Total
29682 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-2830 | 1 Madwifi | 1 Madwifi | 2025-04-09 | 5.0 MEDIUM | N/A |
| The ath_beacon_config function in if_ath.c in MadWifi before 0.9.3.1 allows remote attackers to cause a denial of service (system crash) via crafted beacon interval information when scanning for access points, which triggers a divide-by-zero error. | |||||
| CVE-2007-1862 | 1 Apache | 1 Http Server | 2025-04-09 | 5.0 MEDIUM | N/A |
| The recall_headers function in mod_mem_cache in Apache 2.2.4 does not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously used data, which could be used by remote attackers to obtain potentially sensitive information. | |||||
| CVE-2007-4659 | 1 Php | 1 Php | 2025-04-09 | 7.5 HIGH | N/A |
| The zend_alter_ini_entry function in PHP before 5.2.4 does not properly handle an interruption to the flow of execution triggered by a memory_limit violation, which has unknown impact and attack vectors. | |||||
| CVE-2006-5737 | 1 Punbb | 1 Punbb | 2025-04-09 | 7.2 HIGH | N/A |
| PunBB uses a predictable cookie_seed value that can be derived from the time of registration of the superadmin account (installation time), which might allow local users to perform unauthorized actions. | |||||
| CVE-2006-5595 | 1 Wireshark | 1 Wireshark | 2025-04-09 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the AirPcap support in Wireshark (formerly Ethereal) 0.99.3 has unspecified attack vectors related to WEP key parsing. | |||||
| CVE-2008-3837 | 3 Canonical, Debian, Mozilla | 4 Ubuntu Linux, Debian Linux, Firefox and 1 more | 2025-04-09 | 9.3 HIGH | N/A |
| Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, and SeaMonkey before 1.1.12, allow user-assisted remote attackers to move a window during a mouse click, and possibly force a file download or unspecified other drag-and-drop action, via a crafted onmousedown action that calls window.moveBy, a variant of CVE-2003-0823. | |||||
| CVE-2007-1455 | 1 Cpanel-host | 1 Fantastico De Luxe | 2025-04-09 | 9.0 HIGH | N/A |
| Multiple absolute path traversal vulnerabilities in Fantastico, as used with cPanel 10.x, allow remote authenticated users to include and execute arbitrary local files via (1) the userlanguage parameter to includes/load_language.php or (2) the fantasticopath parameter to includes/mysqlconfig.php and certain other files. | |||||
| CVE-2007-3842 | 1 8e6 | 1 R3000 Enterprise Filter | 2025-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the 8e6 R3000 Enterprise Filter before 2.0.05 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this may be the same as CVE-2007-2970. | |||||
| CVE-2006-5783 | 1 Mozilla | 1 Firefox | 2025-04-09 | 7.8 HIGH | N/A |
| Firefox 1.5.0.7 on Kubuntu Linux allows remote attackers to cause a denial of service (crash) via a long URL in an A tag. NOTE: this issue has been disputed by several vendors, who could not reproduce the report. In addition, the scope of the impact - system freeze - suggests an issue that is not related to Firefox. Due to this impact, CVE concurs with the dispute | |||||
| CVE-2006-6668 | 1 Verliadmin | 1 Verliadmin | 2025-04-09 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in VerliAdmin 0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-1529 | 1 Microsoft | 1 Windows Vista | 2025-04-09 | 4.3 MEDIUM | N/A |
| The LLTD Responder in Microsoft Windows Vista does not send the Mapper a response to a DISCOVERY packet if another host has sent a spoofed response first, which allows remote attackers to spoof arbitrary hosts via a network-based race condition, aka the "Total Spoof" attack. | |||||
| CVE-2007-3533 | 1 3com | 1 3cnj220 | 2025-04-09 | 5.0 MEDIUM | N/A |
| The 3Com IntelliJack Switch NJ220 before 2.0.23 allows remote attackers to cause a denial of service (reboot and reporting outage) via a loopback packet with zero in the length field. | |||||
| CVE-2007-3045 | 2 Hitachi, Hp | 3 Hi Ux We2, Tp1 Net Osi-tp-extended, Hp-ux | 2025-04-09 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Hitachi TP1/NET/OSI-TP-Extended on HI-UX/WE2 before 20070213, and on HP-UX before 20070314, allows remote attackers to cause a denial of service via certain data to a port. | |||||
| CVE-2009-3277 | 1 Xenu By | 1 Datavault | 2025-04-09 | 5.0 MEDIUM | N/A |
| DataVault.Tesla/Impl/TypeSystem/AssociationHelper.cs in datavault allows context-dependent attackers to cause a denial of service (CPU consumption) via an input string composed of an [ (open bracket) followed by many commas, related to a certain regular expression, aka a "ReDoS" vulnerability. | |||||
| CVE-2007-0495 | 1 Phpsherpa | 1 Phpsherpa | 2025-04-09 | 10.0 HIGH | N/A |
| PHP remote file inclusion vulnerability in include/config.inc.php in PhpSherpa allows remote attackers to execute arbitrary PHP code via a URL in the racine parameter. | |||||
| CVE-2007-1382 | 2 Microsoft, Php | 2 All Windows, Com Extensions | 2025-04-09 | 6.8 MEDIUM | N/A |
| The PHP COM extensions for PHP on Windows systems allow context-dependent attackers to execute arbitrary code via a WScript.Shell COM object, as demonstrated by using the Run method of this object to execute cmd.exe, which bypasses PHP's safe mode. | |||||
| CVE-2007-1691 | 1 Second Sight Software | 1 Activemod | 2025-04-09 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in Second Sight Software ActiveMod ActiveX control (ActiveMod.ocx) allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2007-0409 | 1 Bea | 1 Weblogic Server | 2025-04-09 | 1.5 LOW | N/A |
| BEA WebLogic 7.0 through 7.0 SP6, 8.1 through 8.1 SP4, and 9.0 initial release does not encrypt passwords stored in the JDBCDataSourceFactory MBean Properties, which allows local administrative users to read the cleartext password. | |||||
| CVE-2006-5018 | 1 Contentkeeper Technologies | 1 Contentkeeper | 2025-04-09 | 4.0 MEDIUM | N/A |
| ContentKeeper 123.25 and earlier places passwords in cleartext in an INPUT element in cgi-bin/ck/changepw.cgi, which allows remote authenticated users to obtain passwords via this URI. | |||||
| CVE-2009-3626 | 1 Perl | 1 Perl | 2025-04-09 | 5.0 MEDIUM | N/A |
| Perl 5.10.1 allows context-dependent attackers to cause a denial of service (application crash) via a UTF-8 character with a large, invalid codepoint, which is not properly handled during a regular-expression match. | |||||