Total
258801 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-4891 | 1 Techno Dreams | 1 Articles And Papers Package | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ArticlesTableview.asp in Techno Dreams Articles & Papers Package 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the key parameter. | |||||
| CVE-2007-5340 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple vulnerabilities in the Javascript engine in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption. | |||||
| CVE-2007-0619 | 1 Chmlib | 1 Chmlib | 2024-02-04 | 9.3 HIGH | N/A |
| chmlib before 0.39 allows user-assisted remote attackers to execute arbitrary code via a crafted page block length in a CHM file, which triggers memory corruption. | |||||
| CVE-2006-4917 | 1 Pt News | 1 Pt News | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in PT News 1.7.8 allows remote attackers to inject arbitrary web script or HTML via the pgname parameter. | |||||
| CVE-2007-6549 | 1 Runcms | 1 Runcms | 2024-02-04 | 7.5 HIGH | N/A |
| Unspecified vulnerability in RunCMS before 1.6.1 has unknown impact and attack vectors, related to "pagetype using." | |||||
| CVE-2007-2809 | 1 Opera | 1 Opera Browser | 2024-02-04 | 9.3 HIGH | N/A |
| Buffer overflow in the transfer manager in Opera before 9.21 for Windows allows user-assisted remote attackers to execute arbitrary code via a crafted torrent file. NOTE: due to the lack of details, it is not clear if this is the same issue as CVE-2007-2274. | |||||
| CVE-2007-1164 | 1 Dbscripts | 1 Dbimagegallery | 2024-02-04 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in DBImageGallery 1.2.2 allow remote attackers to execute arbitrary PHP code via a URL in the donsimg_base_path parameter to (1) attributes.php, (2) images.php, or (3) scan.php in admin/; or (4) attributes.php, (5) db_utils.php, (6) images.php, (7) utils.php, or (8) values.php in includes/. | |||||
| CVE-2006-6977 | 1 Freetextbox | 1 Freetextbox | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the "Basic Toolbar Selection" in FreeTextBox allows remote attackers to execute arbitrary JavaScript via the javascript: URI in the (1) href or (2) onmouseover attribute of the A HTML tag. | |||||
| CVE-2008-1077 | 1 Mamboportal.com | 1 Simpleboard | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Simpleboard (com_simpleboard) 1.0.3 Stable component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a view action. | |||||
| CVE-2007-5951 | 1 E-vendejo | 1 0.2 | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in articles.php in E-Vendejo 0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2007-1145 | 1 Kayako | 1 Esupport | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Kayako SupportSuite - ESupport 3.00.13 and 3.04.10 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to a (1) lostpassword or (2) register action in index.php, (3) unspecified vectors in the Submit form in a submit action in index.php, and (4) the user's name in index.php; and (5) allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors related to the Admin and Staff Control Panel. NOTE: this might issue overlap CVE-2004-1412, CVE-2005-0487, or CVE-2005-0842. | |||||
| CVE-2007-4766 | 1 Pcre | 1 Pcre | 2024-02-04 | 7.5 HIGH | N/A |
| Multiple integer overflows in Perl-Compatible Regular Expression (PCRE) library before 7.3 allow context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via unspecified escape (backslash) sequences. | |||||
| CVE-2007-2030 | 1 Redhat | 2 Enterprise Linux, Fedora Core | 2024-02-04 | 4.9 MEDIUM | N/A |
| lharc.c in lha does not securely create temporary files, which might allow local users to read or write files by creating a file before LHA is invoked. | |||||
| CVE-2008-0745 | 1 Domphp | 1 Domphp | 2024-02-04 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in aides/index.php in DomPHP 0.82 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | |||||
| CVE-2007-3226 | 1 Dotproject | 1 Dotproject | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in dotProject before 2.1 RC2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2006-2851 and CVE-2006-3240. | |||||
| CVE-2007-2880 | 1 Digiappz | 1 Digirez | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Digirez 3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) Room_name parameter to room/info_book.asp or the (2) curYear parameter to room/week.asp. | |||||
| CVE-2007-1896 | 1 Sky Gunning | 1 Myspeach | 2024-02-04 | 5.8 MEDIUM | N/A |
| Directory traversal vulnerability in chat.php in Sky GUNNING MySpeach 3.0.7 and earlier allows remote attackers to include arbitrary local files via a .. (dot dot) and trailing %00 (NULL) in a my_ms[root] cookie. | |||||
| CVE-2007-2222 | 1 Microsoft | 5 Internet Explorer, Windows 2000, Windows 2003 Server and 2 more | 2024-02-04 | 9.3 HIGH | N/A |
| Multiple buffer overflows in the (1) ActiveListen (Xlisten.dll) and (2) ActiveVoice (Xvoice.dll) speech controls, as used by Microsoft Internet Explorer 5.01, 6, and 7, allow remote attackers to execute arbitrary code via a crafted ActiveX object that triggers memory corruption, as demonstrated via the ModeName parameter to the FindEngine function in ACTIVEVOICEPROJECTLib.DirectSS. | |||||
| CVE-2007-1821 | 1 Sprint | 1 Sprint Voice | 2024-02-04 | 10.0 HIGH | N/A |
| Sprint Nextel Sprint voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailboxes, by spoofing Calling Number Identification (CNID, aka Caller ID). | |||||
| CVE-2007-2827 | 1 Lead Technologies | 1 Leadtools Isis Activex Control | 2024-02-04 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in LEAD Technologies LEADTOOLS ISIS ActiveX Control (ltisi14E.ocx) 14.5.0.44 and earlier allows remote attackers to execute arbitrary code via a long DriverName property. | |||||