Total
260590 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-0348 | 1 Oracle | 5 Application Server, Collaboration Suite, Database Server and 2 more | 2024-02-04 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.18, 8.48.15, and 8.49.07 have unknown impact and remote attack vectors, aka (1) PSE01, (2) PSE03, and (3) PSE04. | |||||
| CVE-2007-5522 | 1 Oracle | 1 Application Server | 2024-02-04 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.4.1 has unknown impact and remote attack vectors, aka AS07. | |||||
| CVE-2006-6762 | 1 Novell | 1 Netmail | 2024-02-04 | 4.0 MEDIUM | N/A |
| The IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to cause a denial of service via an APPEND command with a single "(" (parenthesis) in the argument. | |||||
| CVE-2006-6815 | 1 Dmxready | 1 Dmxready Secure Login Manager | 2024-02-04 | 6.0 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in DMXReady Secure Login Manager 1.0 allow remote authenticated administrators to inject arbitrary web script or HTML via unspecified parameters to (1) set_preferences.asp, (2) send_password_preferences.asp, and (3) SecureLoginManager/list.asp in the Local-Admin Panel. | |||||
| CVE-2007-2780 | 1 Psychostats | 1 Psychostats | 2024-02-04 | 5.0 MEDIUM | N/A |
| PsychoStats 3.0.6b and earlier allows remote attackers to obtain sensitive information via a request for server.php with a missing or invalid newtheme parameter, which reveals a path in an error message. | |||||
| CVE-2007-6602 | 1 Noserub | 1 Noserub | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in app/models/identity.php in NoseRub 0.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the username field to the login script. | |||||
| CVE-2007-3719 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 2.1 LOW | N/A |
| The process scheduler in the Linux kernel 2.6.16 gives preference to "interactive" processes that perform voluntary sleeps, which allows local users to cause a denial of service (CPU consumption), as described in "Secretly Monopolizing the CPU Without Superuser Privileges." | |||||
| CVE-2006-6842 | 1 Codemonkeyx | 1 Acronym Mod | 2024-02-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admin/admin_acronyms.php in the Acronym Mod 0.9.5 for phpBB2 Plus 1.53 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2006-4387 | 1 Apple | 1 Mac Os X | 2024-02-04 | 4.6 MEDIUM | N/A |
| Apple Mac OS X 10.4 through 10.4.7, when the administrator clears the "Allow user to administer this computer" checkbox in System Preferences for a user, does not remove the user's account from the appserveradm or appserverusr groups, which still allows the user to manage WebObjects applications. | |||||
| CVE-2007-4497 | 2 Canonical, Vmware | 5 Ubuntu Linux, Ace, Player and 2 more | 2024-02-04 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows users with login access to a guest operating system to cause a denial of service (guest outage and host process crash or hang) via unspecified vectors. | |||||
| CVE-2007-0190 | 1 Edit-x | 1 Ecommerce | 2024-02-04 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in edit_address.php in edit-x ecommerce allows remote attackers to execute arbitrary PHP code via a URL in the include_dir parameter. | |||||
| CVE-2006-4724 | 1 Adobe | 1 Coldfusion | 2024-02-04 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the ColdFusion Flash Remoting Gateway in Adobe ColdFusion MX 7 and 7.01 allows remote attackers to cause a denial of service (infinite loop) via unspecified vectors involving a crafted command. | |||||
| CVE-2007-3092 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 9.3 HIGH | N/A |
| Microsoft Internet Explorer 6 allows remote attackers to spoof the URL bar, and page properties including SSL certificates, by interrupting page loading through certain use of location DOM objects and setTimeout calls. NOTE: this issue can be leveraged for phishing and other attacks. | |||||
| CVE-2006-4877 | 1 David Bennett | 1 Php-post | 2024-02-04 | 5.0 MEDIUM | N/A |
| Variable overwrite vulnerability in David Bennett PHP-Post (PHPp) 1.0 and earlier allows remote attackers to overwrite arbitrary program variables via multiple vectors that use the extract function, as demonstrated by the table_prefix parameter in (1) index.php, (2) profile.php, and (3) header.php. | |||||
| CVE-2006-4797 | 1 Cj Design | 1 Cj Tag Board | 2024-02-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in tag.php in CloudNine Interactive CJ Tag Board 3.0 allows remote attackers to inject arbitrary web script or HTML via a JavaScript event in a url BBcode tag in the cjmsg parameter. | |||||
| CVE-2007-5841 | 1 Nuboard | 1 Nuboard | 2024-02-04 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in admin/index.php in nuBoard 0.5 allows remote attackers to execute arbitrary PHP code via a URL in the site parameter. | |||||
| CVE-2007-4709 | 1 Apple | 1 Mac Os X | 2024-02-04 | 8.8 HIGH | N/A |
| Directory traversal vulnerability in CFNetwork in Apple Mac OS X 10.5.1 allows remote attackers to overwrite arbitrary files via a crafted HTTP response. | |||||
| CVE-2007-6225 | 1 Sun | 1 Solaris | 2024-02-04 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in Sun Solaris 10, when 64bit mode is used on the x86 platform, allows local users in a Linux (lx) branded zone to cause a denial of service (panic) via unspecified vectors. | |||||
| CVE-2008-0505 | 1 Coppermine | 1 Coppermine Photo Gallery | 2024-02-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in docs/showdoc.php in Coppermine Photo Gallery (CPG) before 1.4.15 allow remote attackers to inject arbitrary web script or HTML via the (1) h and (2) t parameters. | |||||
| CVE-2007-1137 | 1 Sourceforge | 1 Putmail | 2024-02-04 | 5.0 MEDIUM | N/A |
| putmail.py in Putmail before 1.4 does not detect when a user attempts to use TLS with a server that does not support it, which causes putmail.py to send the username and password in plaintext while the user believes encryption is in use, and allows remote attackers to obtain sensitive information. | |||||