Total
22706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-4898 | 1 Xwiki | 1 Xwiki | 2008-11-14 | 2.1 LOW | N/A |
| Unspecified vulnerability in the Multiwiki plugin in XWiki before 1.1 Enterprise RC2 allows remote authenticated users, with administrative access to one wiki in a multiwiki environment, to obtain sensitive information via unknown attack vectors. NOTE: Some of these details are obtained from third party information. | |||||
| CVE-2007-4593 | 1 Vmware | 1 Workstation | 2008-11-14 | 6.9 MEDIUM | N/A |
| Unspecified vulnerability in vstor2-ws60.sys in VMWare Workstation 6.0 allows local users to cause a denial of service (host operating system crash) via unspecified vectors, as demonstrated by the DC2 test suite, possibly a related issue to CVE-2007-4591. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-4372 | 2 Microsoft, Netwin | 2 Windows 2003 Server, Surgemail | 2008-11-14 | 10.0 HIGH | N/A |
| Unspecified vulnerability in NetWin SurgeMail 38k on Windows Server 2003 has unknown impact and remote attack vectors. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine. | |||||
| CVE-2007-4132 | 1 Redhat | 1 Network Satelite Server | 2008-11-14 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in Red Hat Network Satellite Server 5.0.0 allows remote authenticated users to execute arbitrary code via unknown vectors in a "back-end XMLRPC handler." | |||||
| CVE-2007-3669 | 1 Innovasys | 1 Dockstudioxp | 2008-11-14 | 4.3 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in the Innovasys DockStudioXP InnovaDSXP2.OCX ActiveX Control have unspecified attack vectors and impact, including a denial of service via "improper use" of the SaveToFile function. | |||||
| CVE-2007-6610 | 1 Debian | 1 Unp | 2008-11-14 | 10.0 HIGH | N/A |
| unp 1.0.12, and other versions before 1.0.14, does not properly escape file names, which might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename argument. NOTE: this might only be a vulnerability when unp is invoked by a third party product. | |||||
| CVE-2007-3634 | 1 Squirrelmail | 2 Gpg Plugin, Squirrelmail | 2008-11-14 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in the G/PGP (GPG) Plugin 2.0 for Squirrelmail 1.4.10a allows remote authenticated users to execute arbitrary commands via unspecified vectors, possibly related to the passphrase variable in the gpg_sign_attachment function, aka ZD-00000004. this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine. | |||||
| CVE-2007-3635 | 1 Squirrelmail | 2 Gpg Plugin, Squirrelmail | 2008-11-14 | 4.3 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in the G/PGP (GPG) Plugin before 2.1 for Squirrelmail might allow "local authenticated users" to inject certain commands via unspecified vectors. NOTE: this might overlap CVE-2005-1924, CVE-2006-4169, or CVE-2007-3634. | |||||
| CVE-2007-3668 | 1 Numedia Soft Inc | 1 Nmsdvdx Dvd Burning Sdk | 2008-11-14 | 5.0 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in NMSDVDXU.DLL in NuMedia NMSDVDX allow remote attackers to cause a denial of service via "improperly initialized" (1) LoadSegmentWord, (2) PartitionType, (3) SectorCount, and (4) BootFilePath variables. | |||||
| CVE-2007-2176 | 1 Mozilla | 1 Firefox | 2008-11-12 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Mozilla Firefox allows remote attackers to execute arbitrary code via unspecified vectors involving Javascript errors. NOTE: this might be the same issue as CVE-2007-2175. | |||||
| CVE-2008-2388 | 1 Opensuse | 1 Opensuse | 2008-09-10 | 10.0 HIGH | N/A |
| Multiple off-by-one errors in opensuse-updater in openSUSE 10.2 have unspecified impact and attack vectors. NOTE: the vendor states that these "can be considered no security problem." | |||||
| CVE-2005-4847 | 1 Spey | 1 Spey | 2008-09-10 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Spey 0.3.3 has unknown impact and attack vectors related to "A number of security holes which could lead to compromise," a different issue than CVE-2005-4846. | |||||
| CVE-2003-0216 | 1 Cisco | 1 Catos | 2008-09-10 | 9.3 HIGH | N/A |
| Unknown vulnerability in Cisco Catalyst 7.5(1) allows local users to bypass authentication and gain access to the enable mode without a password. | |||||
| CVE-2008-3891 | 1 Google | 1 Google Apps | 2008-09-05 | 7.5 HIGH | N/A |
| The SAML Single Sign-On (SSO) Service for Google Apps allows remote service providers to impersonate users at arbitrary service providers via vectors related to authentication responses that lack a request identifier and recipient field. | |||||
| CVE-2008-3376 | 1 Jamroom | 1 Jamroom | 2008-09-05 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in JamRoom before 3.4.0 have unknown impact and attack vectors. | |||||
| CVE-2008-1200 | 1 Microsoft | 2 Access, Jet | 2008-09-05 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Microsoft Access allows remote user-assisted attackers to execute arbitrary code via a crafted .MDB file, possibly related to Jet Engine (msjet40.dll). NOTE: this is probably a different issue than CVE-2007-6026. | |||||
| CVE-2008-0824 | 1 Caroline | 1 Caroline | 2008-09-05 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the php2phps function in Claroline before 1.8.9 has unknown impact and attack vectors. | |||||
| CVE-2008-0731 | 3 Linux, Novell, Suse | 3 Linux Kernel, Apparmor, Open Suse | 2008-09-05 | 7.5 HIGH | N/A |
| The Linux kernel before 2.6.18.8-0.8 in SUSE openSUSE 10.2 does not properly handle failure of an AppArmor change_hat system call, which might allow attackers to trigger the unconfining of an apparmored task. | |||||
| CVE-2007-6030 | 1 Weird Solutions | 1 Bootpturbo | 2008-09-05 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Weird Solutions BOOTPTurbo 1.2 has unknown impact and remote attack vectors. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine. | |||||
| CVE-2007-6210 | 1 Zabbix | 1 Zabbix Agentd | 2008-09-05 | 2.1 LOW | N/A |
| zabbix_agentd 1.1.4 in ZABBIX before 1.4.3 runs "UserParameter" scripts with gid 0, which might allow local users to gain privileges. | |||||