Total
7400 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-4669 | 1 Firebirdsql | 1 Firebird | 2024-02-28 | 4.0 MEDIUM | N/A |
The Services API in Firebird before 2.0.2 allows remote authenticated users without SYSDBA privileges to read the server log (firebird.log), aka CORE-1148. | |||||
CVE-2006-5229 | 2 Novell, Openbsd | 2 Suse Linux, Openssh | 2024-02-28 | 2.6 LOW | N/A |
OpenSSH portable 4.1 on SUSE Linux, and possibly other platforms and versions, and possibly under limited configurations, allows remote attackers to determine valid usernames via timing discrepancies in which responses take longer for valid usernames than invalid ones, as demonstrated by sshtime. NOTE: as of 20061014, it appears that this issue is dependent on the use of manually-set passwords that causes delays when processing /etc/shadow due to an increased number of rounds. | |||||
CVE-2007-6660 | 1 2z Project | 1 2z Project | 2024-02-28 | 5.0 MEDIUM | N/A |
2z project 0.9.6.1 allows remote attackers to obtain sensitive information via (1) a request to index.php with an invalid template or (2) a request to the default URI with certain year and month parameters, which reveals the path in various error messages. | |||||
CVE-2007-6417 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 7.2 HIGH | N/A |
The shmem_getpage function (mm/shmem.c) in Linux kernel 2.6.11 through 2.6.23 does not properly clear allocated memory in some rare circumstances related to tmpfs, which might allow local users to read sensitive kernel data or cause a denial of service (crash). | |||||
CVE-2008-1113 | 2 Cisco, Vocera Communications | 2 7921 Wireless Ip Phone, Vocera Communications Badge | 2024-02-28 | 7.8 HIGH | N/A |
Cisco Unified Wireless IP Phone 7921, when using Protected Extensible Authentication Protocol (PEAP), does not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks. | |||||
CVE-2007-6150 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 2.1 LOW | N/A |
The "internal state tracking" code for the random and urandom devices in FreeBSD 5.5, 6.1 through 6.3, and 7.0 beta 4 allows local users to obtain portions of previously-accessed random values, which could be leveraged to bypass protection mechanisms that rely on secrecy of those values. | |||||
CVE-2008-0901 | 2 Bea, Bea Systems | 2 Weblogic Server, Weblogic Server | 2024-02-28 | 7.1 HIGH | N/A |
BEA WebLogic Server and Express 7.0 through 10.0 allows remote attackers to conduct brute force password guessing attacks, even when account lockout has been activated, via crafted URLs that indicate whether a guessed password is successful or not. | |||||
CVE-2007-1194 | 1 Norman | 1 Norman Sandbox Analyzer | 2024-02-28 | 2.1 LOW | N/A |
Norman SandBox Analyzer does not use the proper range for Interrupt Descriptor Table (IDT) entries, which allows local users to determine that the local machine is an emulator, or a similar environment not based on a physical Intel processor, which allows attackers to produce malware that is more difficult to analyze. | |||||
CVE-2008-0593 | 1 Mozilla | 2 Firefox, Seamonkey | 2024-02-28 | 4.3 MEDIUM | N/A |
Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8, modify the .href property of stylesheet DOM nodes to the final URI of a 302 redirect, which might allow remote attackers to bypass the Same Origin Policy and read sensitive information from the original URL, such as with Single-Signon systems. | |||||
CVE-2008-0636 | 1 Level Platforms | 1 Managed Workplace Service Center | 2024-02-28 | 5.0 MEDIUM | N/A |
Level Platforms, Inc. (LPI) Managed Workplace Service Center 4.x, 5.x and 6.x allows remote attackers to obtain sensitive information via a direct request to About/SC_About.htm, which provides version and patch information. | |||||
CVE-2008-0395 | 1 Kayako | 1 Supportsuite | 2024-02-28 | 5.0 MEDIUM | N/A |
Kayako SupportSuite 3.11.01 allows remote attackers to obtain server configuration information via a direct request to syncml/index.php, which prints the contents of the $_SERVER superglobal. | |||||
CVE-2007-6476 | 1 Gf 3xplorer | 1 Gf 3xplorer | 2024-02-28 | 5.0 MEDIUM | N/A |
GF-3XPLORER 2.4 allows remote attackers to obtain configuration information via a direct request to explorer/phpinfo.php, which calls the phpinfo function. | |||||
CVE-2007-5638 | 1 Nortel | 26 Business Communications Manager, Centrex Ip Client Manager, Centrex Ip Element Manager and 23 more | 2024-02-28 | 4.3 MEDIUM | N/A |
The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager (BCM), and other product lines, use only 65536 different values in the 32-bit ID number field of an RUDP datagram, which makes it easier for remote attackers to guess the RUDP ID and spoof messages. NOTE: this can be leveraged for an eavesdropping attack by sending many Open Audio Stream messages. | |||||
CVE-2007-5470 | 1 Microsoft | 1 Expression Media | 2024-02-28 | 2.1 LOW | N/A |
Microsoft Expression Media stores the catalog password in cleartext in the catalog IVC file, which allows local users to obtain sensitive information and gain access to the catalog by reading the IVC file. | |||||
CVE-2007-0011 | 1 Citrix | 1 Access Gateway | 2024-02-28 | 5.0 MEDIUM | N/A |
The web portal interface in Citrix Access Gateway (aka Citrix Advanced Access Control) before Advanced Edition 4.5 HF1 places a session ID in the URL, which allows context-dependent attackers to hijack sessions by reading "residual information", including the a referer log, browser history, or browser cache. | |||||
CVE-2007-1563 | 1 Opera | 1 Opera Browser | 2024-02-28 | 6.8 MEDIUM | N/A |
The FTP protocol implementation in Opera 9.10 allows remote attackers to allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response. | |||||
CVE-2007-5034 | 1 Elinks | 1 Elinks | 2024-02-28 | 4.3 MEDIUM | N/A |
ELinks before 0.11.3, when sending a POST request for an https URL, appends the body and content headers of the POST request to the CONNECT request in cleartext, which allows remote attackers to sniff sensitive data that would have been protected by TLS. NOTE: this issue only occurs when a proxy is defined for https. | |||||
CVE-2007-1044 | 1 Pearson Education | 1 Powerschool | 2024-02-28 | 5.0 MEDIUM | N/A |
Pearson Education PowerSchool 4.3.6 allows remote attackers to list the contents of the admin folder via a URI composed of the admin/ directory name and an arbitrary filename ending in ".js." NOTE: it was later reported that this issue had been addressed by 5.1.2. | |||||
CVE-2007-5432 | 1 Scottmanktelow | 1 Stride Cms | 2024-02-28 | 7.5 HIGH | N/A |
Stride 1.0 has a default administrator username of "scott" with the password "running", which allows remote attackers to obtain administrative access through login.php. | |||||
CVE-2007-5549 | 1 Cisco | 1 Ios | 2024-02-28 | 2.1 LOW | N/A |
Unspecified vulnerability in Command EXEC in Cisco IOS allows local users to bypass command restrictions and obtain sensitive information via an unspecified "variation of an IOS command" involving "two different methods", aka CSCsk16129. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. |