Total
22706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-2431 | 1 Goahead | 1 Goahead Webserver | 2009-02-08 | 7.5 HIGH | N/A |
| Unspecified vulnerability in GoAhead WebServer before 2.1.4 allows remote attackers to cause "incorrect behavior" via unknown "malicious code," related to incorrect use of the socketInputBuffered function by sockGen.c. | |||||
| CVE-2009-0131 | 1 Sun | 1 Opensolaris | 2009-02-04 | 4.9 MEDIUM | N/A |
| The UFS implementation in the kernel in Sun OpenSolaris snv_29 through snv_90 allows local users to cause a denial of service (panic) via the single posix_fallocate test in the SUSv3 POSIX test suite, related to an F_ALLOCSP fcntl call. | |||||
| CVE-2003-1561 | 1 Opera | 1 Opera | 2009-01-28 | 4.3 MEDIUM | N/A |
| Opera, probably before 7.50, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data. | |||||
| CVE-2009-0066 | 1 Intel | 1 Trusted Execution Technology | 2009-01-07 | 7.6 HIGH | N/A |
| Multiple unspecified vulnerabilities in Intel system software for Trusted Execution Technology (TXT) allow attackers to bypass intended loader integrity protections, as demonstrated by exploitation of tboot. NOTE: as of 20090107, the only disclosure is a vague pre-advisory with no actionable information. However, because it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2008-4640 | 1 Sentex | 1 Jhead | 2008-12-02 | 3.6 LOW | N/A |
| The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to delete arbitrary files via vectors involving a modified input filename in which (1) a final "z" character is replaced by a "t" character or (2) a final "t" character is replaced by a "z" character. | |||||
| CVE-2008-4641 | 1 Sentex | 1 Jhead | 2008-12-02 | 10.0 HIGH | N/A |
| The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows attackers to execute arbitrary commands via shell metacharacters in unspecified input. | |||||
| CVE-2007-1489 | 1 Web-app.org | 1 Webapp | 2008-11-22 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in web-app.org Web Automated Perl Portal (WebAPP) 0.9.9.4 to 0.9.9.6 allows remote attackers to obtain admin access by modifying cookies and performing "certain consecutive actions," possibly due to a cross-site request forgery (CSRF) vulnerability. | |||||
| CVE-2007-6685 | 1 Menalto | 1 Gallery Publish Xp Module | 2008-11-14 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Publish XP module Menalto Gallery before 2.2.4 allows attackers to create albums and upload files via unknown vectors. | |||||
| CVE-2007-6686 | 1 Menalto | 1 Gallery | 2008-11-14 | 10.0 HIGH | N/A |
| The URL rewrite module in Menalto Gallery before 2.2.4 allows attackers to include and execute arbitrary local files via unknown vectors related to the admin controller. | |||||
| CVE-2007-6690 | 1 Menalto | 1 Gallery | 2008-11-14 | 10.0 HIGH | N/A |
| The Gallery Remote module in Menalto Gallery before 2.2.4 does not check permissions for unspecified GR commands, which has unknown impact and attack vectors. | |||||
| CVE-2007-6691 | 1 Menalto | 1 Gallery | 2008-11-14 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Menalto Gallery before 2.2.4 have unknown impact, related to (1) "hotlink protection" in the URL rewrite module, (2) a WebDAV view in the WebDAV module, (3) a comment view in the Comment module, (4) unspecified "item information disclosure attacks" in the Core module Gallery application, (5) the slideshow in the Slideshow module, and (6) multiple Print modules. | |||||
| CVE-2007-6693 | 1 Menalto | 1 Gallery Webcam Module | 2008-11-14 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the WebCam module in Menalto Gallery before 2.2.4 has unknown impact and attack vectors related to a "proxied request." | |||||
| CVE-2007-6715 | 1 Mozilla | 1 Firefox | 2008-11-14 | 4.3 MEDIUM | N/A |
| Mozilla Firefox allows remote attackers to cause a denial of service (crash) via crafted image, as demonstrated by the zzuf lol-firefox.gif test case. | |||||
| CVE-2007-6031 | 1 Van Dyke Technologies | 1 Vshell | 2008-11-14 | 7.8 HIGH | N/A |
| Unspecified vulnerability in VanDyke VShell 3.0.1 allows remote attackers to cause a denial of service via unspecified vectors. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine. | |||||
| CVE-2007-6097 | 1 Ingate | 2 Ingate Firewall, Ingate Siparator | 2008-11-14 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the ICMP implementation in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 has unknown impact and remote attack vectors, related to ICMP packets that are "incorrectly accepted." | |||||
| CVE-2007-5801 | 1 Work System E-commerce | 1 Work System E-commerce | 2008-11-14 | 7.5 HIGH | N/A |
| Unspecified vulnerability in WORK system e-commerce before 4.0.2 has unknown impact and attack vectors related to "Ajax pages." | |||||
| CVE-2007-5830 | 1 Avaya | 2 Message Networking, Messaging Storage Server | 2008-11-14 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the administrative interface in Avaya Messaging Storage Server (MSS) 3.1 before SP1, and Message Networking (MN) 3.1, allows remote attackers to cause a denial of service via unspecified vectors related to "input validation." | |||||
| CVE-2007-5832 | 1 Ssl-explorer | 1 Ssl-explorer | 2008-11-14 | 7.5 HIGH | N/A |
| Unspecified vulnerability in selectLanguage.do in SSL-Explorer before 0.2.15 allows remote attackers to inject (1) headers or (2) body data in an HTTP transaction, a different vulnerability than CVE-2007-2907. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-5126 | 1 Symantec | 1 Veritas Backup Exec | 2008-11-14 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the client in Symantec Veritas Backup Exec for Windows Servers 11d has unknown impact and remote attack vectors. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine. | |||||
| CVE-2007-4884 | 1 Media Player Classic | 1 Media Player Classic | 2008-11-14 | 4.3 MEDIUM | N/A |
| Media Player Classic (MPC) allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed .au file that triggers a divide-by-zero error. | |||||