Total
10469 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-6241 | 1 Telnet Ftp Server | 1 Telnet Ftp Server | 2025-04-09 | 4.0 MEDIUM | N/A |
| Sorin Chitu Telnet-FTP Server 1.0 allows remote authenticated users to cause a denial of service (crash) via consecutive RETR commands. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-3936 | 1 Dreambox | 1 Dm500c | 2025-04-09 | 7.8 HIGH | N/A |
| The web interface in Dreambox DM500C allows remote attackers to cause a denial of service (application hang) via a long URI. | |||||
| CVE-2008-6676 | 1 Quickersite | 1 Quickersite | 2025-04-09 | 5.0 MEDIUM | N/A |
| QuickerSite 1.8.5 allows remote attackers to obtain sensitive information via a request to showThumb.aspx without any parameters, which reveals the installation path in an error message. | |||||
| CVE-2008-3286 | 1 Sierra | 1 Swat 4 | 2025-04-09 | 5.0 MEDIUM | N/A |
| SWAT 4 1.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via a (1) VERIFYCONTENT or (2) GAMECONFIG command sent to the server before user session initialization, which triggers a NULL pointer dereference; or (3) a GAMESPYRESPONSE command followed by a long RS string. | |||||
| CVE-2007-6372 | 1 Juniper | 1 Junos | 2025-04-09 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Juniper JUNOS 7.3 through 8.4 allows remote attackers to cause a denial of service (crash) via malformed BGP packets, possibly BGP UPDATE packets that trigger session flapping. | |||||
| CVE-2008-1245 | 1 Belkin | 1 F5d7230-4 | 2025-04-09 | 7.8 HIGH | N/A |
| cgi-bin/setup_virtualserver.exe on the Belkin F5D7230-4 router with firmware 9.01.10 allows remote attackers to cause a denial of service (control center outage) via an HTTP request with invalid POST data and a "Connection: Keep-Alive" header. | |||||
| CVE-2008-1278 | 1 Remotelyanywhere | 1 Remotelyanywhere | 2025-04-09 | 5.0 MEDIUM | N/A |
| The RemotelyAnywhere.exe service in the Remotely Anywhere Server and Workstation 8.0.668 and earlier allows remote attackers to cause a denial of service (crash) via an invalid Accept-Charset header, which triggers a NULL pointer dereference. NOTE: the service is automatically restarted. | |||||
| CVE-2008-3907 | 1 Newsbeuter | 1 Newsbeuter | 2025-04-09 | 6.8 MEDIUM | N/A |
| The open-in-browser command in newsbeuter before 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a feed URL. | |||||
| CVE-2007-4430 | 1 Cisco | 5 Cbos, Cli, Ids and 2 more | 2025-04-09 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows context-dependent attackers to cause a denial of service (device restart and BGP routing table rebuild) via certain regular expressions in a "show ip bgp regexp" command. NOTE: unauthenticated remote attacks are possible in environments with anonymous telnet and Looking Glass access. | |||||
| CVE-2007-5155 | 1 Iceows | 1 Iceows | 2025-04-09 | 9.3 HIGH | N/A |
| IceGUI.DLL in ICEOWS 4.20b invokes a function with incorrect arguments, which allows user-assisted remote attackers to execute arbitrary code via a long filename in the header of an ACE archive, which triggers a stack-based buffer overflow. | |||||
| CVE-2008-1862 | 1 Exbb | 1 Exbb Italia | 2025-04-09 | 6.8 MEDIUM | N/A |
| ExBB Italia 0.22 and earlier only checks GET requests that use the QUERY_STRING for certain path manipulations, which allows remote attackers to bypass this check via (1) POST or (2) COOKIE variables, a different vector than CVE-2006-4488. NOTE: this can be leveraged to conduct PHP remote file inclusion attacks via a URL in the (a) new_exbb[home_path] or (b) exbb[home_path] parameter to modules/threadstop/threadstop.php. | |||||
| CVE-2007-4970 | 1 Diamondcs | 1 Processguard | 2025-04-09 | 4.4 MEDIUM | N/A |
| ProcessGuard 3.410 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via kernel SSDT hooks for Windows Native API functions including (1) NtCreateFile, (2) NtCreateKey, (3) NtDeleteValueKey, (4) NtOpenFile, (5) NtOpenKey, and (6) NtSetValueKey. | |||||
| CVE-2007-6558 | 1 Totalplayer | 1 Totalplayer | 2025-04-09 | 4.3 MEDIUM | N/A |
| TotalPlayer 3.0 allows user-assisted remote attackers to cause a denial of service (application crash) via a large .m3u file. NOTE: this might be a duplicate of CVE-2006-6288. | |||||
| CVE-2008-0298 | 1 Apple | 2 Mac Os X, Safari | 2025-04-09 | 4.3 MEDIUM | N/A |
| KHTML WebKit as used in Apple Safari 2.x allows remote attackers to cause a denial of service (browser crash) via a crafted web page, possibly involving a STYLE attribute of a DIV element. | |||||
| CVE-2008-4404 | 1 Ibm | 1 Zseries | 2025-04-09 | 10.0 HIGH | N/A |
| The IPv6 Neighbor Discovery Protocol (NDP) implementation on IBM zSeries servers does not validate the origin of Neighbor Discovery messages, which allows remote attackers to cause a denial of service (loss of connectivity) or read private network traffic via a spoofed message that modifies the Forward Information Base (FIB), a related issue to CVE-2008-2476. | |||||
| CVE-2008-4514 | 1 Konqueror | 1 Konqueror | 2025-04-09 | 5.0 MEDIUM | N/A |
| The HTML parser in KDE Konqueror 3.5.9 allows remote attackers to cause a denial of service (application crash) via a font tag with a long color value, which triggers an assertion error. | |||||
| CVE-2007-0102 | 1 Apple | 1 Preview | 2025-04-09 | 6.8 MEDIUM | N/A |
| The Adobe PDF specification 1.3, as implemented by Apple Mac OS X Preview, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node. | |||||
| CVE-2007-5035 | 1 Openengine | 1 Openengine | 2025-04-09 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in html/modules/extranet_profile/main.php in openEngine 1.9 beta1 allows remote attackers to execute arbitrary PHP code via a URL in the this_module_path parameter. NOTE: this issue is disputed by CVE because PHP encounters a fatal function-call error on a direct request for the file, before reaching the include statement | |||||
| CVE-2007-6596 | 1 Clam Anti-virus | 1 Clamav | 2025-04-09 | 5.0 MEDIUM | N/A |
| ClamAV 0.92 does not recognize Base64 UUEncoded archives, which allows remote attackers to bypass the scanner via a Base64-UUEncoded file. | |||||
| CVE-2008-4358 | 1 Spaw Editor | 1 Spaw Php | 2025-04-09 | 10.0 HIGH | N/A |
| Unspecified vulnerability in class/theme.class.php in SPAW Editor PHP Edition before 2.0.8.1 has unknown impact and attack vectors, probably related to directory traversal sequences in the theme name. | |||||