Total
29862 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-3043 | 1 Hitachi | 3 Groupmax Collaboration Portal, Groupmax Collaboration Web Client, Ucosminexus Collaboration Portal | 2025-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Collaboration - File Sharing 01-20 up to 01-20-/B and 01-30 up to 01-30-/B in Hitachi Groupmax Collaboration Portal up to 07-30-/D, Groupmax Collaboration Web Client - Forum/File Sharing up to 07-30-/C, uCosminexus Collaboration Portal up to 06-30-/D, and uCosminexus Collaboration Portal - Forum/File Sharing up to 06-30-/C on Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2007-1397 | 1 Fish | 1 Fish | 2025-04-09 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in the (1) ExtractRnick and (2) decrypt_topic_332 functions in FiSH allow remote attackers to execute arbitrary code via long strings. | |||||
| CVE-2006-6567 | 1 Mxbb | 1 Kb Mods | 2025-04-09 | 10.0 HIGH | N/A |
| PHP remote file inclusion vulnerability in includes/kb_constants.php in the Knowledge Base (mx_kb) 2.0.2 module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | |||||
| CVE-2007-3335 | 1 Phpecho Cms | 1 Phpecho Cms | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the admin panel in PHPEcho CMS before 1.6 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2007-2977 | 1 Domjudge | 1 Domjudge | 2025-04-09 | 7.8 HIGH | N/A |
| Buffer overflow in the receive function in submit/submitcommon.c in the submit daemon in DOMjudge before 2.0.0RC1 allows remote attackers to cause a denial of service or have other unspecified impact. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2006-6185 | 1 Wabbit | 1 Wabbit Php Gallery | 2025-04-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in script.php in Wabbit PHP Gallery 0.9 allows remote attackers to read arbitrary files via a .. (dot dot) in the dir parameter to index.php. | |||||
| CVE-2007-3689 | 1 Drupal | 1 Print Module | 2025-04-09 | 7.8 HIGH | N/A |
| The Print module before 4.7-1.0 and 5.x before 5.x-1.2 for Drupal allows remote attackers to read restricted posts in (1) Organic Groups, (2) Taxonomy Access Control, (3) Taxonomy Access Lite, and other unspecified node access modules, via modified URL arguments. | |||||
| CVE-2006-6039 | 1 Powie | 1 Php Matchmaker | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in matchdetail.php in Powie's PHP MatchMaker 4.05 and earlier allows remote attackers to execute arbitrary SQL commands via the edit parameter. | |||||
| CVE-2007-0256 | 1 Videolan | 1 Vlc Media Player | 2025-04-09 | 7.8 HIGH | N/A |
| VideoLAN VLC 0.8.6a allows remote attackers to cause a denial of service (application crash) via a crafted .wmv file. | |||||
| CVE-2006-6338 | 1 Devilz Clanportal | 1 Devilz Clanportal | 2025-04-09 | 5.0 MEDIUM | N/A |
| Unrestricted file upload vulnerability in upload/index.php in deV!L`z Clanportal (DZCP) before 1.3.6.1 allows remote attackers to upload and execute arbitrary .php files by embedding PHP code in a JPEG or GIF file that is uploaded to inc/images/uploads/userpics/. | |||||
| CVE-2007-2321 | 1 Silverstripe | 1 Silverstripe | 2025-04-09 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the search functionality in SilverStripe 2.0.0 has unknown impact and attack vectors. | |||||
| CVE-2009-4130 | 1 Mozilla | 1 Firefox | 2025-04-09 | 5.8 MEDIUM | N/A |
| Visual truncation vulnerability in the MakeScriptDialogTitle function in nsGlobalWindow.cpp in Mozilla Firefox allows remote attackers to spoof the origin domain name of a script via a long name. | |||||
| CVE-2006-6529 | 1 Drupal | 1 Chatroom Module | 2025-04-09 | 7.5 HIGH | N/A |
| The Chatroom Module before 4.7.x.-1.0 for Drupal displays private messages in a chatroom's last messages overview, which allows remote attackers to obtain sensitive information by reading the overview. | |||||
| CVE-2006-6473 | 1 Xerox | 1 Workcentre | 2025-04-09 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 have unknown impact and attack vectors, related to (1) an Immediate Image Overwrite (IIO) error message at the Local User Interface (LUI) if overwrite fails, (2) an IIO failure when a Held Job is deleted, and (3) an On Demand Image Overwrite failure when the overwrite is greater than 2 Gb. | |||||
| CVE-2007-4487 | 1 Dscripting.com | 1 D22-shoutbox | 2025-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in D22-Shoutbox for Invision Power Board (IPB or IP.Board) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2006-6310 | 1 Microsoft | 1 Internet Explorer | 2025-04-09 | 5.0 MEDIUM | N/A |
| Microsoft Internet Explorer 6.0 SP1 and earlier allows remote attackers to cause a denial of service (crash) via an invalid src attribute value ("?") in an HTML frame tag that is in a frameset tag with a large rows attribute. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-3178 | 1 Zindizayn Okul Web Sistemi | 1 Zindizayn Okul Web Sistemi | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Zindizayn Okul Web Sistemi 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id or (2) pass parameter to (a) mezungiris.asp or (b) ogretmenkontrol.asp. | |||||
| CVE-2007-3723 | 1 Sun | 1 Solaris | 2025-04-09 | 2.1 LOW | N/A |
| The process scheduler in the Sun Solaris kernel does not make use of the process statistics kept by the kernel and performs scheduling based upon CPU billing gathered from periodic process sampling ticks, which allows local users to cause a denial of service (CPU consumption), as described in "Secretly Monopolizing the CPU Without Superuser Privileges." | |||||
| CVE-2007-3982 | 1 Datadynamics | 1 Activereports | 2025-04-09 | 5.0 MEDIUM | N/A |
| Absolute path traversal vulnerability in the Data Dynamics ActiveReport (ActiveReports) ActiveX control in actrpt2.dll 2.5 and earlier allows remote attackers to create or overwrite arbitrary files via a full pathname in the first argument to the SaveLayout method. | |||||
| CVE-2007-3647 | 1 Zoneo-soft | 1 Phptraffica | 2025-04-09 | 10.0 HIGH | N/A |
| The isloggedin function in Php/login.inc.php in phpTrafficA 1.4.3 and earlier allows remote attackers to bypass authentication and obtain administrative access by setting the username cookie to "traffic." NOTE: some of these details are obtained from third party information. | |||||