| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The Asterisk Extension Language (AEL) in pbx/pbx_ael.c in Asterisk does not properly generate extensions, which allows remote attackers to execute arbitrary extensions and have an unknown impact by specifying an invalid extension in a certain form. |
| Stack-based buffer overflow in FastStone Image Viewer 2.8 allows user-assisted remote attackers to execute arbitrary code via a crafted JPG image. |
| PHP remote file inclusion vulnerability in login/engine/db/profiledit.php in Advanced Login 0.76 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root parameter. |
| The RFC_SET_REG_SERVER_PROPERTY function in the SAP RFC Library 6.40 and 7.00 before 20070109 implements an option for exclusive access to an RFC server, which allows remote attackers to cause a denial of service (client lockout) via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. |
| SQL injection vulnerability in fotokategori.asp in Gazi Okul Sitesi 2007 allows remote attackers to execute arbitrary SQL commands via the query string. |
| Siteman 2.0.x2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing password hashes via a direct request for db/siteman/users.MYD. |
| gpg2.exe in Gpg4win 2.0.1, as used in KDE Kleopatra 2.0.11, allows remote attackers to cause a denial of service (application crash) via a long certificate signature. |
| Multiple cross-site scripting (XSS) vulnerabilities in Symantec Web Security (SWS) before 3.0.1.85 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) error messages and (2) blocked page messages produced by SWS. |
| PHP remote file inclusion vulnerability in includes/mx_common.php in the mx_tinies 1.3.0 Module for MxBB Portal 1.06 allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter. |
| PHP remote file inclusion vulnerability in ains_main.php in Johannes Gijsbers (aka Taradino) Ad Fundum Integratable News Script (AINS) 0.02b allows remote attackers to execute arbitrary PHP code via a URL in the ains_path parameter. |
| Multiple untrusted search path vulnerabilities in dstat before 0.7.0 allow local users to gain privileges via a Trojan horse Python module in (1) the current working directory or (2) a certain subdirectory of the current working directory. |
| F-Secure Anti-Virus for Linux Gateways 4.65 allows remote attackers to cause a denial of service (possibly fatal scan error), and possibly bypass virus detection, by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file. |
| Cross-site scripting (XSS) vulnerability in Google Search Appliance and Google Mini allows remote attackers to inject arbitrary web script or HTML via a UTF-7 encoded q parameter. |
| IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.3, and the Feature Pack for Web Services for WAS 6.1 before 6.1.0.25, when a WS-Security policy is established at the operation level, does not properly handle inbound requests that lack a SOAPAction or WS-Addressing Action, which allows remote attackers to bypass intended access restrictions via a crafted request to a JAX-WS application. |
| OpenBSD and NetBSD permit usermode code to kill the display server and write to the X.Org /dev/xf86 device, which allows local users with root privileges to reduce securelevel by replacing the System Management Mode (SMM) handler via a write to an SMRAM address within /dev/xf86 (aka the video card memory-mapped I/O range), and then launching the new handler via a System Management Interrupt (SMI), as demonstrated by a write to Programmed I/O port 0xB2. |
| Untrusted search path vulnerability in trickle 1.07 allows local users to execute arbitrary code via a Trojan horse trickle-overload.so in the current working directory, which is referenced in the LD_PRELOAD path. |
| The Korn shell (aka mksh) before R33d on MirOS (aka MirBSD) does not flush the tty's I/O when invoking mksh in a new terminal, which allows local users to gain privileges by opening a virtual terminal and entering command sequences, which might later be executed in opportunistic circumstances by a different user who launches mksh and specifies that terminal with the -T option. |
| Unrestricted file upload vulnerability in upload.php in YourPlace 1.0.2 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file. |
| Multiple PHP remote file inclusion vulnerabilities in Cyberfolio 2.0 RC1 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the av parameter to (1) msg/view.php, (2) msg/inc_message.php, (3) msg/inc_envoi.php, and (4) admin/incl_voir_compet.php. |
| Multiple cross-site scripting (XSS) vulnerabilities in Comersus Cart 7.07 allow remote attackers to inject arbitrary web script or HTML via the redirectUrl parameter to (1) comersus_customerAuthenticateForm.asp or (2) comersus_message.asp, different vectors than CVE-2004-0681. |
