2007 CVEs

6580 CVEs published in 2007. 29 critical, 29 high. Browse by vendor, severity, or with PoCs.

Top CVEs published in 2007
CVESeverityScorePublishedSummary
CVE-2007-4773Critical9.82020-01-15Systrace before 1.6.0 has insufficient escape policy enforcement.
CVE-2007-0158Critical9.82019-12-27thttpd 2007 has buffer underflow.
CVE-2007-6745Critical9.82019-11-07clamav 0.91.2 suffers from a floating point exception when using ScanOLE2.
CVE-2007-0899Critical9.82019-11-06There is a possible heap overflow in libclamav/fsg.c before 0.100.0.
CVE-2007-6762Critical9.82019-07-27In the Linux kernel before 2.6.20, there is an off-by-one bug in net/netlabel/netlabel_cipso_v4.c where it is possible to overflow the doi_def->tags[] array.
CVE-2007-5341Critical9.82017-08-18Remote code execution in the Venkman script debugger in Mozilla Firefox before 2.0.0.8.
CVE-2007-5199Critical9.82017-08-18A single byte overflow in catalogue.c in X.Org libXfont 1.3.1 allows remote attackers to have unspecified impact.
CVE-2007-6760Critical9.82017-04-07Dataprobe iBootBar (with 2007-09-20 and possibly later beta firmware) allows remote attackers to bypass authentication, and conduct power-cycle attacks on conn…
CVE-2007-6759Critical9.82017-04-07Dataprobe iBootBar (with 2007-09-20 and possibly later released firmware) allows remote attackers to bypass authentication, and conduct power-cycle attacks on…
CVE-2007-3652Critical9.82008-07-09SQL injection vulnerability in class/page.php in Farsi Script (aka FaScript) FaName 1.0 allows remote attackers to execute arbitrary SQL commands via the id pa…
CVE-2007-6013Critical9.82007-11-19Wordpress 1.5 through 2.3.1 uses cookie values based on the MD5 hash of a password MD5 hash, which allows attackers to bypass authentication by obtaining the M…
CVE-2007-5775Critical9.82007-11-01Unspecified vulnerability in BitDefender allows attackers to execute arbitrary code via unspecified vectors, aka EEYEB-20071024. NOTE: as of 20071029, the onl…
CVE-2007-5565Critical9.82007-10-18PHP remote file inclusion vulnerability in includes/functions.php in phpSCMS 0.0.1-Alpha1 allows remote attackers to execute arbitrary PHP code via a URL in th…
CVE-2007-5097Critical9.82007-09-26PHP remote file inclusion vulnerability in lib/classes/offl_nflteam.php in Online Fantasy Football League (OFFL) 0.2.6 allows remote attackers to execute arbit…
CVE-2007-3010Critical9.82007-09-18masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server R7.1 and earlier allows remote attackers to execute arbitrary comm…
CVE-2007-4559Critical9.82007-08-28Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to over…
CVE-2007-4290Critical9.82007-08-09Multiple PHP remote file inclusion vulnerabilities in Guestbook Script 1.9 allow remote attackers to execute arbitrary PHP code via a URL in the script_root pa…
CVE-2007-4043Critical9.82007-07-27file.cgi in Secure Computing SecurityReporter (aka Network Security Analyzer) before 4.6.3 allows remote attackers to bypass authentication via a name paramete…
CVE-2007-4039Critical9.82007-07-27Argument injection vulnerability involving Mozilla, when certain URIs are registered, allows remote attackers to conduct cross-browser scripting attacks and ex…
CVE-2007-3798Critical9.82007-07-16Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP p…