ReportizFlow
Filtered by vendor
Subscriptions
Total
13197 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-2805 | 2 Mozilla, Redhat | 3 Firefox, Seamonkey, Enterprise Linux | 2026-04-23 | N/A |
| Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow remote attackers to force the upload of arbitrary local files from a client computer via vectors involving originalTarget and DOM Range. | ||||
| CVE-2008-3127 | 1 Hiox India | 1 Banner Rotator | 2026-04-23 | N/A |
| PHP remote file inclusion vulnerability in hioxBannerRotate.php in HIOX Banner Rotator (HBR) 1.3, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the hm parameter. | ||||
| CVE-2008-0088 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2026-04-23 | N/A |
| Unspecified vulnerability in Active Directory on Microsoft Windows 2000 and Windows Server 2003, and Active Directory Application Mode (ADAM) on XP and Server 2003, allows remote attackers to cause a denial of service (hang and restart) via a crafted LDAP request. | ||||
| CVE-2008-0101 | 1 White Dune | 1 White Dune | 2026-04-23 | N/A |
| Format string vulnerability in the swDebugf function in DuneApp.cpp in White_Dune 0.29 beta791 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a .WRL file. | ||||
| CVE-2007-5041 | 1 Gdata | 1 Internetsecurity 2007 | 2026-04-23 | N/A |
| G DATA InternetSecurity 2007 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey and (2) NtOpenProcess kernel SSDT hooks. | ||||
| CVE-2008-2735 | 1 Cisco | 1 Adaptive Security Appliance 5500 | 2026-04-23 | N/A |
| The HTTP server in Cisco Adaptive Security Appliance (ASA) 5500 devices 8.0 before 8.0(3)15 and 8.1 before 8.1(1)5, when configured as a clientless SSL VPN endpoint, does not properly process URIs, which allows remote attackers to cause a denial of service (device reload) via a URI in a crafted SSL or HTTP packet, aka Bug ID CSCsq19369. | ||||
| CVE-2007-1693 | 1 Yate | 1 Yet Another Telephony Engine | 2026-04-23 | N/A |
| The SIP channel module in Yet Another Telephony Engine (Yate) before 1.2.0 sets the caller_info_uri parameter using an incorrect variable that can be NULL, which allows remote attackers to cause a denial of service (NULL dereference and application crash) via a Call-Info header without a purpose parameter. | ||||
| CVE-2006-6241 | 1 Telnet Ftp Server | 1 Telnet Ftp Server | 2026-04-23 | N/A |
| Sorin Chitu Telnet-FTP Server 1.0 allows remote authenticated users to cause a denial of service (crash) via consecutive RETR commands. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-3291 | 2 Php, Redhat | 2 Php, Enterprise Linux | 2026-04-23 | N/A |
| The php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates. | ||||
| CVE-2002-2428 | 1 Goahead | 1 Goahead Webserver | 2026-04-23 | N/A |
| webs.c in GoAhead WebServer before 2.1.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an HTTP POST request that contains a Content-Length header but no body data. | ||||
| CVE-2007-4755 | 1 Cor Entertainment | 1 Alien Arena 2007 | 2026-04-23 | N/A |
| Alien Arena 2007 6.10 and earlier allows remote attackers to cause a denial of service (client disconnect) by sending a client_connect command in a forged packet from the server to a client. NOTE: client IP addresses are available via product-specific queries. | ||||
| CVE-2009-4488 | 1 Varnish.projects.linpro | 1 Varnish | 2026-04-23 | 9.8 Critical |
| Varnish 2.0.6 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator. NOTE: the vendor disputes the significance of this report, stating that "This is not a security problem in Varnish or any other piece of software which writes a logfile. The real problem is the mistaken belief that you can cat(1) a random logfile to your terminal safely. | ||||
| CVE-2007-6558 | 1 Totalplayer | 1 Totalplayer | 2026-04-23 | N/A |
| TotalPlayer 3.0 allows user-assisted remote attackers to cause a denial of service (application crash) via a large .m3u file. NOTE: this might be a duplicate of CVE-2006-6288. | ||||
| CVE-2007-0071 | 2 Adobe, Redhat | 2 Flash Player, Rhel Extras | 2026-04-23 | N/A |
| Integer overflow in Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows remote attackers to execute arbitrary code via a crafted SWF file with a negative Scene Count value, which passes a signed comparison, is used as an offset of a NULL pointer, and triggers a buffer overflow. | ||||
| CVE-2008-3818 | 1 Cisco | 7 Ons, Ons 15310-cl, Ons 15310-ma and 4 more | 2026-04-23 | N/A |
| Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 with software 7.0.2 through 7.0.6, 7.2.2, 8.0.x, 8.5.1, and 8.5.2 allows remote attackers to cause a denial of service (control-card reset) via a crafted TCP session. | ||||
| CVE-2008-0475 | 1 Manageengine | 1 Applications Manager | 2026-04-23 | N/A |
| ManageEngine Applications Manager 8.1 build 8100 allows remote attackers to obtain sensitive information ( Home->Summary) via an invalid URI, as demonstrated by the "/-" URI. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-4905 | 1 Auracms | 1 Auracms | 2026-04-23 | N/A |
| Unrestricted file upload vulnerability in mod/contak.php in AuraCMS 2.1 allows remote attackers to upload and execute arbitrary PHP files via the image parameter, which places a file under files/. | ||||
| CVE-2007-4915 | 1 Boa | 1 Boa Webserver | 2026-04-23 | N/A |
| The Intersil isl3893 extensions for Boa 0.93.15, as used on the FreeLan RO80211G-AP and other devices, do not prevent stack writes from entering memory locations used for string constants, which allows remote attackers to change the admin password stored in memory via a long username in an HTTP Basic Authentication request. | ||||
| CVE-2008-5712 | 1 Kde | 1 Konqueror | 2026-04-23 | N/A |
| The HTML parser in KDE Konqueror 3.5.9 allows remote attackers to cause a denial of service (application crash) via (1) a long COLOR attribute in an HR element; or a long (a) BGCOLOR or (b) BORDERCOLOR attribute in a (2) TABLE, (3) TD, or (4) TR element. NOTE: the FONT vector is already covered by CVE-2008-4514. | ||||
| CVE-2007-5066 | 1 Webmin | 1 Webmin | 2026-04-23 | N/A |
| Unspecified vulnerability in Webmin before 1.370 on Windows allows remote authenticated users to execute arbitrary commands via a crafted URL. | ||||