Total
29682 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-2454 | 1 Parallels | 1 Parallels Desktop | 2025-04-09 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in the VGA device in Parallels allows local users, with root access to the guest operating system, to terminate the virtual machine and possibly execute arbitrary code in the host operating system via unspecified vectors related to bitblt operations. | |||||
| CVE-2008-1322 | 1 Asg-sentry | 1 Asg-sentry | 2025-04-09 | 7.8 HIGH | N/A |
| The File Check Utility (fcheck.exe) in ASG-Sentry Network Manager 7.0.0 and earlier allows remote attackers to cause a denial of service (CPU consumption) or overwrite arbitrary files via a query string that specifies the -b option, probably due to an argument injection vulnerability. | |||||
| CVE-2007-2892 | 1 Asp-nuke | 1 Asp-nuke | 2025-04-09 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in news.asp in ASP-Nuke 2.0.7 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-3461 | 1 Elkagroup | 1 Image Gallery | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in property.php in elkagroup Image Gallery 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter. | |||||
| CVE-2007-1928 | 1 Witshare | 1 Witshare | 2025-04-09 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in index.php in witshare 0.9 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the menu parameter. | |||||
| CVE-2007-1671 | 1 Avira | 1 Antivir Personal | 2025-04-09 | 7.8 HIGH | N/A |
| avpack32.dll before 7.3.0.6 in Avira AntiVir allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file. | |||||
| CVE-2006-6379 | 1 Broadcom | 3 Brightstor Arcserve Backup, Brightstor Enterprise Backup, Server Protection Suite | 2025-04-09 | 7.5 HIGH | N/A |
| Buffer overflow in the BrightStor Backup Discovery Service in multiple CA products, including ARCserve Backup r11.5 SP1 and earlier, ARCserve Backup 9.01 up to 11.1, Enterprise Backup 10.5, and CA Server Protection Suite r2, allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2007-1199 | 1 Adobe | 1 Acrobat Reader | 2025-04-09 | 4.3 MEDIUM | N/A |
| Adobe Reader and Acrobat Trial allow remote attackers to read arbitrary files via a file:// URI in a PDF document, as demonstrated with <</URI(file:///C:/)/S/URI>>, a different issue than CVE-2007-0045. | |||||
| CVE-2007-3407 | 1 Sergey Lyubka | 1 Simple Httpd | 2025-04-09 | 5.0 MEDIUM | N/A |
| Sergey Lyubka Simple HTTPD (shttpd) 1.38 allows remote attackers to obtain sensitive information (script source code) via a URL with a trailing encoded space (%20). | |||||
| CVE-2007-1858 | 1 Apache | 1 Tomcat | 2025-04-09 | 2.6 LOW | N/A |
| The default SSL cipher configuration in Apache Tomcat 4.1.28 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.17 uses certain insecure ciphers, including the anonymous cipher, which allows remote attackers to obtain sensitive information or have other, unspecified impacts. | |||||
| CVE-2007-0308 | 1 Plain Black | 1 Webgui | 2025-04-09 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Plain Black WebGUI before 7.3.4 (beta) allows remote attackers to inject arbitrary web script or HTML via Wiki Page titles. | |||||
| CVE-2007-3868 | 1 Oracle | 1 Peoplesoft Enterprise | 2025-04-09 | 6.5 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in PeopleTools in Oracle PeopleSoft Enterprise 8.22.15, 8.47.13, 8.48.10, and 8.49.02 allows remote authenticated users or attackers to have an unknown impact via multiple vectors, aka (1) PSE01, (2) PSE02, and (3) PSE03. | |||||
| CVE-2007-3872 | 1 Hp | 2 Openview Operations, Shared Trace Service | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple stack-based buffer overflows in the Shared Trace Service (OVTrace) service for HP OpenView Operations A.07.50 for Windows, and possibly earlier versions, allow remote attackers to execute arbitrary code via certain crafted requests. | |||||
| CVE-2007-3451 | 1 Gorani Network | 1 6alblog | 2025-04-09 | 6.5 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in admin/index.php in 6ALBlog allows remote authenticated administrators to execute arbitrary PHP code via a URL in the pg parameter. | |||||
| CVE-2007-3479 | 1 Pc Soft | 1 Windev | 2025-04-09 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in PCSoft WinDEV 11 (01F110053p) allows user-assisted remote attackers to execute arbitrary code via a long string in the "used DLL" field in a WDP project file. | |||||
| CVE-2006-7055 | 1 Sweetphp | 1 Totalcalendar | 2025-04-09 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in index.php in TotalCalendar 2.30 and earlier allows remote attackers to execute arbitrary code via a URL in the inc_dir parameter, a different vector than CVE-2006-1922. | |||||
| CVE-2007-0378 | 1 Docman | 1 Docman | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in DocMan 1.3 RC2 allow attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2007-2092 | 1 Limesoft | 1 Limesoft Guestbook | 2025-04-09 | 7.5 HIGH | N/A |
| Direct static code injection vulnerability in index.php in Limesoft Guestbook (LS Simple Guestbook) allows remote attackers to inject arbitrary PHP code into posts.txt via the name parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2006-6284 | 1 Vikingboard | 1 Vikingboard | 2025-04-09 | 9.0 HIGH | N/A |
| Directory traversal vulnerability in admin.php in Vikingboard 0.1.2 allows remote authenticated administrators to include arbitrary files via a .. (dot dot) sequence in the act parameter. | |||||
| CVE-2006-5255 | 1 Greg Neustaetter | 1 Gcards | 2025-04-09 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in addnews.php in Greg Neustaetter gCards 1.13 allows remote attackers to execute arbitrary PHP code via a URL in the languagefile parameter. NOTE: another researcher has observed that languageFile is defined before use. CVE analysis as of 20061012 concurs with the dispute | |||||