Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-4162 1 Tibco 1 Rendezvous 2026-04-23 N/A
TIBCO Rendezvous (RV) 7.5.2 does not protect confidentiality or integrity of inter-daemon communication, which allows remote attackers to capture and spoof traffic.
CVE-2007-3419 1 Web-app.org 1 Webapp 2026-04-23 N/A
The editprofile3 function in cgi-bin/cgi-lib/user.pl in web-app.org WebAPP before 0.9.9.7 does not properly check the (1) themes.dat, (2) languages.dat, (3) profession.dat, (4) gen.dat, (5) marstat.dat, (6) states.dat, and (7) ages.dat files before saving profile settings of members, which has unknown impact and remote attack vectors.
CVE-2009-2946 2 Debian, Devscripts Devel Team 2 Linux, Devscripts 2026-04-23 N/A
Eval injection vulnerability in scripts/uscan.pl before Rev 1984 in devscripts allows remote attackers to execute arbitrary Perl code via crafted pathnames on distribution servers for upstream source code used in Debian GNU/Linux packages.
CVE-2008-5503 2 Mozilla, Redhat 4 Firefox, Seamonkey, Thunderbird and 1 more 2026-04-23 N/A
The loadBindingDocument function in Mozilla Firefox 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 does not perform any security checks related to the same-domain policy, which allows remote attackers to read or access data from other domains via crafted XBL bindings.
CVE-2007-2167 1 Aimstats 1 Aimstats 2026-04-23 N/A
Static code injection vulnerability in process.php in AimStats 3.2 allows remote attackers to inject PHP code into config.php via the number parameter in an update action.
CVE-2007-3422 1 Web-app.org 1 Webapp 2026-04-23 N/A
The getcgi function in cgi-bin/cgi-lib/subs.pl in web-app.org WebAPP before 0.9.9.7 attempts to parse query strings that contain (1) non-printing characters, (2) certain printing characters that do not commonly occur in URLs, or (3) invalid URL encoding sequences, which has unknown impact and remote attack vectors.
CVE-2007-4164 1 Sun 1 Java System Web Server 2026-04-23 N/A
CRLF injection vulnerability in the redirect feature in Sun Java System Web Server 6.1 and 7.0 before 20070802, when the redirect Server Application Function (SAF) uses the url-prefix parameter and escape is disabled, or an Error directive uses the url-prefix parameter in obj.conf, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks.
CVE-2007-3430 1 Simple Invoices 1 Simple Invoices 2026-04-23 N/A
SQL injection vulnerability in index.php in Simple Invoices 2007 05 25 allows remote attackers to execute arbitrary SQL commands via the submit parameter in an email action.
CVE-2009-2090 1 Ibm 1 Websphere Application Server 2026-04-23 N/A
Unspecified vulnerability in wsadmin in the System Management/Repository component in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.5 allows remote attackers to bypass intended Java Management Extensions (JMX) Management Beans (aka MBeans) access restrictions, and cause a denial of service (daemon stop), via unknown vectors.
CVE-2006-7212 1 Firebirdsql 1 Firebird 2026-04-23 N/A
Multiple buffer overflows in Firebird 1.5, one of which affects WNET, have unknown impact and attack vectors. NOTE: this issue might overlap CVE-2006-1240.
CVE-2007-4167 1 Al-caricatier 1 Al-caricatier 2026-04-23 N/A
PHP remote file inclusion vulnerability in cat_viewed.php in AL-Caricatier 2.5 allows remote attackers to execute arbitrary PHP code via a URL in the CatName parameter.
CVE-2006-7214 1 Firebirdsql 1 Firebird 2026-04-23 N/A
Multiple unspecified vulnerabilities in Firebird 1.5 allow remote attackers to (1) cause a denial of service (application crash) by sending many remote protocol versions; and (2) cause a denial of service (connection drop) via certain network traffic, as demonstrated by Nessus vulnerability scanning.
CVE-2007-4179 1 Hp 2 Address And Routing Parameter Area\(arpa\) Transport, Hp-ux 2026-04-23 N/A
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors. NOTE: this is probably different from CVE-2007-0916, but this is not certain due to lack of vendor details.
CVE-2007-2721 2 Jasper Jpeg-2000, Redhat 2 Jasper Jpeg-2000, Enterprise Linux 2026-04-23 N/A
The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer JPEG-2000 library (libjasper) before 1.900 allows remote user-assisted attackers to cause a denial of service (crash) and possibly corrupt the heap via malformed image files, as originally demonstrated using imagemagick convert.
CVE-2007-2203 1 Big Blue 1 Guestbook 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Big Blue Guestbook allows remote attackers to inject arbitrary web script or HTML via the message field in the guestbook entry submission form.
CVE-2007-2342 1 Creascripts 1 Creadirectory 2026-04-23 N/A
SQL injection vulnerability in error.asp in CreaScripts CreaDirectory 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2006-6083.
CVE-2007-4184 1 Joomla 1 Joomla 2026-04-23 N/A
SQL injection vulnerability in administrator/popups/pollwindow.php in Joomla! 1.0.12 allows remote attackers to execute arbitrary SQL commands via the pollid parameter.
CVE-2007-3431 1 Valerio Capello 1 Dagger - The Cutting Edge 2026-04-23 N/A
PHP remote file inclusion vulnerability in cal.func.php in Valerio Capello Dagger - The Cutting Edge r23jan2007 allows remote attackers to execute arbitrary PHP code via a URL in the dir_edge_lang parameter.
CVE-2007-0077 1 Lblog 1 Lblog 2026-04-23 N/A
lblog stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for a certain file in admin/db/newFolder/.
CVE-2006-7211 1 Firebirdsql 1 Firebird 2026-04-23 N/A
fb_lock_mgr in Firebird 1.5 uses weak permissions (0666) for the semaphore array, which allows local users to cause a denial of service (blocked query processing) by locking semaphores.