Total
259281 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-3605 | 1 Sap | 1 Enjoysap | 2024-02-04 | 7.6 HIGH | N/A |
| Stack-based buffer overflow in the kweditcontrol.kwedit.1 ActiveX control in FrontEnd\SapGui\kwedit.dll in the EnjoySAP SAP GUI allows remote attackers to execute arbitrary code via a long argument to the PrepareToPostHTML function. | |||||
| CVE-2007-4351 | 1 Cups | 1 Cups | 2024-02-04 | 10.0 HIGH | N/A |
| Off-by-one error in the ippReadIO function in cups/ipp.c in CUPS 1.3.3 allows remote attackers to cause a denial of service (crash) via a crafted (1) textWithLanguage or (2) nameWithLanguage Internet Printing Protocol (IPP) tag, leading to a stack-based buffer overflow. | |||||
| CVE-2006-5440 | 1 Comdev | 1 Comdev Form Designer | 2024-02-04 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in adminfoot.php in Comdev Form Designer 4.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. | |||||
| CVE-2007-0837 | 1 Agermenu | 1 Agermenu | 2024-02-04 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in examples/inc/top.inc.php in AgerMenu 0.03 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootdir parameter. | |||||
| CVE-2007-5935 | 2 Tetex, Tug | 2 Tetex, Texlive 2007 | 2024-02-04 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in hpc.c in dvips in teTeX and TeXlive 2007 and earlier allows user-assisted attackers to execute arbitrary code via a DVI file with a long href tag. | |||||
| CVE-2007-6694 | 2 Apple, Linux | 2 Powerpc, Linux Kernel | 2024-02-04 | 7.8 HIGH | N/A |
| The chrp_show_cpuinfo function (chrp/setup.c) in Linux kernel 2.4.21 through 2.6.18-53, when running on PowerPC, might allow local users to cause a denial of service (crash) via unknown vectors that cause the of_get_property function to fail, which triggers a NULL pointer dereference. | |||||
| CVE-2007-3046 | 1 Advanced Software Production Line | 1 Vortex Library | 2024-02-04 | 5.0 MEDIUM | N/A |
| Buffer overflow in Advanced Software Production Line Vortex Library before 1.0.3 allows remote attackers to cause a denial of service (listener crash) via unspecified vectors related to the select I/O implementation and the file set buffer. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2006-6989 | 1 Netcaptor | 1 Netcaptor | 2024-02-04 | 7.8 HIGH | N/A |
| Cross-domain vulnerability in NetCaptor 4.5.7 Personal Edition allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object, a similar vulnerability to CVE-2006-3280. | |||||
| CVE-2006-6196 | 1 Fixit Knowledge Solutions | 1 Idms Pro Image Gallery | 2024-02-04 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the search functionality in Fixit iDMS Pro Image Gallery allows remote attackers to inject arbitrary web script or HTML via a search field (txtsearchtext parameter). | |||||
| CVE-2007-0114 | 1 Sun | 1 Java System Content Delivery Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| Sun Java System Content Delivery Server 5.0 and 5.0 PU1 allows remote attackers to obtain sensitive information regarding "content details" via unspecified vectors. | |||||
| CVE-2008-0521 | 1 Bubbling Library | 1 Bubbling Library | 2024-02-04 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Bubbling Library 1.32 allow remote attackers to read arbitrary files via a .. (dot dot) in the uri parameter to dispatcher.php in (1) examples/dispatcher/framework/, (2) examples/dispatcher/, (3) examples/wizard/, and (4) PHP/, different vectors than CVE-2008-0545. | |||||
| CVE-2006-4968 | 1 Postnuke Software Foundation | 1 Pnphpbb | 2024-02-04 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in includes/functions_admin.php in PNphpBB 1.2g allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | |||||
| CVE-2007-1061 | 1 Francisco Burzi | 1 Php-nuke | 2024-02-04 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in index.php in Francisco Burzi PHP-Nuke 8.0 Final and earlier, when the "HTTP Referers" block is enabled, allows remote attackers to execute arbitrary SQL commands via the HTTP Referer header (HTTP_REFERER variable). | |||||
| CVE-2006-6402 | 1 Mystats | 1 Mystats | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in mystats.php in MyStats 1.0.8 and earlier allows remote attackers to execute arbitrary SQL commands via the details parameter. | |||||
| CVE-2006-5604 | 1 Phpcards | 1 Phpcards | 2024-02-04 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in phpcards.header.php in phpCards 1.3 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the CardLanguageFile parameter. | |||||
| CVE-2006-5131 | 1 Salims Softhouse | 1 Jaf Cms | 2024-02-04 | 7.5 HIGH | N/A |
| module/shout/jafshout.php (aka the shoutbox) in ph03y3nk just another flat file (JAF) CMS 4.0 RC1 allows remote attackers to execute arbitrary code within sections bounded by "<?php" and "?>", possibly due to a static code injection vulnerability involving admin/data_inc.php. | |||||
| CVE-2008-0696 | 1 Ibm | 1 Db2 | 2024-02-04 | 7.5 HIGH | N/A |
| IBM DB2 UDB before 8.2 Fixpak 16 does not properly check authorization for the ALTER TABLE statement, which has unknown impact and attack vectors. | |||||
| CVE-2007-3783 | 1 Envivosoft | 1 Envivo Cms | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in enVivo!CMS allows remote attackers to execute arbitrary SQL commands via the ID parameter in an article action. NOTE: this is probably different from CVE-2005-1413.4. | |||||
| CVE-2007-2972 | 1 Avira | 2 Antivir, Av Pack | 2024-02-04 | 7.8 HIGH | N/A |
| The file parsing engine in Avira Antivir Antivirus before 7.04.00.24 allows remote attackers to cause a denial of service (application crash) via a crafted UPX compressed file, which triggers a divide-by-zero error. | |||||
| CVE-2007-4604 | 1 Dinkumsoft.com | 1 Dl Paycart | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in viewitem.php in DL PayCart 1.01 allows remote attackers to execute arbitrary SQL commands via the ItemID parameter. | |||||