Total
28327 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-6691 | 1 Menalto | 1 Gallery | 2024-02-28 | 10.0 HIGH | N/A |
Multiple unspecified vulnerabilities in Menalto Gallery before 2.2.4 have unknown impact, related to (1) "hotlink protection" in the URL rewrite module, (2) a WebDAV view in the WebDAV module, (3) a comment view in the Comment module, (4) unspecified "item information disclosure attacks" in the Core module Gallery application, (5) the slideshow in the Slideshow module, and (6) multiple Print modules. | |||||
CVE-2006-5082 | 1 Sugarcrm | 1 Sugar Suite | 2024-02-28 | 7.5 HIGH | N/A |
Unspecified vulnerability in Sugar Suite Open Source (SugarCRM) before 4.2.1 Patch C (20060917) has unspecified impact, related to code execution, and unspecified attack vectors. | |||||
CVE-2007-6151 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 7.2 HIGH | N/A |
The isdn_ioctl function in isdn_common.c in Linux kernel 2.6.23 allows local users to cause a denial of service via a crafted ioctl struct in which iocts is not null terminated, which triggers a buffer overflow. | |||||
CVE-2007-4910 | 1 Netinvoicing | 1 Netinvoicing | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in netInvoicing before 2.7.3 has unknown impact and attack vectors, related to "security check soap". | |||||
CVE-2008-0824 | 1 Caroline | 1 Caroline | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in the php2phps function in Claroline before 1.8.9 has unknown impact and attack vectors. | |||||
CVE-2007-1796 | 1 Jccorp | 1 Urlshrink | 2024-02-28 | 10.0 HIGH | N/A |
Multiple unspecified vulnerabilities in JCcorp URLshrink before 1.3.2 have unspecified attack vectors and impact. | |||||
CVE-2007-0918 | 1 Cisco | 1 Ios | 2024-02-28 | 7.1 HIGH | N/A |
The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash and traffic loss) via unspecified manipulations that are not properly handled by the regular expression feature, as demonstrated using the 3123.0 (Netbus Pro Traffic) signature. | |||||
CVE-2007-0273 | 1 Oracle | 1 Database Server | 2024-02-28 | 4.3 MEDIUM | N/A |
Unspecified vulnerability in Oracle Database 9.0.1.5, 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown impact and attack vectors related to XMLDB, aka DB06. NOTE: as of 20070123, Oracle has not disputed claims by a reliable researcher that DB06 is for multiple cross-site scripting (XSS) vulnerabilities. | |||||
CVE-2007-5526 | 1 Oracle | 2 Application Server, Collaboration Suite | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.2.0.2, 10.1.2.2, and 10.1.4.1, and Collaboration Suite 10.1.2, has unknown impact and remote attack vectors, aka AS11. | |||||
CVE-2007-4576 | 2024-02-28 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-4575. Reason: This candidate is a reservation duplicate of CVE-2007-4575. Notes: All CVE users should reference CVE-2007-4575 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | |||||
CVE-2007-6214 | 1 Learnloop | 1 Learnloop | 2024-02-28 | 4.3 MEDIUM | N/A |
Directory traversal vulnerability in include/file_download.php in LearnLoop 2.0 beta7 allows remote attackers to read arbitrary files via a .. (dot dot) in the sFilePath parameter. NOTE: exploitation requires that the product is configured, but has zero files in the database. | |||||
CVE-2007-2583 | 3 Canonical, Debian, Oracle | 3 Ubuntu Linux, Debian Linux, Mysql | 2024-02-28 | 4.0 MEDIUM | N/A |
The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference. | |||||
CVE-2008-0369 | 1 Ibm | 1 Informix Dynamic Server | 2024-02-28 | 6.9 MEDIUM | N/A |
Multiple unspecified programs in IBM Informix Dynamic Server (IDS) 10.x before 10.00.xC8 allow local users to create arbitrary files by specifying the target file in the SQLIDEBUG environment variable, whose ownership is changed to the user invoking the programs. | |||||
CVE-2007-5529 | 1 Oracle | 1 E-business Suite | 2024-02-28 | 7.5 HIGH | N/A |
Unspecified vulnerability in the Oracle Self-Service Web Applications component in client-only installations of Oracle E-Business Suite 11.5.10.2 has unknown impact and remote attack vectors, aka APP08. | |||||
CVE-2007-6431 | 1 Adobe | 2 Connect Enterprise Server, Flash Media Server 2 | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before SP3, allows remote attackers to "take control of the affected system" via unspecified vectors, a different issue than CVE-2007-6148 and CVE-2007-6149. | |||||
CVE-2008-0495 | 1 Ibm | 1 Hardware Management Console | 2024-02-28 | 7.8 HIGH | N/A |
Unspecified vulnerability in the Pegasus CIM Server in IBM Hardware Management Console (HMC) 7 R3.2.0 allows remote attackers to cause a denial of service via unspecified vectors. | |||||
CVE-2007-6501 | 1 Hosting Controller | 1 Hosting Controller | 2024-02-28 | 5.5 MEDIUM | N/A |
Unspecified vulnerability in Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to enable or disable "pay type" via a request to adminsettings/choosetranstype.asp. | |||||
CVE-2008-0346 | 1 Oracle | 5 Application Server, Collaboration Suite, Database Server and 2 more | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in the Oracle Jinitiator component in Oracle Application Server 1.3.1.27 and E-Business Suite 11.5.10.2 has unknown impact and remote attack vectors, aka AS01. | |||||
CVE-2007-6491 | 1 Kvaliitti | 1 Webdoc Cms | 2024-02-28 | 10.0 HIGH | N/A |
Multiple SQL injection vulnerabilities in Kvaliitti WebDoc 3.0 CMS allow remote attackers to execute arbitrary SQL commands via (1) the cat_id parameter to categories.asp; and probably (2) the document_id parameter to categories.asp, and the (3) cat_id and (4) document_id parameters to subcategory.asp. | |||||
CVE-2007-0980 | 3 Hp, Redhat, Suse | 4 Serviceguard For Linux, Enterprise Linux, Suse Linux and 1 more | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in HP Serviceguard for Linux; packaged for SuSE SLES8 and United Linux 1.0 before SG A.11.15.07, SuSE SLES9 and SLES10 before SG A.11.16.10, and Red Hat Enterprise Linux (RHEL) before SG A.11.16.10; allows remote attackers to obtain unauthorized access via unspecified vectors. |