Логотип exploitDog
source:"nvd"
Консоль
Логотип exploitDog

exploitDog

source:"nvd"

Количество 331 342

Количество 331 342

nvd логотип

CVE-2007-1774

почти 19 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in aBitWhizzy allow remote attackers to inject arbitrary web script or HTML via the d parameter to (1) whizzery/whizzypic.php or (2) whizzery/whizzylink.php.

CVSS2: 4.3
EPSS: Низкий
nvd логотип

CVE-2007-1773

почти 19 лет назад

Multiple directory traversal vulnerabilities in aBitWhizzy allow remote attackers to list arbitrary directories via a .. (dot dot) in the d parameter to (1) whizzery/whizzypic.php or (2) whizzery/whizzylink.php, different vectors than CVE-2006-6384.

CVSS2: 2.6
EPSS: Низкий
nvd логотип

CVE-2007-1772

почти 19 лет назад

The FTP service in HP JetDirect print servers allows remote attackers to cause a denial of service (engine crash) via a RETR command with a long pathname.

CVSS2: 7.1
EPSS: Низкий
nvd логотип

CVE-2007-1771

почти 19 лет назад

PHP remote file inclusion vulnerability in manage/javascript/formjavascript.php in Ay System Solutions Web Content System (WCS) 2.7.1 allows remote attackers to execute arbitrary PHP code via a URL in the path[JavascriptEdit] parameter.

CVSS2: 9.3
EPSS: Низкий
nvd логотип

CVE-2007-1770

почти 19 лет назад

Buffer overflow in the ArcSDE service (giomgr) in Environmental Systems Research Institute (ESRI) ArcGIS before 9.2 Service Pack 2, when using three tiered ArcSDE configurations, allows remote attackers to cause a denial of service (giomgr crash) and execute arbitrary code via long parameters in crafted requests.

CVSS2: 10
EPSS: Средний
nvd логотип

CVE-2007-1769

почти 19 лет назад

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-1873. Reason: This candidate is a duplicate of CVE-2007-1873. Notes: All CVE users should reference CVE-2007-1873 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage

EPSS: Низкий
nvd логотип

CVE-2007-1768

почти 19 лет назад

Cross-site scripting (XSS) vulnerability in app/helpers/application_helper.rb in Mephisto 0.7.3 and Mephisto Edge 20070325 allows remote attackers to inject arbitrary web script or HTML via the author name field in a comment.

CVSS2: 4.3
EPSS: Низкий
nvd логотип

CVE-2007-1767

почти 19 лет назад

Unspecified vulnerability in (1) Deskbar.dll and (2) Toolbar.dll in AOL 9.0 before February 2007 allows remote attackers to cause a denial of service (browser crash) via unknown vectors.

CVSS2: 7.8
EPSS: Низкий
nvd логотип

CVE-2007-1766

почти 19 лет назад

PHP remote file inclusion vulnerability in login/engine/db/profiledit.php in Advanced Login 0.76 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root parameter.

CVSS2: 10
EPSS: Низкий
nvd логотип

CVE-2007-1765

почти 19 лет назад

Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and icons, a similar issue to CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this issue might be a duplicate of CVE-2007-0038; if so, then use CVE-2007-0038 instead of this identifier.

CVSS2: 9.3
EPSS: Средний
nvd логотип

CVE-2007-1764

почти 19 лет назад

Stack-based buffer overflow in FastStone Image Viewer 2.8 allows user-assisted remote attackers to execute arbitrary code via a crafted JPG image.

CVSS2: 6
EPSS: Низкий
nvd логотип

CVE-2007-1763

почти 19 лет назад

The ATI kernel driver (atikmdag.sys) in Microsoft Windows Vista allows user-assisted remote attackers to cause a denial of service (crash) via a crafted JPG image, as demonstrated by a slideshow, possibly due to a buffer overflow.

CVSS2: 7.1
EPSS: Средний
nvd логотип

CVE-2007-1762

почти 19 лет назад

Mozilla Firefox 2.0.0.1 through 2.0.0.3 does not canonicalize URLs before checking them against the phishing site blacklist, which allows remote attackers to bypass phishing protection via multiple / (slash) characters in the URL.

CVSS2: 5
EPSS: Низкий
nvd логотип

CVE-2007-1761

больше 8 лет назад

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2007. Notes: none

EPSS: Низкий
nvd логотип

CVE-2007-1760

больше 8 лет назад

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2007. Notes: none

EPSS: Низкий
nvd логотип

CVE-2007-1759

больше 8 лет назад

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2007. Notes: none

EPSS: Низкий
nvd логотип

CVE-2007-1758

больше 8 лет назад

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2007. Notes: none

EPSS: Низкий
nvd логотип

CVE-2007-1757

больше 8 лет назад

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2007. Notes: none

EPSS: Низкий
nvd логотип

CVE-2007-1756

больше 18 лет назад

Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, and Office Excel 2007 does not properly validate version information, which allows user-assisted remote attackers to execute arbitrary code via a crafted Excel file, aka "Calculation Error Vulnerability".

