Total
258583 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1589 | 1 Ibm | 1 Aix | 2008-09-05 | 7.2 HIGH | N/A |
| Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users to gain root privileges via unknown attack vectors. | |||||
| CVE-2007-3967 | 1 Dirlist | 1 Dirlist Php | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in PHP Directory Lister (dirLIST) before 0.1.1 allows remote attackers to list the contents of a parent directory via a .. (dot dot) in the folder parameter. | |||||
| CVE-2004-2683 | 1 Intersystems | 1 Cache | 2008-09-05 | 2.1 LOW | N/A |
| Unspecified vulnerability in the %XML.Utils.SchemaServer class in InterSystems Cache' 5.0 allows attackers to access arbitrary files on a server. | |||||
| CVE-2004-2706 | 1 Phrozensmoke | 1 Gyach Enhanced | 2008-09-05 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Gyach Enhanced (Gyach-E) before 1.0.4 allows remote attackers to cause a denial of service (crash) via conference packets with error messages. | |||||
| CVE-2007-4039 | 1 Mozilla | 1 Mozilla | 2008-09-05 | 4.3 MEDIUM | N/A |
| Argument injection vulnerability involving Mozilla, when certain URIs are registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in an unspecified URI, which are inserted into the command line when invoking the handling process, a similar issue to CVE-2007-3670. | |||||
| CVE-2008-2173 | 1 Yamaha | 1 Router | 2008-09-05 | 7.1 HIGH | N/A |
| Unspecified vulnerability in Yamaha routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372. | |||||
| CVE-2007-0342 | 2 Apple, Omnigroup | 4 Mac Os X, Safari, Webkit and 1 more | 2008-09-05 | 4.3 MEDIUM | N/A |
| WebCore in Apple WebKit build 18794 allows remote attackers to cause a denial of service (null dereference and application crash) via a TD element with a large number in the ROWSPAN attribute, as demonstrated by a crash of OmniWeb 5.5.3 on Mac OS X 10.4.8, a different vulnerability than CVE-2006-2019. | |||||
| CVE-2005-1812 | 1 Futuresoft | 1 Tftp Server 2000 | 2008-09-05 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allow remote attackers to execute arbitrary code via a long (1) filename or (2) transfer mode string in a Read Request (RRQ) or Write Request (WRQ) packet. | |||||
| CVE-2007-4043 | 1 Securecomputing | 1 Securityreporter | 2008-09-05 | 5.0 MEDIUM | N/A |
| file.cgi in Secure Computing SecurityReporter (aka Network Security Analyzer) before 4.6.3 allows remote attackers to bypass authentication via a name parameter ending with a "%00.gif" sequence. NOTE: a separate traversal vulnerability could be leveraged to download arbitrary files. | |||||
| CVE-2008-2170 | 1 Century Software | 1 Router | 2008-09-05 | 7.1 HIGH | N/A |
| Unspecified vulnerability in Century routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372. | |||||
| CVE-2007-3652 | 1 Fascript | 1 Faname | 2008-09-05 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in class/page.php in Farsi Script (aka FaScript) FaName 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: this might be the same issue as CVE-2008-0328. | |||||
| CVE-2008-2169 | 2 Avici, Hitachi | 4 Router, Gr2000, Gr3000 and 1 more | 2008-09-05 | 7.1 HIGH | N/A |
| Unspecified vulnerability in Avici routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue to CVE-2007-6372. | |||||
| CVE-2006-7221 | 1 Fsp | 1 C Library | 2008-09-05 | 5.0 MEDIUM | N/A |
| Multiple off-by-one errors in fsplib.c in fsplib before 0.8 allow attackers to cause a denial of service via unspecified vectors involving the (1) name and (2) d_name entry attributes. | |||||
| CVE-2007-1966 | 1 Exv2 | 1 Content Management System | 2008-09-05 | 5.0 MEDIUM | N/A |
| Session fixation vulnerability in eXV2 CMS 2.0.4.3 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID cookie. | |||||
| CVE-2007-3650 | 1 Mywebland | 1 Mybloggie | 2008-09-05 | 5.0 MEDIUM | N/A |
| myWebland myBloggie 2.1.6 allow remote attackers to obtain sensitive information via (1) an invalid year parameter to calendar.php, reached through index.php; (2) a direct request to common.php; and (3) a mode array parameter in the query string to login.php, which reveal the installation path in various error messages. | |||||
| CVE-2004-2687 | 2 Apple, Samba | 2 Xcode, Samba | 2008-09-05 | 9.3 HIGH | N/A |
| distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed by the server without authorization checks. | |||||
| CVE-2007-3651 | 1 Fascript | 1 Faname | 2008-09-05 | 4.3 MEDIUM | N/A |
| class/page.php in Farsi Script (aka FaScript) FaName 1.0 allows remote attackers to obtain sensitive information via a '; (quote semicolon) sequence in the id parameter, which reveals the installation path in an error message. | |||||
| CVE-2007-5928 | 1 Openbase International Ltd | 1 Openbase | 2008-09-05 | 9.0 HIGH | N/A |
| OpenBase 10.0.5 and earlier allows remote authenticated users to trigger a free of an arbitrary memory location via long strings in a SELECT statement. NOTE: this might be a buffer overflow, but it is not clear. | |||||
| CVE-2007-5954 | 1 Jlmforo System | 1 Jlmforo System | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in buscador.php in JLMForo System allows remote attackers to inject arbitrary web script or HTML via the clave parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-1999-0635 | 2007-07-13 | N/A | N/A | ||
| The echo service is running. | |||||