CVE-2007-4677

CVE-2023-4319 - Rejected reason: This CVE ID is a reservation duplicate of CVE-2023-4677. Notes: All CVE users should reference CVE-2023-4677 instead of this CVE ID. ...
1 year ago Tenable.com

CVE-2015-2503 - Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 ...
7 years ago

CVE-2007-4677 - Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via an invalid color table size when parsing the color table atom (CTAB) in a movie file, related to the CTAB RGB values. ...
2 years ago

CVE-2006-4677 - ** DISPUTED ** PHP remote file inclusion vulnerability in contrib/yabbse/poc.php in phpopenchat before 3.0.2 allows remote attackers to execute arbitrary PHP code via the sourcedir parameter. NOTE: this issue was disputed by a third-party ...
7 years ago

CVE-2009-4677 - Cross-site scripting (XSS) vulnerability in search.php in phpFK PHP Forum ohne 7.0.4 allows remote attackers to inject arbitrary web script or HTML via the search parameter. NOTE: the provenance of this information is unknown; the details are ...
15 years ago

CVE-2011-4677 - One Click Orgs before 1.2.3 does not have an off autocomplete attribute for authentication fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation. ...
14 years ago

CVE-2012-4677 - Tunnelblick 3.3beta20 and earlier allows local users to gain privileges by using a crafted Info.plist file to control the gOkIfNotSecure value. ...
2 years ago

CVE-2013-4677 - Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 uses weak permissions (Everyone: Read and Everyone: Change) for backup data files, which allows local users to obtain sensitive information or modify the outcome of a restore via ...
12 years ago

CVE-2015-4677 - Cross-site request forgery (CSRF) vulnerability in FiverrScript (aka Fiverr Script) 7.2 allows remote attackers to hijack the authentication of administrators for requests that create a new admin via a request to administrator/admins_create.php. ...
9 years ago

CVE-2005-4677 - SQL injection vulnerability in additional_images.php (aka the Additional Images module) before 1.14 in osCommerce allows remote attackers to execute arbitrary SQL commands via the products_id parameter to product_info.php. ...
8 years ago

CVE-2014-4677 - The installPackage function in the installerHelper subcomponent in Libmacgpg in GPG Suite before 2015.06 allows local users to execute arbitrary commands with root privileges via shell metacharacters in the xmlPath argument. ...
7 years ago

CVE-2016-4677 - An issue was discovered in certain Apple products. iOS before 10.1 is affected. Safari before 10.0.1 is affected. tvOS before 10.0.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code ...
6 years ago

CVE-2022-4677 - The Leaflet Maps Marker WordPress plugin before 3.12.7 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack. ...
2 years ago

CVE-2010-4677 - emWEB on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) allows remote attackers to cause a denial of service (daemon crash) via a request for a document whose name contains space characters, aka Bug ID ...
2 years ago

CVE-2008-4677 - autoload/netrw.vim (aka the Netrw Plugin) 109, 131, and other versions before 133k for Vim 7.1.266, other 7.1 versions, and 7.2 stores credentials for an FTP session, and sends those credentials when attempting to establish subsequent FTP sessions to ...
8 years ago

CVE-2018-4677 - ** REJECT ** This candidate is unused by its CNA. ...
2 years ago

CVE-2017-4677 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none ...
56 years ago Tenable.com

CVE-2024-4677 - A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file /view/my_student_exam_marks1.php. The manipulation of the argument year leads ...
1 year ago Tenable.com

CVE-2023-4677 - Cron log backup files contain administrator session IDs. It is trivial for any attacker who can reach the Pandora FMS Console to scrape the cron logs directory for cron log backups. The contents of these log files can then be abused to authenticate ...
1 year ago

CVE-2025-20785 - In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ...
56 years ago

CVE-2025-4677 - WebPro SNMP Card PowerValue Multiple Vulnerabilities ...
56 years ago

CVE-2013-6078 - The default configuration of EMC RSA BSAFE Toolkits and RSA Data Protection Manager (DPM) 20130918 uses the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm, which makes it easier for context-dependent attackers to ...
11 years ago

CVE-2011-1892 - Microsoft Office Groove 2007 SP2, SharePoint Workspace 2010 Gold and SP1, Office Forms Server 2007 SP2, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Office Groove Data Bridge Server 2007 SP2, Office Groove Management ...
7 years ago

CVE-2016-0012 - Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1, ...
7 years ago

CVE-2015-0085 - Use-after-free vulnerability in Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 Gold and SP1, Word 2013 Gold and SP1, Office 2013 RT Gold ...
7 years ago