Total
29551 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-2178 | 1 Objective Development | 1 Sharity | 2025-04-09 | 7.8 HIGH | N/A |
| Multiple unspecified vulnerabilities in Objective Development Sharity before 3.3 allow remote attackers to cause a denial of service (daemon crash) via unspecified vectors. | |||||
| CVE-2006-6680 | 1 Chetcpasswd | 1 Chetcpasswd | 2025-04-09 | 4.6 MEDIUM | N/A |
| Pedro Lineu Orso chetcpasswd before 2.3.1 does not document the need for 0400 permissions on /etc/chetcpasswd.allow, which might allow local users to gain sensitive information by reading this file. | |||||
| CVE-2006-6854 | 1 De Marchi Daniele | 1 Quickcam | 2025-04-09 | 7.5 HIGH | N/A |
| The qcamvc_video_init function in qcamvc.c in De Marchi Daniele QuickCam VC Linux device driver (aka quickcam-vc) 1.0.9 and earlier does not properly check a boundary, triggering memory corruption, which might allow attackers to execute arbitrary code via a crafted QuickCam object. | |||||
| CVE-2009-1364 | 2 Francis James Franklin, Opensuse | 2 Libwmf, Opensuse | 2025-04-09 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the embedded GD library in libwmf 0.2.8.4 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WMF file. | |||||
| CVE-2009-4197 | 1 Huawei | 3 Mt882 Modem, Mt882 Modem Firmware, Mt882 V100t002b020 Arg-t | 2025-04-09 | 4.7 MEDIUM | N/A |
| rpwizPppoe.htm in Huawei MT882 V100R002B020 ARG-T running firmware 3.7.9.98 contains a form that does not disable the autocomplete setting for the password parameter, which makes it easier for local users or physically proximate attackers to obtain the password from web browsers that support autocomplete. | |||||
| CVE-2006-6915 | 1 Ibm | 1 Aix | 2025-04-09 | 4.0 MEDIUM | N/A |
| ftpd in IBM AIX 5.2.0 and 5.3.0 allows remote authenticated users to cause a denial of service (port exhaustion) via unspecified vectors. NOTE: some details were obtained from third party sources. | |||||
| CVE-2007-0119 | 1 Edittag | 1 Edittag | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in EditTag 1.2 allow remote attackers to inject arbitrary web script or HTML via the plain parameter to (1) mkpw_mp.cgi, (2) mkpw.pl, or (3) mkpw.cgi. | |||||
| CVE-2007-1959 | 1 Tinymux | 1 Tinymux | 2025-04-09 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the process_cmdent function in command.cpp in TinyMUX before 2.4 has unknown impact and attack vectors, related to lack of the "'other half' of buffer overflow protection." | |||||
| CVE-2007-3471 | 1 Sun | 1 Solaris | 2025-04-09 | 7.2 HIGH | N/A |
| Buffer overflow in the dtsession Common Desktop Environment (CDE) Session Manager in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via unspecified vectors. | |||||
| CVE-2007-3822 | 1 Citadel | 1 Webcit | 2025-04-09 | 2.6 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Webcit before 7.11 allow remote attackers to inject arbitrary web script or HTML via (1) the who parameter to showuser; and other vectors involving (2) calendar mode, (3) bulletin board mode, (4) room names, and (5) uploaded file names. | |||||
| CVE-2007-2298 | 1 Gforge | 1 Garennes | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Garennes 0.6.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the repertoire_config parameter to index.php in (1) cpe/, (2) direction/, or (3) professeurs/. | |||||
| CVE-2007-0113 | 1 Packeteer | 1 Packetwise | 2025-04-09 | 6.8 MEDIUM | N/A |
| Buffer overflow in Packeteer PacketShaper PacketWise 8.x allows remote authenticated users to cause a denial of service (reset or reboot) via (1) a long traffic class argument to the "class show" command or (2) a long POLICY parameter value in clastree.htm. | |||||
| CVE-2006-5314 | 1 Phplibre | 1 Tribunalibre | 2025-04-09 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in ftag.php in TribunaLibre 3.12 Beta allows remote attackers to execute arbitrary PHP code via a URL in the mostrar parameter. | |||||
| CVE-2007-6389 | 1 Gnome | 1 Screensaver | 2025-04-09 | 2.1 LOW | N/A |
| The notify feature in GNOME screensaver (gnome-screensaver) 2.20.0 might allow local users to read the clipboard contents and X selection data for a locked session by using ctrl-V. | |||||
| CVE-2007-2613 | 1 Wikkawiki | 1 Wikkawiki | 2025-04-09 | 8.3 HIGH | N/A |
| WikkaWiki (Wikka Wiki) before 1.1.6.3 allows attackers in a shared virtual host server environment to upload and execute an arbitrary configuration file by modifying the WAKKA_CONFIG environment variable. | |||||
| CVE-2007-2677 | 1 Phpchess | 1 Phpchess | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in phpChess Community Edition 2.0 allow remote attackers to execute arbitrary PHP code via a URL in (1) the config parameter to includes/language.php, or the Root_Path parameter to (2) layout_admin_cfg.php, (3) layout_cfg.php, or (4) layout_t_top.php in skins/phpchess/. NOTE: vector 1 has been disputed by CVE, since the code is defined within a function that is not called from within includes/language.php. | |||||
| CVE-2007-3605 | 1 Sap | 1 Enjoysap | 2025-04-09 | 7.6 HIGH | N/A |
| Stack-based buffer overflow in the kweditcontrol.kwedit.1 ActiveX control in FrontEnd\SapGui\kwedit.dll in the EnjoySAP SAP GUI allows remote attackers to execute arbitrary code via a long argument to the PrepareToPostHTML function. | |||||
| CVE-2007-2989 | 1 Sun | 1 Solaris | 2025-04-09 | 7.8 HIGH | N/A |
| The libike library in Sun Solaris 9 before 20070529 contains a logic error related to a certain pointer, which allows remote attackers to cause a denial of service (in.iked daemon crash) by sending certain UDP packets with a source port different from 500. NOTE: this issue might overlap CVE-2006-2298. | |||||
| CVE-2006-5016 | 1 E-vision | 1 E-vision Cms | 2025-04-09 | 5.0 MEDIUM | N/A |
| Unrestricted file upload vulnerability in admin/x_image.php in Szava Gyula and Csaba Tamas e-Vision CMS, probably 1.0, allows remote attackers to upload arbitrary files to the /imagebank directory. | |||||
| CVE-2007-3547 | 1 Qt-cute | 1 Quickticket | 2025-04-09 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in qti_checkname.php in QuickTicket 1.2 allows remote attackers to include and execute arbitrary local files a .. (dot dot) in the lang parameter. | |||||