Total
29886 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-1220 | 1 Microsoft | 1 Xbox 360 | 2025-04-09 | N/A |
| The Hypervisor in Microsoft Xbox 360 kernel 4532 and 4548 does not properly verify the parameters passed to the syscall dispatcher, which allows attackers with physical access to bypass code-signing requirements and execute arbitrary code. | ||||
| CVE-2006-5880 | 1 Isystems | 1 Munch Pro | 2025-04-09 | N/A |
| SQL injection vulnerability on the subMenu page in switch.asp in Munch Pro 1.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter. | ||||
| CVE-2007-1254 | 1 Connectix | 1 Connectix Boards | 2025-04-09 | N/A |
| SQL injection vulnerability in part.userprofile.php in Connectix Boards 0.7 and earlier allows remote authenticated users to execute arbitrary SQL commands and obtain privileges via the p_skin parameter to index.php. | ||||
| CVE-2007-1258 | 1 Cisco | 4 Catalyst 6000, Catalyst 6500, Catalyst 7600 and 1 more | 2025-04-09 | N/A |
| Unspecified vulnerability in Cisco IOS 12.2SXA, SXB, SXD, and SXF; and the MSFC2, MSFC2a and MSFC3 running in Hybrid Mode on Cisco Catalyst 6000, 6500 and Cisco 7600 series systems; allows remote attackers on a local network segment to cause a denial of service (software reload) via a certain MPLS packet. | ||||
| CVE-2007-1260 | 1 Webmod | 1 Webmod | 2025-04-09 | N/A |
| Stack-based buffer overflow in the connectHandle function in server.cpp in WebMod 0.48 allows remote attackers to execute arbitrary code via a long string in the Content-Length HTTP header. | ||||
| CVE-2006-5886 | 1 Dynamic Dataworx | 1 Nurealestate | 2025-04-09 | N/A |
| SQL injection vulnerability in propertysdetails.asp in Dynamic Dataworx NuRealestate (NuRems) 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the PropID parameter. | ||||
| CVE-2006-5895 | 1 Encapscms | 1 Encapscms | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in core/core.php in EncapsCMS 0.3.6 allows remote attackers to execute arbitrary PHP code via a URL in the root parameter. | ||||
| CVE-2007-1295 | 1 Aj Forum | 1 Aj Forum | 2025-04-09 | N/A |
| SQL injection vulnerability in topic_title.php in AJ Forum 1.0 allows remote attackers to execute arbitrary SQL commands via the td_id parameter. | ||||
| CVE-2007-1326 | 1 Serendipity | 1 Serendipity | 2025-04-09 | N/A |
| SQL injection vulnerability in index.php in Serendipity 1.1.1 allows remote attackers to execute arbitrary SQL commands via the serendipity[multiCat][] parameter. | ||||
| CVE-2007-1365 | 1 Openbsd | 1 Openbsd | 2025-04-09 | N/A |
| Buffer overflow in kern/uipc_mbuf2.c in OpenBSD 3.9 and 4.0 allows remote attackers to execute arbitrary code via fragmented IPv6 packets due to "incorrect mbuf handling for ICMP6 packets." NOTE: this was originally reported as a denial of service. | ||||
| CVE-2007-1372 | 1 Postguestbook | 1 Postguestbook | 2025-04-09 | N/A |
| PHP remote file inclusion vulnerability in styles/internal/header.php in the PostGuestbook 0.6.1 module for PHP-Nuke allows remote attackers to execute arbitrary PHP code via a URL in the tpl_pgb_moddir parameter. | ||||
| CVE-2007-1397 | 1 Fish | 1 Fish | 2025-04-09 | N/A |
| Multiple stack-based buffer overflows in the (1) ExtractRnick and (2) decrypt_topic_332 functions in FiSH allow remote attackers to execute arbitrary code via long strings. | ||||
| CVE-2007-1419 | 1 Sun | 1 Java Dynamic Management Kit | 2025-04-09 | N/A |
| The Java Management Extensions Remote API Remote Method Invocation over Internet Inter-ORB Protocol (JMX RMI-IIOP) API in Java Dynamic Management Kit 5.1 before 20070309 does not properly enforce the java.policy, which allows local users to obtain certain MBeans data access by operating a server application accessed by a privileged remote authenticated user. | ||||
| CVE-2007-1424 | 1 Softnews Media Group | 1 Datalife Engine | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Softnews Media Group DataLife Engine allow remote attackers to execute arbitrary PHP code via a URL in the root_dir parameter to (1) init.php and (2) Ajax/editnews.php. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2006-5912 | 1 Campware.org | 1 Campsite | 2025-04-09 | N/A |
| Unspecified vulnerability in Campware Campsite before 2.6.2 has unknown impact and attack vectors, related to a "Security fix for you-know-what," possibly related to encrypted passwords. | ||||
| CVE-2007-1440 | 1 Jgbbs | 1 Jgbbs | 2025-04-09 | N/A |
| SQL injection vulnerability in search.asp in JGBBS 3.0 Beta 1 allows remote attackers to execute arbitrary SQL commands via the author parameter. | ||||
| CVE-2007-1449 | 1 Phpnuke | 1 Php-nuke | 2025-04-09 | N/A |
| Directory traversal vulnerability in mainfile.php in PHP-Nuke 8.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter. | ||||
| CVE-2007-1459 | 1 Webcreator | 1 Webcreator | 2025-04-09 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in WebCreator 0.2.6-rc3 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the moddir parameter to (1) content/load.inc.php, (2) config/load.inc.php, (3) http/load.inc.php, and unspecified other files. | ||||
| CVE-2007-1462 | 2 Conga, Redhat | 3 Conga, Linux, Rhel Cluster | 2025-04-09 | N/A |
| The luci server component in conga preserves the password between page loads for the Add System/Cluster task flow by storing the password in the Value attribute of a password entry field, which allows attackers to steal the password by performing a "view source" or other operation to obtain the web page. NOTE: there are limited circumstances under which such an attack is feasible. | ||||
| CVE-2007-1474 | 1 Horde | 2 Horde Application Framework, Imp | 2025-04-09 | N/A |
| Argument injection vulnerability in the cleanup cron script in Horde Project Horde and IMP before Horde Application Framework 3.1.4 allows local users to delete arbitrary files and possibly gain privileges via multiple space-delimited pathnames. | ||||