Total
262164 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-6340 | 1 Nvidia | 1 Nview | 2024-02-28 | 5.0 MEDIUM | N/A |
| keystone.exe in nVIDIA nView allows attackers to cause a denial of service via a long command line argument. NOTE: it is not clear whether this issue crosses security boundaries. If not, then this is not a vulnerability. | |||||
| CVE-2007-4815 | 1 Markus Iser | 1 Ed Engine | 2024-02-28 | 6.8 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in WebED in Markus Iser ED Engine 0.8999 alpha allow remote attackers to execute arbitrary PHP code via a URL in the Codebase parameter to (1) channeledit.php, (2) post.php, (3) view.php, or (4) viewitem.php in source/mod/rss/. | |||||
| CVE-2007-2224 | 1 Microsoft | 5 Office, Visual Basic, Windows 2000 and 2 more | 2024-02-28 | 9.3 HIGH | N/A |
| Object linking and embedding (OLE) Automation, as used in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Office 2004 for Mac, and Visual Basic 6.0 allows remote attackers to execute arbitrary code via the substringData method on a TextNode object, which causes an integer overflow that leads to a buffer overflow. | |||||
| CVE-2008-0459 | 1 Liquidsilvercms | 1 Liquidsilvercms | 2024-02-28 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in update/index.php in Liquid-Silver CMS 0.35, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the update parameter. | |||||
| CVE-2007-6179 | 1 Kinson Chan Charray | 1 Cms | 2024-02-28 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Charray's CMS 0.9.3 allow remote attackers to execute arbitrary PHP code via a URL in the ccms_library_path parameter to (1) markdown.php and (2) gallery.php in decoder/. | |||||
| CVE-2007-2096 | 1 Hinton Design | 1 Phphd Download System | 2024-02-28 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in common.php in Hinton Design PHPHD Download System (phphd_downloads) allows remote attackers to execute arbitrary PHP code via a URL in the phphd_real_path parameter. NOTE: this issue may be present in versions from 2006. | |||||
| CVE-2008-0975 | 1 Double-take Software | 1 Double-take | 2024-02-28 | 5.0 MEDIUM | N/A |
| Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and other names, allows remote attackers to cause a denial of service (CPU consumption) via a -1 value in the field that specifies the size of the vector<T> value. | |||||
| CVE-2008-0935 | 1 Novell | 2 Iprint, Iprint Client | 2024-02-28 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the Novell iPrint Control ActiveX control in ienipp.ocx in Novell iPrint Client before 4.34 allows remote attackers to execute arbitrary code via a long argument to the ExecuteRequest method. | |||||
| CVE-2007-1780 | 1 Overlay Weaver | 1 Overlay Weaver | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the DHT shell (owdhtshell) in Overlay Weaver 0.5.9 to 0.5.11, when invoked with the -x option, allows remote attackers to inject arbitrary web script or HTML via fields in certain input forms. | |||||
| CVE-2006-5454 | 1 Mozilla | 1 Bugzilla | 2024-02-28 | 5.0 MEDIUM | N/A |
| Bugzilla 2.18.x before 2.18.6, 2.20.x before 2.20.3, 2.22.x before 2.22.1, and 2.23.x before 2.23.3 allow remote attackers to obtain (1) the description of arbitrary attachments by viewing the attachment in "diff" mode in attachment.cgi, and (2) the deadline field by viewing the XML format of the bug in show_bug.cgi. | |||||
| CVE-2006-6573 | 1 Citrix | 1 Access Gateway | 2024-02-28 | 6.0 MEDIUM | N/A |
| Unspecified vulnerability in Citrix Access Gateway 4.5 Advanced Edition, and 4.2 with Advanced Access Control (AAC) 4.2, when deployed on the Access Gateway appliance 4.2 through 4.2.2 allows remote authenticated users to "gain access to data" and obtain sensitive information via unspecified vectors. | |||||
| CVE-2007-4147 | 1 Interspire | 1 Articlelive Nx | 2024-02-28 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in Interspire ArticleLive NX before 1.7.1.2 have unknown impact and attack vectors, possibly related to (1) AL_SANITIZE and (2) "Calling the constructor to make sure things are checked, safe mode, etc." | |||||
| CVE-2006-6152 | 1 Vspin.net | 1 Classified System | 2024-02-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in vSpin.net Classified System 2004 allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to (a) cat.asp, or the (2) keyword, (3) order, (4) sort, (5) menuSelect, or (6) state parameter to (b) search.asp. | |||||
| CVE-2007-0181 | 1 Scriptaty | 1 Magic Photo Storage Website | 2024-02-28 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in include/common_function.php in magic photo storage website allows remote attackers to execute arbitrary PHP code via a URL in the _config[site_path] parameter. | |||||
| CVE-2007-3608 | 1 Sap | 1 Enjoysap | 2024-02-28 | 5.0 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in ActiveX controls in the EnjoySAP SAP GUI allow remote attackers to create certain files via unspecified vectors. | |||||
| CVE-2007-1451 | 1 Guppy | 1 Guppy | 2024-02-28 | 6.4 MEDIUM | N/A |
| GuppY 4.0 allows remote attackers to delete arbitrary files via a direct request to install/install.php, then selecting "Installation propre" (cleanup.php) and then "Suppression des fichiers d'installation" (delete.php). | |||||
| CVE-2006-6450 | 1 Novell | 1 Zenworks Patch Management Server | 2024-02-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in dagent/downloadreport.asp in Novell ZENworks Patch Management (ZPM) before 6.3.2.700 allow remote attackers to execute arbitrary SQL commands via the (1) agentid and (2) pass parameters. | |||||
| CVE-2007-2598 | 1 Simplenews | 1 Simplenews | 2024-02-28 | 10.0 HIGH | N/A |
| SQL injection vulnerability in print.php in SimpleNews 1.0.0 FINAL allows remote attackers to execute arbitrary SQL commands via the news_id parameter. | |||||
| CVE-2007-0495 | 1 Phpsherpa | 1 Phpsherpa | 2024-02-28 | 10.0 HIGH | N/A |
| PHP remote file inclusion vulnerability in include/config.inc.php in PhpSherpa allows remote attackers to execute arbitrary PHP code via a URL in the racine parameter. | |||||
| CVE-2007-0128 | 1 Digiappz | 1 Digirez | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in info_book.asp in Digirez 3.4 and earlier allows remote attackers to execute arbitrary SQL commands via the book_id parameter. | |||||