19 лет назад
nvd логотип
CVE-2007-0316

Multiple SQL injection vulnerabilities in All In One Control Panel (AIOCP) 1.3.010 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) xuser_name parameter to shared/code/cp_authorization.php, and the (2) did parameter to public/code/cp_downloads.php, different vectors than CVE-2007-0223.

CVSS2: 7.5
2%
Низкий
около 19 лет назад
nvd логотип
CVE-2007-0315

Multiple buffer overflows in FileZilla before 2.2.30a allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors related to (1) Options.cpp when storing settings in the registry, and (2) the transfer queue (QueueCtrl.cpp). NOTE: some of these details are obtained from third party information.

CVSS2: 9.3
3%
Низкий
около 19 лет назад
nvd логотип
CVE-2007-0314

Multiple PHP remote file inclusion vulnerabilities in Article System 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the INCLUDE_DIR parameter to (1) forms.php, (2) issue_edit.php, (3) client.php, and (4) classes.php.

CVSS2: 7.5
5%
Низкий
около 19 лет назад
nvd логотип
CVE-2007-0313

Unspecified vulnerability in GONICUS System Administration (GOsa) before 2.5.8 allows remote authenticated users to modify certain settings, including the admin password, via crafted POST requests.

CVSS2: 9
1%
Низкий
около 19 лет назад
nvd логотип
CVE-2007-0312

wcSimple Poll stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain password hashes via a direct request for password.txt.

CVSS2: 7.8
0%
Низкий
около 19 лет назад
nvd логотип
CVE-2007-0311

Texas Imperial Software WFTPD and WFTPD Pro Server 3.25 and earlier allow remote attackers to cause a denial of service (application crash) via a long SITE ADMIN command.

CVSS2: 5
5%
Низкий
около 19 лет назад
nvd логотип
CVE-2007-0310

BMC Remedy Action Request System 5.01.02 Patch 1267 generates different error messages for failed login attempts with a valid username than for those with an invalid username, which allows remote attackers to determine valid account names.

CVSS2: 5
1%
Низкий
около 19 лет назад

Уязвимостей на страницу