Total
29864 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-0276 | 1 Oracle | 1 Database Server | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in Oracle Database 8.1.7.4 and 9.0.1.5 have unknown impact and attack vectors related to (1) Advanced Security Option and oklist or okdstry (DB10), (2) Oracle Net Services (DB13), and (3) Recovery Manager and oklist (DB16). | |||||
| CVE-2007-0365 | 1 Nicola Asuni | 1 All In One Control Panel | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in All In One Control Panel (AIOCP) 1.3.009 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this is probably a different vulnerability than CVE-2006-5830. | |||||
| CVE-2007-0589 | 1 Forum Livre | 1 Forum Livre | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Forum Livre 1.0 allows remote attackers to execute arbitrary SQL commands via the user parameter to info_user.asp. | |||||
| CVE-2007-1674 | 1 Landesk | 1 Landesk Management Suite | 2025-04-09 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the Alert Service (aolnsrvr.exe) in LANDesk Management Suite 8.7 allows remote attackers to execute arbitrary code via a crafted packet to port 65535/UDP. | |||||
| CVE-2006-6079 | 1 Imendio Ab | 1 Loudmouth | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in LoudMouth 2.4 allow remote attackers to execute arbitrary PHP code via a URL in the mainframe parameter to (1) admin.loudmouth.php or (2) toolbar.loudmouth.php. | |||||
| CVE-2007-3352 | 1 Stephen Ostermiller | 1 Contact Form | 2025-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the preview form in Stephen Ostermiller Contact Form before 2.00.02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors that contain an apostrophe. | |||||
| CVE-2007-2950 | 3 Centennial, Numara, Symantec | 3 Discovery, Asset Manager, Discovery | 2025-04-09 | 7.2 HIGH | N/A |
| Centennial Discovery 2006 Feature Pack 1, which is used by (1) Numara Asset Manager 8.0 and (2) Symantec Discovery 6.5, uses insecure permissions on certain directories, which allows local users to gain privileges. | |||||
| CVE-2006-5083 | 1 Phpbb Security | 1 Importal | 2025-04-09 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in includes/functions_portal.php in Integrated MODs (IM) Portal 1.2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. | |||||
| CVE-2007-2493 | 1 Mxbb | 2 Mxbb Faq, Mxbb Rules | 2025-04-09 | 10.0 HIGH | N/A |
| PHP remote file inclusion vulnerability in faq.php in the FAQ & RULES 2.0.0 and earlier module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. | |||||
| CVE-2007-0319 | 1 Motive Incorporated | 2 Self Service Manager, Service Activation Manager | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple stack-based buffer overflows in the Motive ActiveEmailTest.EmailData (ActiveUtils EmailData) ActiveX control in ActiveUtils.dll in Motive Service Activation Manager 5.1 and Self Service Manager 5.1 and earlier allow remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2006-5833 | 1 Greenbeast Cms | 1 Greenbeast Cms | 2025-04-09 | 7.5 HIGH | N/A |
| gbcms_php_files/up_loader.php GreenBeast CMS 1.3 does not require authentication to upload files, which allows remote attackers to cause a denial of service (disk consumption) and execute arbitrary code by uploading arbitrary files, such as executing PHP code via an uploaded PHP file. | |||||
| CVE-2007-3376 | 2 Apple, Microsoft | 2 Safari, Windows Xp | 2025-04-09 | 9.3 HIGH | N/A |
| Buffer overflow in Apple Safari 3.0.2 on Windows XP SP2 allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long value in the title HTML tag, which triggers the overflow when the user adds the page as a bookmark. | |||||
| CVE-2007-2877 | 1 Tcl Tk | 1 Tcl Tk | 2025-04-09 | 7.2 HIGH | N/A |
| Buffer overflow in tcl/win/tclWinReg.c in Tcl (Tcl/Tk) before 8.5a6 allows local users to gain privileges via long registry key paths. | |||||
| CVE-2007-2499 | 1 Globalmegacorp | 1 Dvddb | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in DVDdb 0.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the movieid parameter to loan.php or (2) the s parameter to listmovies.php. | |||||
| CVE-2007-2404 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 5.0 MEDIUM | N/A |
| CRLF injection vulnerability in CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 before 20070731 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in an unspecified context. NOTE: this can be leveraged for cross-site scripting (XSS) attacks. | |||||
| CVE-2006-5349 | 1 Oracle | 1 Http Server | 2025-04-09 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle HTTP Server 9.2.0.7, when running on HP Tru64 UNIX, has unknown impact and remote attack vectors related to HTTPS and SSL, aka Vuln# OHS07. | |||||
| CVE-2007-2455 | 1 Parallels | 1 Parallels Desktop | 2025-04-09 | 6.1 MEDIUM | N/A |
| Parallels allows local users to cause a denial of service (virtual machine abort) via (1) certain INT instructions, as demonstrated by INT 0xAA; (2) an IRET instruction when an invalid address is at the top of the stack; (3) a malformed MOVNTI instruction, as demonstrated by using a register as a destination; or a write operation to (4) SEGR6 or (5) SEGR7. | |||||
| CVE-2007-1102 | 1 Photostand | 1 Photostand | 2025-04-09 | 5.0 MEDIUM | N/A |
| Photostand 1.2.0 allows remote attackers to obtain sensitive information via a ' (quote) character in (1) a PHPSESSID cookie or (2) the id parameter in an article action in index.php, which reveal the path in various error messages. | |||||
| CVE-2008-0175 | 1 Ge Fanuc | 1 Proficy Real-time Information Portal | 2025-04-09 | 7.5 HIGH | N/A |
| Unrestricted file upload vulnerability in GE Fanuc Proficy Real-Time Information Portal 2.6 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension to the main virtual directory. | |||||
| CVE-2007-3233 | 1 Tec-it | 1 Tbarcode Ocx | 2025-04-09 | 5.0 MEDIUM | N/A |
| The TEC-IT TBarCode OCX ActiveX control (TBarCode7.ocx) 7.0.2.3524 allows remote attackers to overwrite arbitrary files via the SaveImage method. | |||||