Total
28422 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-3264 | 1 Ibm | 1 Websphere Application Server | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in the PD tools component in IBM WebSphere Application Server (WAS) 6.1.0.7 and earlier has unknown impact and attack vectors. | |||||
CVE-2007-6425 | 1 Hp | 1 Hp-ux | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in HP-UX B.11.31, when running ARPA Transport, allows remote attackers to cause a denial of service via unknown vectors. | |||||
CVE-2006-5574 | 1 Microsoft | 5 Office, Office Multilingual User Interface Pack, Office Proofing Tools and 2 more | 2024-02-28 | 9.3 HIGH | N/A |
Unspecified vulnerability in the Brazilian Portuguese Grammar Checker in Microsoft Office 2003 and the Multilingual Interface for Office 2003, Project 2003, and Visio 2003 allows user-assisted remote attackers to execute arbitrary code via crafted text that is not properly parsed. | |||||
CVE-2007-3734 | 1 Mozilla | 2 Firefox, Thunderbird | 2024-02-28 | 9.3 HIGH | N/A |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 2.0.0.5 and Thunderbird before 2.0.0.5 allow remote attackers to cause a denial of service (crash) via unspecified vectors that trigger memory corruption. | |||||
CVE-2007-2108 | 2 Microsoft, Oracle | 2 Windows, Database Server | 2024-02-28 | 6.8 MEDIUM | N/A |
Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.0.1.5, 9.2.0.8, 10.1.0.5, and 10.2.0.2 on Windows allows remote attackers to have an unknown impact, aka DB01. NOTE: as of 20070424, Oracle has not disputed reliable claims that this issue occurs because the NTLM SSPI AcceptSecurityContext function grants privileges based on the username provided even though all users are authenticated as Guest, which allows remote attackers to gain privileges. | |||||
CVE-2007-2034 | 1 Cisco | 1 Wireless Control System | 2024-02-28 | 9.0 HIGH | N/A |
Unspecified vulnerability in Cisco Wireless Control System (WCS) before 4.0.87.0 allows remote authenticated users to gain the privileges of the SuperUsers group, and manage the application and its networks, related to the group membership of user accounts, aka Bug ID CSCsg05190. | |||||
CVE-2007-3473 | 1 Libgd | 1 Gd Graphics Library | 2024-02-28 | 4.3 MEDIUM | N/A |
The gdImageCreateXbm function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors involving a gdImageCreate failure. | |||||
CVE-2007-6487 | 1 Plain Black | 1 Webgui | 2024-02-28 | 4.9 MEDIUM | N/A |
Unspecified vulnerability in Plain Black WebGUI 7.4.0 through 7.4.17 allows remote authenticated users with Secondary Admin privileges to create Admin accounts, a different vulnerability than CVE-2006-0680. | |||||
CVE-2007-4574 | 3 Amd, Intel, Redhat | 3 Amd64, Ia64, Enterprise Linux | 2024-02-28 | 4.7 MEDIUM | N/A |
Unspecified vulnerability in the "stack unwinder fixes" in kernel in Red Hat Enterprise Linux 5, when running on AMD64 and Intel 64, allows local users to cause a denial of service via unknown vectors. | |||||
CVE-2007-5753 | 1 Light Fman Php | 1 Light Fman Php | 2024-02-28 | 7.5 HIGH | N/A |
Unspecified vulnerability in Light FMan PHP (lfman or lightfman) before 2.0rc1 has unknown impact and attack vectors related to "actions." | |||||
CVE-2006-5785 | 1 Sap | 1 Sap Web Application Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in SAP Web Application Server 6.40 before patch 136 and 7.00 before patch 66 allows remote attackers to cause a denial of service (enserver.exe crash) via a 0x72F2 sequence on UDP port 64999. | |||||
CVE-2008-0344 | 1 Oracle | 5 Application Server, Collaboration Suite, Database Server and 2 more | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5 and 10.2.0.3 has unknown impact and remote attack vectors, aka DB07. | |||||
CVE-2007-3960 | 1 Ibm | 1 Websphere Application Server | 2024-02-28 | 9.3 HIGH | N/A |
Multiple unspecified vulnerabilities in IBM WebSphere Application Server (WAS) before Fix Pack 21 (6.0.2.21) have unknown impact and attack vectors, aka (1) PK33799, or (2) a "Potential security exposure" in the Samples component (PK40213). | |||||
CVE-2007-4650 | 1 Bharat Mediratta | 1 Gallery | 2024-02-28 | 6.4 MEDIUM | N/A |
Multiple unspecified vulnerabilities in Gallery before 2.2.3 allow attackers to (1) rename items, (2) read and modify item properties, or (3) lock and replace items via unknown vectors in (a) the WebDAV module; and (4) edit unspecified data files using "linked items" in WebDAV and (b) Reupload modules. | |||||
CVE-2006-5363 | 1 Oracle | 2 Application Server, Collaboration Suite | 2024-02-28 | 2.6 LOW | N/A |
Unspecified vulnerability in Oracle Single Sign-On component in Oracle Application Server 10.1.2.0.1 and Collaboration Suite 10.1.2 has unknown impact and remote attack vectors, aka Vuln# SSO02. | |||||
CVE-2007-5532 | 1 Oracle | 1 Peoplesoft Enterprise | 2024-02-28 | 7.5 HIGH | N/A |
Unspecified vulnerability in the People Tools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.17, 8.47.14, 8.48.13, 8.49.05 has unknown impact and remote attack vectors, aka PSE01. | |||||
CVE-2006-6136 | 1 Ibm | 1 Websphere Application Server | 2024-02-28 | 10.0 HIGH | N/A |
IBM WebSphere Application Server 6.1.0 before Fix Pack 3 (6.1.0.3) does not perform EAL4 authentication checks at the proper time during "registering of response operation," which has unknown impact and attack vectors. | |||||
CVE-2007-5535 | 1 Runcms | 1 Runcms | 2024-02-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in newbb_plus in RunCms 1.5.2 has unknown impact and attack vectors. | |||||
CVE-2007-0456 | 1 Wireshark | 1 Wireshark | 2024-02-28 | 4.3 MEDIUM | N/A |
Unspecified vulnerability in the LLT dissector in Wireshark (formerly Ethereal) 0.99.3 and 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors. | |||||
CVE-2007-6350 | 1 Scponly | 1 Scponly | 2024-02-28 | 8.5 HIGH | N/A |
scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute code by invoking dangerous subcommands including (1) unison, (2) rsync, (3) svn, and (4) svnserve, as originally demonstrated by creating a Subversion (SVN) repository with malicious hooks, then using svn to trigger execution of those hooks. |