Total
29858 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-4484 | 1 My Referer | 1 My Referer | 2025-04-09 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in login.php in My_REFERER 1.08 allows remote attackers to execute arbitrary PHP code via a URL in the value parameter. | |||||
| CVE-2006-3868 | 1 Microsoft | 1 Office | 2025-04-09 | 5.1 MEDIUM | N/A |
| Unspecified vulnerability in Microsoft Office XP and 2003 allows remote user-assisted attackers to execute arbitrary code via a malformed Smart Tag. | |||||
| CVE-2007-3727 | 1 Valarsoft | 1 Webmatic | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in Webmatic before 2.7 have unknown impact and attack vectors, related to the "administration area." | |||||
| CVE-2007-0930 | 1 Apache Stats | 1 Apache Stats | 2025-04-09 | 7.5 HIGH | N/A |
| Variable extract vulnerability in Apache Stats before 0.0.3beta allows attackers to modify arbitrary variables and conduct attacks via unknown vectors involving the use of PHP's extract function. | |||||
| CVE-2007-1532 | 1 Microsoft | 1 Windows Vista | 2025-04-09 | 6.4 MEDIUM | N/A |
| The neighbor discovery implementation in Microsoft Windows Vista allows remote attackers to conduct a redirect attack by (1) responding to queries by sending spoofed Neighbor Advertisements or (2) blindly sending Neighbor Advertisements. | |||||
| CVE-2007-3483 | 1 Rim | 1 Blackberry Enterprise Server | 2025-04-09 | 10.0 HIGH | N/A |
| Research in Motion BlackBerry Enterprise Server 4.0 through 4.1 has a default configuration that permits installation of arbitrary third-party applications on BlackBerry devices, which might facilitate loading of malware. | |||||
| CVE-2007-0874 | 1 Allons Voter | 1 Allons Voter | 2025-04-09 | 6.8 MEDIUM | N/A |
| Allons_voter 1.0 allows remote attackers to bypass authentication and access certain administrative functionality via a direct request for (1) admin_ajouter.php or (2) admin_supprimer.php. NOTE: this could be leveraged to conduct cross-site scripting (XSS) attacks. | |||||
| CVE-2007-4072 | 1 Tincan | 1 Webbler Cms | 2025-04-09 | 5.0 MEDIUM | N/A |
| Webbler CMS before 3.1.6 provides the full installation path within HTML comments in certain documents, which allows remote attackers to obtain sensitive information by viewing the HTML source, as demonstrated by viewing the source generated from index.php. | |||||
| CVE-2006-5152 | 1 Microsoft | 1 Internet Explorer | 2025-04-09 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer allows remote attackers to inject arbitrary web script or HTML via a UTF-7 encoded URL that is returned in a large HTTP 404 error message without an explicit charset, a related issue to CVE-2006-0032. | |||||
| CVE-2006-6394 | 1 Jonas Gauffin | 1 Publicera | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in certain database classes in Jonas Gauffin Publicera 1.0-rc2 and earlier might allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2007-1537 | 1 Microsoft | 2 Windows 2003 Server, Windows Xp | 2025-04-09 | 3.6 LOW | N/A |
| \Device\NdisTapi (NDISTAPI.sys) in Microsoft Windows XP SP2 and 2003 SP1 uses weak permissions, which allows local users to write to the device and cause a denial of service, as demonstrated by using an IRQL to acquire a spinlock on paged memory via the NdisTapiDispatch function. | |||||
| CVE-2006-5834 | 1 Opensolution | 1 Quick.cms.lite | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in general.php in OpenSolution Quick.Cms.Lite 0.3 allows remote attackers to include arbitrary files via a .. (dot dot) sequence in the sLanguage Cookie parameter. | |||||
| CVE-2007-3948 | 1 Lighttpd | 1 Lighttpd | 2025-04-09 | 4.3 MEDIUM | N/A |
| connections.c in lighttpd before 1.4.16 might accept more connections than the configured maximum, which allows remote attackers to cause a denial of service (failed assertion) via a large number of connection attempts. | |||||
| CVE-2007-6358 | 1 Glyph And Cog | 1 Pdftops | 2025-04-09 | 4.9 MEDIUM | N/A |
| pdftops.pl before 1.20 in alternate pdftops filter allows local users to overwrite arbitrary files via a symlink attack on the pdfin.[PID].tmp temporary file, which is created when pdftops reads a PDF file from stdin, such as when pdftops is invoked by CUPS. | |||||
| CVE-2007-3370 | 1 Kim Kyoung Min | 1 Sun Board | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Sun Board 1.00.00 Alpha allow remote attackers to execute arbitrary PHP code via a URL in (1) the sunPath parameter to include.php or (2) the dir parameter to skin/board/default/doctype.php. | |||||
| CVE-2006-4806 | 1 Enlightenment | 1 Imlib2 | 2025-04-09 | 5.1 MEDIUM | N/A |
| Multiple integer overflows in imlib2 allow user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) ARGB (loader_argb.c), (2) PNG (loader_png.c), (3) LBM (loader_lbm.c), (4) JPEG (loader_jpeg.c), or (5) TIFF (loader_tiff.c) images. | |||||
| CVE-2006-5776 | 1 Ariadne | 1 Ariadne Cms | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusions in Ariadne 2.4.1 allows remote attackers to execute arbitrary PHP code via the ariadne parameter in (1) ftp/loader.php and (2) lib/includes/loader.cmd.php. NOTE: this issue is disputed by CVE, since installation instructions recommend that the files be placed outside of the web document root and require the administrator to modify $ariadne in an include file | |||||
| CVE-2007-0598 | 1 Aztek Forum | 1 Aztek Forum | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in forum/load.php in Aztek Forum 4.00 allows remote attackers to execute arbitrary SQL commands via the fid cookie to forum.php. | |||||
| CVE-2007-4200 | 1 Brian Carrier | 1 The Slueth Kit | 2025-04-09 | 4.3 MEDIUM | N/A |
| ntfs.c in fsstat in Brian Carrier The Sleuth Kit (TSK) before 2.09 interprets a certain variable as a byte count rather than a count of 32-bit integers, which allows user-assisted remote attackers to cause a denial of service (application crash) and prevent examination of certain NTFS files via a malformed NTFS image. | |||||
| CVE-2007-3984 | 1 Zenturi | 1 Zenturi Programchecker | 2025-04-09 | 7.5 HIGH | N/A |
| Buffer overflow in a certain ActiveX control in the NixonMyPrograms class in sasatl.dll 1.5.0.531 in Zenturi ProgramChecker allows remote attackers to execute arbitrary code via a long argument to the Scan method. NOTE: this is probably a different issue than CVE-2007-2987. | |||||