Total
258584 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-2573 | 1 Phptree | 1 Phptree | 2024-02-04 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in plugin/HP_DEV/cms2.php in PHPtree 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the s_dir parameter. | |||||
| CVE-2007-1029 | 1 Quicksoft | 1 Easymail Objects | 2024-02-04 | 7.6 HIGH | N/A |
| Stack-based buffer overflow in the Connect method in the IMAP4 component in Quiksoft EasyMail Objects before 6.5 allows remote attackers to execute arbitrary code via a long host name. | |||||
| CVE-2007-3185 | 1 Apple | 1 Safari | 2024-02-04 | 7.8 HIGH | N/A |
| Apple Safari Beta 3.0.1 for Windows public beta allows remote attackers to cause a denial of service (crash) via unspecified DHTML manipulations that trigger memory corruption, as demonstrated using Hamachi. | |||||
| CVE-2008-1138 | 1 Deslock | 1 Deslock | 2024-02-04 | 4.9 MEDIUM | N/A |
| DLMFENC.sys 1.0.0.26 in DESlock+ 3.2.6 and earlier allows local users to cause a denial of service (system crash) via a certain ZERO_MEM DLMFENC_IOCTL request to \\.\DLKPFSD_Device, aka the "ring0 link list zero" vulnerability. | |||||
| CVE-2007-0716 | 1 Apple | 1 Quicktime | 2024-02-04 | 5.8 MEDIUM | N/A |
| Stack-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QTIF file. | |||||
| CVE-2007-0095 | 1 Phpmyadmin | 1 Phpmyadmin | 2024-02-04 | 5.0 MEDIUM | N/A |
| phpMyAdmin 2.9.1.1 allows remote attackers to obtain sensitive information via a direct request for themes/darkblue_orange/layout.inc.php, which reveals the path in an error message. | |||||
| CVE-2008-0129 | 1 Siteatschool | 1 Siteatschool | 2024-02-04 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in starnet/addons/slideshow_full.php in Site@School 2.3.10 and earlier allows remote attackers to execute arbitrary SQL commands via the album_name parameter. | |||||
| CVE-2007-0829 | 1 Alwil | 1 Avast Antivirus | 2024-02-04 | 4.4 MEDIUM | N/A |
| avast! Server Edition before 4.7.726 does not demand a password in a certain intended context, even when a password has been set, which allows local users to bypass authentication requirements. | |||||
| CVE-2008-0569 | 1 Drupal | 1 Comment Upload Module | 2024-02-04 | 6.4 MEDIUM | N/A |
| The Comment Upload 4.7.x before 4.7.x-0.1 and 5.x before 5.x-0.1 module for Drupal does not properly use functions in the upload module, which allows remote attackers to bypass upload validation, and upload arbitrary files and possibly execute arbitrary code, via unspecified vectors. | |||||
| CVE-2007-5140 | 1 Integramod | 1 Nederland | 2024-02-04 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in includes/archive/archive_topic.php in IntegraMOD Nederland 1.4.2 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | |||||
| CVE-2007-0600 | 2 Makit, Martyn Kilbryde | 2 Newsposter Script, Newsposter Script | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in news_page.asp in Martyn Kilbryde Newsposter Script (aka makit news/blog poster) 3 and earlier allows remote attackers to execute arbitrary SQL commands via the uid parameter. | |||||
| CVE-2006-7123 | 1 Joomla | 1 Bsq Sitestats | 2024-02-04 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in BSQ Sitestats (component for Joomla) 1.8.0, and possibly other versions before 2.2.1, allow remote attackers to execute arbitrary SQL commands via (1) unspecified parameters when importing the (a) ip-to-country.csv file; and the (2) HTTP Referer, (3) HTTP User Agent, and (4) HTTP Accept Language headers to (b) bsqtemplateinc.php. | |||||
| CVE-2007-6572 | 1 Sun | 2 Java System Web Proxy Server, Java System Web Server | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Sun Java System Web Server 6.1 before SP8 and 7.0 before Update 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566204. | |||||
| CVE-2007-5657 | 1 Tibco | 4 Ems Server, Enterprise Message Service, Rtworks and 1 more | 2024-02-04 | 10.0 HIGH | N/A |
| TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointer offsets. | |||||
| CVE-2006-4821 | 1 Drupal | 1 Drupal Userreview Module | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Drupal 4.7 Userreview module before 1.19 2006/09/12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2006-5265 | 1 Microsoft | 1 Dynamics Gp | 2024-02-04 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Microsoft Dynamics GP (formerly Great Plains) 9.0 and earlier allows remote attackers to cause a denial of service (crash) via an invalid magic number in a Distributed Process Server (DPS) message. | |||||
| CVE-2007-2806 | 1 Galix | 1 Galix | 2024-02-04 | 5.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in GaliX 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) galix_cat_detail, (2) galix_gal_detail, and (3) galix_cat_detail_sort parameters. | |||||
| CVE-2006-6298 | 1 Maxiasp | 1 Yonetimi | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in uye_giris_islem.asp in Metyus Okul Yonetim Sistemi 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) kullanici_ismi and (2) sifre parameters. | |||||
| CVE-2007-0243 | 1 Sun | 3 Jdk, Jre, Sdk | 2024-02-04 | 6.8 MEDIUM | N/A |
| Buffer overflow in Sun JDK and Java Runtime Environment (JRE) 5.0 Update 9 and earlier, SDK and JRE 1.4.2_12 and earlier, and SDK and JRE 1.3.1_18 and earlier allows applets to gain privileges via a GIF image with a block with a 0 width field, which triggers memory corruption. | |||||
| CVE-2006-5466 | 2 Rpm, Ubuntu | 2 Package Manager, Ubuntu Linux | 2024-02-04 | 5.4 MEDIUM | N/A |
| Heap-based buffer overflow in the showQueryPackage function in librpm in RPM Package Manager 4.4.8, when the LANG environment variable is set to ru_RU.UTF-8, might allow user-assisted attackers to execute arbitrary code via crafted RPM packages. | |||||