Search Results (24238 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-2941 2 Hp, Redhat 2 Linux Imaging And Printing Project, Enterprise Linux 2025-04-09 N/A
The hpssd message parser in hpssd.py in HP Linux Imaging and Printing (HPLIP) 1.6.7 allows local users to cause a denial of service (process stop) via a crafted packet, as demonstrated by sending "msg=0" to TCP port 2207.
CVE-2009-2256 1 Netgear 1 Dg632 2025-04-09 N/A
The administrative web interface on the Netgear DG632 with firmware 3.4.0_ap allows remote attackers to cause a denial of service (web outage) via an HTTP POST request to cgi-bin/firmwarecfg.
CVE-2008-4180 1 Nooms 1 Nooms 2025-04-09 N/A
Unspecified vulnerability in db.php in NooMS 1.1 allows remote attackers to conduct brute force attacks against passwords via a username in the g_dbuser parameter and a password in the g_dbpwd parameter, and possibly a "localhost" g_dbhost parameter value, related to a "Mysql Remote Brute Force Vulnerability."
CVE-2008-6676 1 Quickersite 1 Quickersite 2025-04-09 N/A
QuickerSite 1.8.5 allows remote attackers to obtain sensitive information via a request to showThumb.aspx without any parameters, which reveals the installation path in an error message.
CVE-2008-5688 1 Mediawiki 1 Mediawiki 2025-04-09 N/A
MediaWiki 1.8.1, and other versions before 1.13.3, when the wgShowExceptionDetails variable is enabled, sometimes provides the full installation path in a debugging message, which might allow remote attackers to obtain sensitive information via unspecified requests that trigger an uncaught exception.
CVE-2009-0959 1 Apple 2 Iphone Os, Ipod Touch 2025-04-09 N/A
The MPEG-4 video codec in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to cause a denial of service (device reset) via a crafted MPEG-4 video file that triggers an "input validation issue."
CVE-2007-3711 1 3com 1 Tippingpoint Ips Tos 2025-04-09 N/A
Unspecified vulnerability in TOS 2.1.x, 2.2.x before 2.2.5, and 2.5.x before 2.5.2 on TippingPoint IPS allows remote attackers to avoid detection by sending certain fragmented packets.
CVE-2007-2931 1 Microsoft 2 Msn Messenger, Windows Live Messenger 2025-04-09 N/A
Heap-based buffer overflow in Microsoft MSN Messenger 6.2, 7.0, and 7.5, and Live Messenger 8.0 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors involving video conversation handling in Web Cam and video chat sessions.
CVE-2006-6971 1 Mozilla 1 Firefox 2025-04-09 N/A
Mozilla Firefox 2.0, possibly only when running on Windows, allows remote attackers to bypass the Phishing Protection mechanism by representing an IP address in (1) dotted-hex, (2) dotted-octal, (3) single decimal integer, (4) single hex integer, or (5) single octal integer format, which is not captured by the blacklist filter.
CVE-2008-4412 1 Hp 1 Systems Insight Manager 2025-04-09 N/A
Unspecified vulnerability in HP Systems Insight Manager (SIM) before 5.2 Update 2 (C.05.02.02.00) allows remote attackers to obtain sensitive information via unspecified vectors.
CVE-2007-5563 1 Virtuemart 1 Virtuemart 2025-04-09 N/A
Unspecified vulnerability in VirtueMart before 1.0.13 allows remote attackers to execute arbitrary PHP code via unspecified vectors.
CVE-2007-5554 1 Oracle 1 Database Server 2025-04-09 N/A
Oracle allows remote attackers to obtain server memory contents via crafted packets, aka Oracle reference number 7892711. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.
CVE-2008-1618 1 Watchguard 1 Firebox Pptp Vpn 2025-04-09 N/A
The PPTP VPN service in Watchguard Firebox before 10, when performing the MS-CHAPv2 authentication handshake, generates different error codes depending on whether the username is valid or invalid, which allows remote attackers to enumerate valid usernames.
CVE-2007-0012 1 Sun 1 Jre 2025-04-09 N/A
Sun JRE 5.0 before update 14 allows remote attackers to cause a denial of service (Internet Explorer crash) via an object tag with an encoded applet and an undefined name attribute, which triggers a NULL pointer dereference in jpiexp32.dll when the applet is decoded and passed to the JVM.
CVE-2007-6476 1 Gf 3xplorer 1 Gf 3xplorer 2025-04-09 N/A
GF-3XPLORER 2.4 allows remote attackers to obtain configuration information via a direct request to explorer/phpinfo.php, which calls the phpinfo function.
CVE-2007-0213 1 Microsoft 1 Exchange Server 2025-04-09 N/A
Microsoft Exchange Server 2000 SP3, 2003 SP1 and SP2, and 2007 does not properly decode certain MIME encoded e-mails, which allows remote attackers to execute arbitrary code via a crafted base64-encoded MIME e-mail message.
CVE-2008-1598 1 Ibm 1 Aix 2025-04-09 N/A
The kernel in IBM AIX 6.1 allows local users with ProbeVue privileges to read arbitrary kernel memory and obtain sensitive information via unspecified vectors.
CVE-2008-0277 1 Drupal 1 Fileshare Module 2025-04-09 N/A
Unspecified vulnerability in the Fileshare module for Drupal allows remote authenticated users with node-creation privileges to execute arbitrary code via unspecified vectors.
CVE-2007-5444 1 Cmsmadesimple 1 Cms Made Simple 2025-04-09 N/A
CMS Made Simple 1.1.3.1 allows remote attackers to obtain the full path via a direct request for unspecified files.
CVE-2007-3008 1 Mbedthis Software 1 Mbedthis Appweb Http Server 2025-04-09 N/A
Mbedthis AppWeb before 2.2.2 enables the HTTP TRACE method, which has unspecified impact probably related to remote information leaks and cross-site tracing (XST) attacks, a related issue to CVE-2004-2320 and CVE-2005-3398.