Total
29549 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-1713 | 1 Noticeware | 1 Email Server | 2025-04-09 | 5.0 MEDIUM | N/A |
| MailServer.exe in NoticeWare Email Server 4.6.1.0 allows remote attackers to cause a denial of service (application crash) via a long string to IMAP port (143/tcp). | |||||
| CVE-2009-4378 | 2 Microsoft, Wireshark | 2 Windows, Wireshark | 2025-04-09 | 4.3 MEDIUM | N/A |
| The IPMI dissector in Wireshark 1.2.0 through 1.2.4 on Windows allows remote attackers to cause a denial of service (crash) via a crafted packet, related to "formatting a date/time using strftime." | |||||
| CVE-2007-0915 | 1 Hp | 1 Hp-ux | 2025-04-09 | 10.0 HIGH | N/A |
| Distributed SLS daemon (SLSd) on HP-UX B.11.11 allows remote attackers to overwrite arbitrary files and gain privileges via a crafted RPC request. | |||||
| CVE-2007-2756 | 1 Libgd | 1 Libgd | 2025-04-09 | 4.3 MEDIUM | N/A |
| The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng. | |||||
| CVE-2007-4506 | 1 Joomla | 1 Neorecruit | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the NeoRecruit component (com_neorecruit) 1.4 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an offer_view action. | |||||
| CVE-2007-4161 | 1 Tibco | 1 Rendezvous | 2025-04-09 | 4.3 MEDIUM | N/A |
| rvd in TIBCO Rendezvous (RV) 7.5.2, when -no-lead-wc is omitted, might allow remote attackers to cause a denial of service (network instability) via a subject name with a leading (1) '*' (asterisk) or (2) '>' (greater than) wildcard character. | |||||
| CVE-2007-3720 | 1 Linux | 1 Linux Kernel | 2025-04-09 | 2.1 LOW | N/A |
| The process scheduler in the Linux kernel 2.4 performs scheduling based on CPU billing gathered from periodic process sampling ticks, which allows local users to cause a denial of service (CPU consumption) by performing voluntary nanosecond sleeps that result in the process not being active during a clock interrupt, as described in "Secretly Monopolizing the CPU Without Superuser Privileges." | |||||
| CVE-2007-3548 | 1 W3filer | 1 W3filer | 2025-04-09 | 7.1 HIGH | N/A |
| Stack-based buffer overflow in W3Filer 2.1.3 allows remote FTP servers to cause a denial of service (application hang or crash) and possibly execute arbitrary code by sending a large banner to a client that is sending a file. | |||||
| CVE-2007-0615 | 1 Hitachi | 2 Hibun Advanced Edition Server, Jpi Hibun Advanced Edition Server | 2025-04-09 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Hitachi JP1/HIBUN Advanced Edition Management Server and Log Server before 20070124 allows remote attackers to cause a denial of service (application stop) via unexpected data. | |||||
| CVE-2007-1221 | 1 Microsoft | 1 Xbox 360 | 2025-04-09 | 7.2 HIGH | N/A |
| The Hypervisor in Microsoft Xbox 360 kernel 4532 and 4548 allows attackers with physical access to force execution of the hypervisor syscall with a certain register set, which bypasses intended code protection. | |||||
| CVE-2006-6372 | 1 James Barnsley | 1 Jab Guest Book | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in pbguestbook.php in JAB Guest Book 20061205 allow remote attackers to inject arbitrary web script or HTML via the (1) topic or (2) message parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2006-5754 | 1 Linux | 1 Linux Kernel | 2025-04-09 | 4.9 MEDIUM | N/A |
| The aio_setup_ring function in Linux kernel does not properly initialize a variable, which allows local users to cause a denial of service (crash) via an unspecified error path that causes an incorrect free operation. | |||||
| CVE-2006-5643 | 1 Foresite Cms | 1 Foresite Cms | 2025-04-09 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search_de.html in foresite CMS allows remote attackers to inject arbitrary web script or HTML via the query parameter. | |||||
| CVE-2007-2706 | 1 Geeklog | 1 Media Gallery | 2025-04-09 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in maint/ftpmedia.php in Media Gallery 1.4.8a and earlier for Geeklog allows remote attackers to execute arbitrary PHP code via a URL in the _MG_CONF[path_html] parameter. | |||||
| CVE-2007-1817 | 1 Lykoszine | 1 Lykos Reviews Module | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the Lykos Reviews (lykos_reviews) 1.00 module for Xoops allows remote attackers to execute arbitrary SQL commands via the uid parameter in a u action. | |||||
| CVE-2006-6101 | 2 X.org, Xfree86 Project | 2 X.org, Xfree86 | 2025-04-09 | 6.6 MEDIUM | N/A |
| Integer overflow in the ProcRenderAddGlyphs function in the Render extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of glyph management data structures. | |||||
| CVE-2006-5799 | 1 Xenis | 1 Xenis.creator Cms | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in default.asp in xenis.creator CMS allow remote attackers to inject arbitrary web script or HTML via the (1) contid or (2) search parameters. | |||||
| CVE-2006-6432 | 1 Xerox | 1 Workcentre | 2025-04-09 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Scan-to-mailbox feature in Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 allows remote attackers to download certain files via unspecified vectors. | |||||
| CVE-2009-1166 | 1 Cisco | 1 Catalyst | 2025-04-09 | 7.8 HIGH | N/A |
| The administrative web interface on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to cause a denial of service (device reload) via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCsy27708. | |||||
| CVE-2007-2849 | 1 Knowledgetree Document Management | 1 Knowledgetree Document Management | 2025-04-09 | 10.0 HIGH | N/A |
| KnowledgeTree Document Management (aka KnowledgeTree Open Source) before STABLE 3.3.7 does not require a password for an unregistered user, when the user exists in Active Directory, which allows remote attackers to log onto KTDMS without the intended authorization check. | |||||