Total
259238 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-5709 | 1 Alt-n | 1 Mdaemon | 2024-02-04 | 10.0 HIGH | N/A |
| Unspecified vulnerability in WorldClient in Alt-N Technologies MDaemon before 9.50 has unknown impact and attack vectors related to a "JavaScript exploit." | |||||
| CVE-2007-0893 | 1 Matthieu Aubry | 1 Phpmyvisites | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in phpMyVisites before 2.2 allows remote attackers to include arbitrary files via leading ".." sequences on the pmv_ck_view COOKIE parameter, which bypasses the protection scheme. | |||||
| CVE-2007-1306 | 1 Digium | 1 Asterisk | 2024-02-04 | 7.8 HIGH | N/A |
| Asterisk 1.4 before 1.4.1 and 1.2 before 1.2.16 allows remote attackers to cause a denial of service (crash) by sending a Session Initiation Protocol (SIP) packet without a URI and SIP-version header, which results in a NULL pointer dereference. | |||||
| CVE-2007-4007 | 1 Article Directory | 1 Article Directory | 2024-02-04 | 9.3 HIGH | N/A |
| PHP remote file inclusion vulnerability in index.php in Article Directory (Article Site Directory) allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. | |||||
| CVE-2006-6757 | 1 Cwm-design | 1 Cwmexplorer | 2024-02-04 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in index.php in cwmExplorer 1.0 allows remote attackers to read arbitrary files and source code, and obtain sensitive information via directory traversal sequences in the show_file parameter. | |||||
| CVE-2007-4517 | 1 Oracle | 1 Database Server | 2024-02-04 | 6.0 MEDIUM | N/A |
| Buffer overflow in the XDB.XDB_PITRIG_PKG.PITRIG_DROPMETADATA procedure in Oracle 10g R2 allows remote authenticated users to execute arbitrary code via a long (1) OWNER or (2) NAME argument. | |||||
| CVE-2007-1011 | 1 Vs-gastebuch | 1 Vs-gastebuch | 2024-02-04 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in functions_inc.php in VS-Gastebuch 1.5.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the gb_pfad parameter. | |||||
| CVE-2007-1434 | 1 Grayscale | 1 Grayscale Blog | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Grayscale Blog 0.8.0, and possibly earlier versions, might allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) userdetail.php, id and (2) url parameter to (b) jump.php, and id variable to (c) detail.php. | |||||
| CVE-2008-0680 | 1 Microtik | 1 Routeros | 2024-02-04 | 7.8 HIGH | N/A |
| SNMPd in MikroTik RouterOS 3.2 and earlier allows remote attackers to cause a denial of service (daemon crash) via a crafted SNMP SET request. | |||||
| CVE-2007-3120 | 1 Aiocp | 1 Aiocp | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in public/code/cp_dpage.php in All In One Control Panel (AIOCP) before 1.3.017 allows remote attackers to inject arbitrary web script or HTML via the aiocp_dp parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2006-6104 | 1 Mono | 1 Xsp | 2024-02-04 | 5.0 MEDIUM | N/A |
| The System.Web class in the XSP for ASP.NET server 1.1 through 2.0 in Mono does not properly verify local pathnames, which allows remote attackers to (1) read source code by appending a space (%20) to a URI, and (2) read credentials via a request for Web.Config%20. | |||||
| CVE-2007-1411 | 1 Php | 1 Php | 2024-02-04 | 6.8 MEDIUM | N/A |
| Buffer overflow in PHP 4.4.6 and earlier, and unspecified PHP 5 versions, allows local and possibly remote attackers to execute arbitrary code via long server name arguments to the (1) mssql_connect and (2) mssql_pconnect functions. | |||||
| CVE-2008-0819 | 1 Plutostatus | 1 Plutostatus Locator | 2024-02-04 | 3.6 LOW | N/A |
| Directory traversal vulnerability in index.php in PlutoStatus Locator 1.0 pre alpha allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | |||||
| CVE-2006-5636 | 1 Sws | 1 Simple Website Software | 2024-02-04 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in common.php in Simple Website Software (SWS) 0.99 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the SWSDIR parameter. | |||||
| CVE-2006-5618 | 1 Netref | 1 Netref | 2024-02-04 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in script/cat_for_aff.php in Netref 4 allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the ad_direct parameter. | |||||
| CVE-2006-6333 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 7.8 HIGH | N/A |
| The tr_rx function in ibmtr.c for Linux kernel 2.6.19 assigns the wrong flag to the ip_summed field, which allows remote attackers to cause a denial of service (memory corruption) via crafted packets that cause the kernel to interpret another field as an offset. | |||||
| CVE-2006-6804 | 1 Enthrallweb | 1 Dragon Business Directory Pro | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in bus_details.asp in Dragon Business Directory - Pro (aka Dragon Internet Business Search Directory - Pro) 3.01.12 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter. | |||||
| CVE-2007-5081 | 1 Realnetworks | 3 Realone Player, Realplayer, Realplayer Enterprise | 2024-02-04 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a crafted RM file. | |||||
| CVE-2007-1018 | 1 Virtualsystem | 1 Vs-news-system | 2024-02-04 | 9.3 HIGH | N/A |
| PHP remote file inclusion vulnerability in tpl/header.php in VirtualSystem VS-News-System 1.2.1 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the newsordner parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-5587 | 2 Macrovision, Microsoft | 3 Safedisc, Windows 2003 Server, Windows Xp | 2024-02-04 | 6.9 MEDIUM | N/A |
| Buffer overflow in Macrovision SafeDisc secdrv.sys before 4.3.86.0, as shipped in Microsoft Windows XP SP2, XP Professional x64 and x64 SP2, Server 2003 SP1 and SP2, and Server 2003 x64 and x64 SP2 allows local users to overwrite arbitrary memory locations and gain privileges via a crafted argument to a METHOD_NEITHER IOCTL, as originally discovered in the wild. | |||||