Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-1353 | 1 Linux | 1 Linux Kernel | 2017-10-10 | 2.1 LOW | N/A |
| The setsockopt function in the L2CAP and HCI Bluetooth support in the Linux kernel before 2.4.34.3 allows context-dependent attackers to read kernel memory and obtain sensitive information via unspecified vectors involving the copy_from_user function accessing an uninitialized stack buffer. | |||||
| CVE-2007-1015 | 1 Aktueldownload | 1 Aktueldownload Haber Script | 2017-10-10 | 10.0 HIGH | N/A |
| SQL injection vulnerability in HaberDetay.asp in Aktueldownload Haber script allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2006-7234 | 1 Lynx | 1 Lynx | 2017-10-10 | 4.6 MEDIUM | N/A |
| Untrusted search path vulnerability in Lynx before 2.8.6rel.4 allows local users to execute arbitrary code via malicious (1) .mailcap and (2) mime.types files in the current working directory. | |||||
| CVE-2007-1017 | 1 Virtualsystem | 1 Vs-news-system | 2017-10-10 | 9.3 HIGH | N/A |
| PHP remote file inclusion vulnerability in show_news_inc.php in VirtualSystem VS-News-System 1.2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the newsordner parameter. | |||||
| CVE-2006-7081 | 1 Phpnews | 1 Phpnews | 2017-10-10 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in PhpNews 1.0 allow remote attackers to execute arbitrary PHP code via the Include parameter to (1) Include/lib.inc.php3 and (2) Include/variables.php3. | |||||
| CVE-2007-1019 | 1 Webspell | 1 Webspell | 2017-10-10 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in news.php in webSPELL 4.01.02, when register_globals is enabled, allows remote attackers to execute arbitrary SQL commands via the showonly parameter to index.php, a different vector than CVE-2006-5388. | |||||
| CVE-2006-7080 | 1 Exv2 | 1 Content Management System | 2017-10-10 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in the avatar upload feature in exV2 2.0.4.3 and earlier allows remote attackers to delete arbitrary files via ".." sequences in the old_avatar parameter. | |||||
| CVE-2007-1260 | 1 Webmod | 1 Webmod | 2017-10-10 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the connectHandle function in server.cpp in WebMod 0.48 allows remote attackers to execute arbitrary code via a long string in the Content-Length HTTP header. | |||||
| CVE-2007-1021 | 1 Xfairguy | 1 Codeavalanche News | 2017-10-10 | 10.0 HIGH | N/A |
| SQL injection vulnerability in inc_listnews.asp in CodeAvalanche News 1.x allows remote attackers to execute arbitrary SQL commands via the CAT_ID parameter. | |||||
| CVE-2006-7210 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2017-10-10 | 5.0 MEDIUM | N/A |
| Microsoft Windows 2000, XP, and Server 2003 allows remote attackers to cause a denial of service (cpu consumption) via a PNG image with crafted (1) Width and (2) Height values in the IHDR block. | |||||
| CVE-2006-7079 | 1 Exv2 | 1 Content Management System | 2017-10-10 | 6.8 MEDIUM | N/A |
| Variable extraction vulnerability in include/common.php in exV2 2.0.4.3 and earlier allows remote attackers to overwrite arbitrary program variables and conduct directory traversal attacks to execute arbitrary code by modifying the $xoopsOption['pagetype'] variable. | |||||
| CVE-2007-0256 | 1 Videolan | 1 Vlc Media Player | 2017-10-10 | 7.8 HIGH | N/A |
| VideoLAN VLC 0.8.6a allows remote attackers to cause a denial of service (application crash) via a crafted .wmv file. | |||||
| CVE-2007-1195 | 1 Dxmsoft | 1 Xm Easy Personal Ftp Server | 2017-10-10 | 7.5 HIGH | N/A |
| Multiple buffer overflows in XM Easy Personal FTP Server 5.3.0 allow remote attackers to execute arbitrary code via unspecified vectors. NOTE: this issue might overlap CVE-2006-2225, CVE-2006-2226, or CVE-2006-5728. | |||||
| CVE-2006-7203 | 1 Linux | 1 Linux Kernel | 2017-10-10 | 4.0 MEDIUM | N/A |
| The compat_sys_mount function in fs/compat.c in Linux kernel 2.6.20 and earlier allows local users to cause a denial of service (NULL pointer dereference and oops) by mounting a smbfs file system in compatibility mode ("mount -t smbfs"). | |||||
| CVE-2007-1297 | 1 Aj Square | 1 Ajdating | 2017-10-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in view_profile.php in AJDating 1.0 allows remote attackers to execute arbitrary SQL commands via the user_id parameter. | |||||
| CVE-2007-1298 | 1 Aj Square | 1 Ajauction | 2017-10-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in subcat.php in AJ Auction 1.0 allows remote attackers to execute arbitrary SQL commands via the cate_id parameter. | |||||
| CVE-2007-0242 | 1 Qt | 1 Qt | 2017-10-10 | 4.3 MEDIUM | N/A |
| The UTF-8 decoder in codecs/qutfcodec.cpp in Qt 3.3.8 and 4.2.3 does not reject long UTF-8 sequences as required by the standard, which allows remote attackers to conduct cross-site scripting (XSS) and directory traversal attacks via long sequences that decode to dangerous metacharacters. | |||||
| CVE-2007-0239 | 1 Openoffice | 1 Openoffice | 2017-10-10 | 9.3 HIGH | N/A |
| OpenOffice.org (OOo) Office Suite allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a prepared link in a crafted document. | |||||
| CVE-2007-1025 | 1 Virtualsystem | 1 Vs-link-partner | 2017-10-10 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in inc/functions_inc.php in VS-Link-Partner 2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the gb_pfad, or possibly script_pfad, parameter. | |||||
| CVE-2007-1040 | 1 Xpression News | 1 Xpression News | 2017-10-10 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in archives.php in Xpression News (X-News) 1.0.1 allows remote attackers to include arbitrary files or obtain sensitive information via a .. (dot dot) in the xnews-template parameter. | |||||