CVSS2: 9.3
EPSS: Средний
nvd логотип

CVE-2007-1755

больше 8 лет назад

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2007. Notes: none

EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
nvd логотип
CVE-2007-1774

Multiple cross-site scripting (XSS) vulnerabilities in aBitWhizzy allow remote attackers to inject arbitrary web script or HTML via the d parameter to (1) whizzery/whizzypic.php or (2) whizzery/whizzylink.php.

CVSS2: 4.3
1%
Низкий
почти 19 лет назад
nvd логотип
CVE-2007-1773

Multiple directory traversal vulnerabilities in aBitWhizzy allow remote attackers to list arbitrary directories via a .. (dot dot) in the d parameter to (1) whizzery/whizzypic.php or (2) whizzery/whizzylink.php, different vectors than CVE-2006-6384.

CVSS2: 2.6
7%
Низкий
почти 19 лет назад
nvd логотип
CVE-2007-1772

The FTP service in HP JetDirect print servers allows remote attackers to cause a denial of service (engine crash) via a RETR command with a long pathname.

CVSS2: 7.1
8%
Низкий
почти 19 лет назад
nvd логотип
CVE-2007-1771

PHP remote file inclusion vulnerability in manage/javascript/formjavascript.php in Ay System Solutions Web Content System (WCS) 2.7.1 allows remote attackers to execute arbitrary PHP code via a URL in the path[JavascriptEdit] parameter.

CVSS2: 9.3
10%
Низкий
почти 19 лет назад
nvd логотип
CVE-2007-1770

Buffer overflow in the ArcSDE service (giomgr) in Environmental Systems Research Institute (ESRI) ArcGIS before 9.2 Service Pack 2, when using three tiered ArcSDE configurations, allows remote attackers to cause a denial of service (giomgr crash) and execute arbitrary code via long parameters in crafted requests.

CVSS2: 10
27%
Средний
почти 19 лет назад
nvd логотип
CVE-2007-1769

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-1873. Reason: This candidate is a duplicate of CVE-2007-1873. Notes: All CVE users should reference CVE-2007-1873 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage

почти 19 лет назад
nvd логотип
CVE-2007-1768

Cross-site scripting (XSS) vulnerability in app/helpers/application_helper.rb in Mephisto 0.7.3 and Mephisto Edge 20070325 allows remote attackers to inject arbitrary web script or HTML via the author name field in a comment.

CVSS2: 4.3
0%
Низкий
почти 19 лет назад
nvd логотип
CVE-2007-1767

Unspecified vulnerability in (1) Deskbar.dll and (2) Toolbar.dll in AOL 9.0 before February 2007 allows remote attackers to cause a denial of service (browser crash) via unknown vectors.

CVSS2: 7.8
1%
Низкий
почти 19 лет назад
nvd логотип
CVE-2007-1766

PHP remote file inclusion vulnerability in login/engine/db/profiledit.php in Advanced Login 0.76 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root parameter.

CVSS2: 10
7%
Низкий
почти 19 лет назад
nvd логотип
CVE-2007-1765

Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and icons, a similar issue to CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this issue might be a duplicate of CVE-2007-0038; if so, then use CVE-2007-0038 instead of this identifier.

CVSS2: 9.3
60%
Средний
почти 19 лет назад
nvd логотип
CVE-2007-1764

Stack-based buffer overflow in FastStone Image Viewer 2.8 allows user-assisted remote attackers to execute arbitrary code via a crafted JPG image.

CVSS2: 6
4%
Низкий
почти 19 лет назад
nvd логотип
CVE-2007-1763

The ATI kernel driver (atikmdag.sys) in Microsoft Windows Vista allows user-assisted remote attackers to cause a denial of service (crash) via a crafted JPG image, as demonstrated by a slideshow, possibly due to a buffer overflow.

CVSS2: 7.1
42%
Средний
почти 19 лет назад
nvd логотип
CVE-2007-1762

Mozilla Firefox 2.0.0.1 through 2.0.0.3 does not canonicalize URLs before checking them against the phishing site blacklist, which allows remote attackers to bypass phishing protection via multiple / (slash) characters in the URL.

CVSS2: 5
0%
Низкий
почти 19 лет назад
nvd логотип
CVE-2007-1761

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2007. Notes: none

больше 8 лет назад
nvd логотип
CVE-2007-1760

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2007. Notes: none

больше 8 лет назад
nvd логотип
CVE-2007-1759

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2007. Notes: none

больше 8 лет назад
nvd логотип
CVE-2007-1758

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2007. Notes: none

больше 8 лет назад
nvd логотип
CVE-2007-1757

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2007. Notes: none

больше 8 лет назад
nvd логотип
CVE-2007-1756

Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, and Office Excel 2007 does not properly validate version information, which allows user-assisted remote attackers to execute arbitrary code via a crafted Excel file, aka "Calculation Error Vulnerability".

CVSS2: 9.3
68%
Средний
больше 18 лет назад
nvd логотип
CVE-2007-1755

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2007. Notes: none

больше 8 лет назад

Уязвимостей на страницу