Total
29879 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-2806 | 1 Galix | 1 Galix | 2025-04-09 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in GaliX 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) galix_cat_detail, (2) galix_gal_detail, and (3) galix_cat_detail_sort parameters. | ||||
| CVE-2007-2968 | 1 Cpcommerce | 1 Cpcommerce | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in register.php in cpCommerce 1.1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the name parameter (Full Name field). | ||||
| CVE-2009-3462 | 2 Adobe, Redhat | 3 Acrobat, Acrobat Reader, Rhel Extras | 2025-04-09 | N/A |
| Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 on Unix, when Debug mode is enabled, allow attackers to execute arbitrary code via unspecified vectors, related to a "format bug." | ||||
| CVE-2007-1829 | 1 Web-app.net | 1 Webapp | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in web-app.net WebAPP have unknown impact and attack vectors, described as "[having] other [security] issues too, not as bad as letting users take over your admin account, but bad too." | ||||
| CVE-2007-2969 | 1 Wanewsletter | 1 Wanewsletter | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in newsletter.php in WAnewsletter 2.1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the waroot parameter. | ||||
| CVE-2007-2863 | 2 Broadcom, Ca | 6 Anti-virus For The Enterprise, Brightstor Arcserve Backup, Brightstor Enterprise Backup and 3 more | 2025-04-09 | N/A |
| Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a long filename in a .CAB file. | ||||
| CVE-2007-1677 | 2 Navision Software, Netbsd | 2 Navision Financials Server, Netbsd | 2025-04-09 | N/A |
| Multiple buffer overflows in the ISO network protocol support in the NetBSD kernel 2.0 through 4.0_BETA2, and NetBSD-current before 20070329, allow local users to execute arbitrary code via long parameters to certain functions, as demonstrated by a long sockaddr structure argument to the clnp_route function. | ||||
| CVE-2007-2822 | 1 Wavelink Media | 1 Tutorialcms | 2025-04-09 | N/A |
| TutorialCMS 1.01 and earlier, when register_globals is enabled, allows remote attackers to bypass authentication via the (1) loggedIn and (2) activated parameters to (a) login.php, (b) headerLinks.php, (c) submit1.php, (d) myFav.php, and (e) userCP.php. | ||||
| CVE-2007-1812 | 1 Bt-sondage | 1 Bt-sondage | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in utilitaires/gestion_sondage.php in BT-Sondage 112 allows remote attackers to execute arbitrary PHP code via a URL in the repertoire_visiteur parameter. | ||||
| CVE-2009-2202 | 1 Apple | 1 Quicktime | 2025-04-09 | N/A |
| Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted H.264 movie file. | ||||
| CVE-2007-1457 | 1 Christian Scheurer | 2 Unrarlib, Urarfilelib | 2025-04-09 | N/A |
| Buffer overflow in the urarlib_get function in Christian Scheurer UniquE RAR File Library (unrarlib, aka URARFileLib) 0.4 allows context-dependent attackers to execute arbitrary code via a long (1) filename, (2) rarfile, or (3) libpassword argument. | ||||
| CVE-2007-3025 | 2 Clam Anti-virus, Sun | 2 Clamav, Solaris | 2025-04-09 | N/A |
| Unspecified vulnerability in libclamav/phishcheck.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1, when running on Solaris, allows remote attackers to cause a denial of service (hang) via unknown vectors related to the isURL function and regular expressions. | ||||
| CVE-2007-1802 | 1 Maildwarf | 1 Maildwarf | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in MailDwarf 3.01 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2007-1539 | 1 Pragmamx | 1 Landkarten | 2025-04-09 | N/A |
| Directory traversal vulnerability in inc/map.func.php in pragmaMX Landkarten 2.1 module allows remote attackers to include arbitrary files via a .. (dot dot) sequence in the module_name parameter, as demonstrated via a static PHP code injection attack in an Apache log file. | ||||
| CVE-2007-1428 | 1 Php Labs | 1 Jobsitepro | 2025-04-09 | N/A |
| SQL injection vulnerability in search.php in PHP Labs JobSitePro 1.0 allows remote attackers to execute arbitrary SQL commands via the salary parameter. | ||||
| CVE-2007-1427 | 1 Assetman | 1 Assetman | 2025-04-09 | N/A |
| Directory traversal vulnerability in download_pdf.php in AssetMan 2.4a and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the pdf_file parameter. | ||||
| CVE-2006-6626 | 1 Moodle | 1 Moodle | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in an unspecified component of Moodle 1.5 allows remote attackers to inject arbitrary web script or HTML via a javascript URI in the SRC attribute of an IMG element. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. NOTE: It is unclear whether this candidate overlaps CVE-2006-4784 or CVE-2006-4941. | ||||
| CVE-2008-4315 | 2 Openpegasus, Redhat | 3 Openpegasus Wbem, Enterprise Linux, Enterprise Linux Desktop | 2025-04-09 | N/A |
| tog-pegasus in OpenGroup Pegasus 2.7.0 on Red Hat Enterprise Linux (RHEL) 5, Fedora 9, and Fedora 10 does not log failed authentication attempts to the OpenPegasus CIM server, which makes it easier for remote attackers to avoid detection of password guessing attacks. | ||||
| CVE-2006-6638 | 1 Ibm | 1 Db2 Universal Database | 2025-04-09 | N/A |
| IBM DB2 8.1 before FixPak 14 allows remote attackers to cause a denial of service via a crafted SQLJRA packet, which causes a NULL pointer dereference in the sqle_db2ra_as_recvrequest function in DB2ENGN.DLL, a different issue than CVE-2006-4257. | ||||
| CVE-2007-2761 | 1 Magiciso | 1 Magiciso | 2025-04-09 | N/A |
| Stack-based buffer overflow in MagicISO 5.4 build 239 and earlier allows remote attackers to execute arbitrary code via a long filename in a .cue file. | ||||