Total
29518 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-5078 | 1 Polaring | 1 Polaring | 2025-04-09 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in view/general.php in Kristian Niemi Polaring 00.04.03 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _SESSION[dirMain] parameter. | |||||
| CVE-2007-0822 | 1 Linux | 1 Linux Kernel | 2025-04-09 | 1.9 LOW | N/A |
| umount, when running with the Linux 2.6.15 kernel on Slackware Linux 10.2, allows local users to trigger a NULL dereference and application crash by invoking the program with a pathname for a USB pen drive that was mounted and then physically removed, which might allow the users to obtain sensitive information, including core file contents. | |||||
| CVE-2006-6632 | 1 Genepi | 1 Genepi | 2025-04-09 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in genepi.php in Genepi 1.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the topdir parameter. | |||||
| CVE-2007-0052 | 1 Vizayn Haber | 1 Vizayn Haber | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in haberdetay.asp in Vizayn Haber allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2006-5673 | 1 Minibb | 1 Minibb | 2025-04-09 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in bb_func_txt.php in miniBB 2.0.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the pathToFiles parameter. | |||||
| CVE-2009-0897 | 1 Ibm | 1 Websphere Partner Gateway | 2025-04-09 | 4.0 MEDIUM | N/A |
| IBM WebSphere Partner Gateway (WPG) 6.1.0 before 6.1.0.1 and 6.1.1 before 6.1.1.1 allows remote authenticated users to obtain sensitive information via vectors related to the "schema DB2 instance id" and the bcgarchive (aka the archiver script). | |||||
| CVE-2007-3181 | 2 Bakbone, Firebirdsql | 2 Netvault, Firebird | 2025-04-09 | 10.0 HIGH | N/A |
| Buffer overflow in fbserver.exe in Firebird SQL 2 before 2.0.1 allows remote attackers to execute arbitrary code via a large p_cnct_count value in a p_cnct structure in a connect (0x01) request to port 3050/tcp, related to "an InterBase version of gds32.dll." | |||||
| CVE-2007-1684 | 1 Solidworks | 1 Sldimdownload Activex Control | 2025-04-09 | 9.3 HIGH | N/A |
| The Run function in SolidWorks sldimdownload ActiveX control in sldimdownload.dll before 16.0.0.6 allows remote attackers to execute arbitrary commands via the (1) installerpath and (2) applicationarguments arguments. | |||||
| CVE-2006-6093 | 1 Picturespro | 1 Picturespro Photo Cart | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in adminprint.php in PicturesPro Photo Cart 3.9 allow remote attackers to execute arbitrary PHP code via a URL in the (1) admin_folder and (2) path parameters. | |||||
| CVE-2006-6082 | 1 Creascripts | 1 Creadirectory | 2025-04-09 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in CreaScripts Creadirectory allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to addlisting.asp or the (2) search parameter to search.asp. | |||||
| CVE-2006-6417 | 1 B2evolution | 1 B2evolution | 2025-04-09 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in inc/CONTROL/import/import-mt.php in b2evolution 1.8.5 through 1.9 beta allows remote attackers to execute arbitrary PHP code via a URL in the inc_path parameter. | |||||
| CVE-2006-5013 | 1 Sun | 1 Solaris | 2025-04-09 | 7.8 HIGH | N/A |
| Sun Solaris 10 before patch 118855-16 (20060925), when run on x64 systems using IPv6, allows remote attackers to cause a denial of service (kernel panic) via crafted IPv6 packets. | |||||
| CVE-2006-5659 | 1 Pam Extern | 1 Pam Extern | 2025-04-09 | 2.1 LOW | N/A |
| PAM_extern before 0.2 sends a password as a command line argument, which allows local users to obtain the password by listing the command line arguments, such as ps. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-5760 | 2 X.org, Xfree86 Project | 2 Xserver, Xfree86-misc | 2025-04-09 | 9.3 HIGH | N/A |
| Array index error in the XFree86-Misc extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via a PassMessage request containing a large array index. | |||||
| CVE-2007-3158 | 1 Tenyearsgone | 1 Asp Folder Gallery | 2025-04-09 | 5.0 MEDIUM | N/A |
| download_script.asp in ASP Folder Gallery allows remote attackers to read arbitrary files via a filename in the file parameter. | |||||
| CVE-2007-1146 | 1 Delmaa.com | 1 Arabhost | 2025-04-09 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in function.php in arabhost allows remote attackers to execute arbitrary PHP code via a URL in the adminfolder parameter. | |||||
| CVE-2007-2386 | 1 Apple | 1 Mac Os X | 2025-04-09 | 9.4 HIGH | N/A |
| Buffer overflow in mDNSResponder in Apple Mac OS X 10.4 up to 10.4.9 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted UPnP Internet Gateway Device (IGD) packet. | |||||
| CVE-2006-5348 | 1 Oracle | 3 Collaboration Suite, E-business Suite, Http Server | 2025-04-09 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle HTTP Server 9.2.0.7, Oracle Collaboration Suite 9.0.4.2, and Oracle E-Business Suite and Applications 11.5.10CU2 has unknown impact and remote attack vectors related to HTTPS and SSL, aka Vuln# OHS05. | |||||
| CVE-2006-5778 | 1 Linux-ftpd-ssl | 1 Linux-ftpd-ssl | 2025-04-09 | 4.6 MEDIUM | N/A |
| ftpd in linux-ftpd 0.17, and possibly other versions, performs a chdir before setting the UID, which allows local users to bypass intended access restrictions by redirecting their home directory to a restricted directory. | |||||
| CVE-2007-2427 | 1 Pnflashgames | 1 Pnflashgames | 2025-04-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in the pnFlashGames 1.5 module for PostNuke allows remote attackers to execute arbitrary SQL commands via the cid parameter. | |||||