Total
3702 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-0076 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-11-21 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Microsoft Internet Explorer 5.01, 6 SP1 and SP2, and 7 allows remote attackers to execute arbitrary code via crafted HTML layout combinations, aka "HTML Rendering Memory Corruption Vulnerability." | |||||
| CVE-2008-0075 | 1 Microsoft | 1 Internet Information Server | 2024-11-21 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 through 6.0 allows remote attackers to execute arbitrary code via crafted inputs to ASP pages. | |||||
| CVE-2008-0060 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-21 | 6.8 MEDIUM | N/A |
| Help Viewer in Apple Mac OS X 10.4.11 and 10.5.2 allows remote attackers to execute arbitrary Applescript via a help:topic_list URL that injects HTML or JavaScript into a topic list page, as demonstrated using a help:runscript link. | |||||
| CVE-2008-0043 | 1 Apple | 1 Iphoto | 2024-11-21 | 9.3 HIGH | N/A |
| Format string vulnerability in Apple iPhoto before 7.1.2 allows remote attackers to execute arbitrary code via photocast subscriptions. | |||||
| CVE-2008-0042 | 1 Apple | 1 Mac Os X | 2024-11-21 | 6.8 MEDIUM | N/A |
| Argument injection vulnerability in Terminal.app in Terminal in Apple Mac OS X 10.4.11 and 10.5 through 10.5.1 allows remote attackers to execute arbitrary code via unspecified URL schemes. | |||||
| CVE-2008-0039 | 1 Apple | 2 Mac Os X, Mail | 2024-11-21 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in Mail in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary commands via a crafted file:// URL. | |||||
| CVE-2008-0020 | 1 Microsoft | 2 Windows 2003 Server, Windows Xp | 2024-11-21 | 9.3 HIGH | N/A |
| Unspecified vulnerability in the Load method in the IPersistStreamInit interface in the Active Template Library (ATL), as used in the Microsoft Video ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via unknown vectors that trigger memory corruption, aka "ATL Header Memcopy Vulnerability," a different vulnerability than CVE-2008-0015. | |||||
| CVE-2007-6731 | 1 Claudio Matsuoka | 1 Extended Module Player | 2024-11-21 | 10.0 HIGH | N/A |
| Extended Module Player (XMP) 2.5.1 and earlier allow remote attackers to execute arbitrary code via an OXM file with a negative value, which bypasses a check in (1) test_oxm and (2) decrunch_oxm functions in misc/oxm.c, leading to a buffer overflow. | |||||
| CVE-2007-6706 | 1 Ibm | 1 Lotus Notes | 2024-11-21 | 9.3 HIGH | N/A |
| Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus Notes 6.5, 7.0.x before 7.0.2 CCH or 7.0.3, and possibly 8.0 allows remote attackers to execute arbitrary code via crafted text in an e-mail message sent over SMTP. | |||||
| CVE-2007-6657 | 1 Mihalism | 1 Multi Host | 2024-11-21 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in source/includes/load_forum.php in Mihalism Multi Forum Host 3.0.x and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mfh_root_path parameter. | |||||
| CVE-2007-6655 | 1 Matpo Bilder Galerie | 1 Kontakt Formular | 2024-11-21 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in includes/function.php in Kontakt Formular 1.4 allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter. | |||||
| CVE-2007-6652 | 1 Xcms | 1 Xcms | 2024-11-21 | 7.5 HIGH | N/A |
| cpie.php in XCMS 1.83 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to conduct direct static code injection attacks and execute arbitrary code via the testo_0 parameter in a cpie admin action to index.php, which writes to dati/generali/footer.dtb (aka the XCMS footer). | |||||
| CVE-2007-6649 | 1 Matpo Bilder Galerie | 1 Matpo Bilder Galerie | 2024-11-21 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in includes/tumbnail.php in MatPo Bilder Galerie 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter. | |||||
| CVE-2007-6632 | 1 Xml2owl | 1 Xml2owl | 2024-11-21 | 6.8 MEDIUM | N/A |
| showCode.php in xml2owl 0.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the path parameter. | |||||
| CVE-2007-6615 | 1 Agares Media | 1 Phpautovideo | 2024-11-21 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in includes/block.php in Agares Media phpAutoVideo 2.21 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the selected_provider parameter. | |||||
| CVE-2007-6614 | 1 Agares Media | 1 Phpautovideo | 2024-11-21 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in admin/frontpage_right.php in Agares Media phpAutoVideo 2.21 allows remote attackers to execute arbitrary PHP code via a URL in the loadadminpage parameter, a related issue to CVE-2007-6542. | |||||
| CVE-2007-6585 | 1 Nmnnewsletter | 1 Nmnnewsletter | 2024-11-21 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in confirmUnsubscription.php in NmnNewsletter 1.0.7 allows remote attackers to execute arbitrary PHP code via a URL in the output parameter. | |||||
| CVE-2007-6568 | 1 Xzero Scripts | 1 Xzero Community Classifieds | 2024-11-21 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in config.inc.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path_escape parameter. | |||||
| CVE-2007-6555 | 1 Phil Taylor | 1 Mosdirectory | 2024-11-21 | 9.3 HIGH | N/A |
| PHP remote file inclusion vulnerability in modules/mod_pxt_latest.php in the mosDirectory (com_directory) 2.3.2 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[mosConfig_absolute_path] parameter. | |||||
| CVE-2007-6553 | 1 George Lewe | 1 Teamcal Pro | 2024-11-21 | 6.8 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in TeamCal Pro 3.1.000 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the CONF[app_root] parameter to (1) tcuser.class.php, (2) absencecount.inc.php, (3) avatar.inc.php, (4) csvhandler.class.php, (5) functions.tcpro.php, (6) header.html.inc.php, (7) joomlajack.tcpro.php, (8) menu.inc.php, (9) other.inc.php, (10) tcabsence.class.php, (11) tcabsencegroup.class.php, (12) tcallowance.class.php, (13) tcannouncement.class.php, (14) tcconfig.class.php, (15) tcdaynote.class.php, (16) tcgroup.class.php, (17) tcholiday.class.php, (18) tclogin.class.php, (19) tcmonth.class.php, (20) tctemplate.class.php, (21) tcusergroup.class.php, or (22) tcuseroption.class.php in includes/, possibly a related issue to CVE-2006-4845. | |||||