Total
34903 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-6293 | 1 Ibm | 1 Hardware Management Console | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in IBM Hardware Management Console (HMC) 6 R1.3 allow attackers to gain privileges via "some HMC commands." | ||||
| CVE-2007-6294 | 1 Ibm | 1 Hardware Management Console | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in IBM Hardware Management Console (HMC) 3 R3.7 allow attackers to gain privileges via "some HMC commands." | ||||
| CVE-2007-6691 | 1 Menalto | 1 Gallery | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in Menalto Gallery before 2.2.4 have unknown impact, related to (1) "hotlink protection" in the URL rewrite module, (2) a WebDAV view in the WebDAV module, (3) a comment view in the Comment module, (4) unspecified "item information disclosure attacks" in the Core module Gallery application, (5) the slideshow in the Slideshow module, and (6) multiple Print modules. | ||||
| CVE-2008-6549 | 1 Moinmo | 1 Moinmoin | 2026-04-23 | N/A |
| The password_checker function in config/multiconfig.py in MoinMoin 1.6.1 uses the cracklib and python-crack features even though they are not thread-safe, which allows remote attackers to cause a denial of service (segmentation fault and crash) via unknown vectors. | ||||
| CVE-2008-6542 | 1 Dotnetnuke | 1 Dotnetnuke | 2026-04-23 | N/A |
| Unspecified vulnerability in the Skin Manager in DotNetNuke before 4.8.2 allows remote authenticated administrators to perform "server-side execution of application logic" by uploading a static file that is converted into a dynamic script via unknown vectors related to HTM or HTML files. | ||||
| CVE-2008-6470 | 1 Clansphere | 1 Clansphere | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in ClanSphere before 2008.2.1 allow remote attackers to obtain sensitive information, and possibly have unknown other impact, via vectors related to "javascript insert" and the (1) mods/messages/getusers.php and (2) mods/abcode/listimg.php files. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-5676 | 1 Breach | 1 Modsecurity | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in the ModSecurity (aka mod_security) module 2.5.0 through 2.5.5 for the Apache HTTP Server, when SecCacheTransformations is enabled, allow remote attackers to cause a denial of service (daemon crash) or bypass the product's functionality via unknown vectors related to "transformation caching." | ||||
| CVE-2007-3126 | 1 Gimp | 1 Gimp | 2026-04-23 | 7.5 High |
| Gimp before 2.8.22 allows context-dependent attackers to cause a denial of service (crash) via an ICO file with an InfoHeader containing a Height of zero, a similar issue to CVE-2007-2237. | ||||
| CVE-2008-5907 | 2 Debian, Libpng | 2 Debian Linux, Libpng | 2026-04-23 | N/A |
| The png_check_keyword function in pngwutil.c in libpng before 1.0.42, and 1.2.x before 1.2.34, might allow context-dependent attackers to set the value of an arbitrary memory location to zero via vectors involving creation of crafted PNG files with keywords, related to an implicit cast of the '\0' character constant to a NULL pointer. NOTE: some sources incorrectly report this as a double free vulnerability. | ||||
| CVE-2007-3635 | 1 Squirrelmail | 2 Gpg Plugin, Squirrelmail | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in the G/PGP (GPG) Plugin before 2.1 for Squirrelmail might allow "local authenticated users" to inject certain commands via unspecified vectors. NOTE: this might overlap CVE-2005-1924, CVE-2006-4169, or CVE-2007-3634. | ||||
| CVE-2009-2596 | 1 Sun | 2 Opensolaris, Solaris | 2026-04-23 | N/A |
| Unspecified vulnerability in the Solaris Auditing subsystem in Sun Solaris 9 and 10 and OpenSolaris before snv_121, when extended file attributes are used, allows local users to cause a denial of service (panic) via vectors related to fad_aupath structure members. | ||||
| CVE-2008-4619 | 1 Sun | 1 Sunos | 2026-04-23 | N/A |
| The RPC subsystem in Sun Solaris 9 allows remote attackers to cause a denial of service (daemon crash) via a crafted request to procedure 8 in program 100000 (rpcbind), related to the XDR_DECODE operation and the taddr2uaddr function. NOTE: this might be a duplicate of CVE-2007-0165. | ||||
| CVE-2009-3322 | 1 Siemens | 1 Gigaset Se361 Wlan Router | 2026-04-23 | N/A |
| The Siemens Gigaset SE361 WLAN router allows remote attackers to cause a denial of service (device reboot) via a flood of crafted TCP packets to port 1723. | ||||
| CVE-2007-3908 | 1 Hp | 2 Cluster Object Manager, Serviceguard | 2026-04-23 | N/A |
| Unspecified vulnerability in HP ServiceGuard for Linux for Red Hat Enterprise Linux (RHEL) 2.1 SG A.11.14.04 through A.11.14.06; RHEL 3.0 SG A.11.16.04 through A.11.16.10; and ServiceGuard Cluster Object Manager B.03.01.02 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2007-0980. | ||||
| CVE-2008-6412 | 1 Vignette | 1 Vignette Content Management | 2026-04-23 | N/A |
| Unspecified vulnerability in Vignette Content Management 7.3.0.5, 7.3.1, 7.3.1.1, 7.4, and 7.5 allows "low privileged" users to gain administrator privileges via unknown attack vectors. | ||||
| CVE-2009-2643 | 1 Rim | 2 Blackberry Enterprise Server, Blackberry Professional Software | 2026-04-23 | N/A |
| Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 5.0 and BlackBerry Professional Software 4.1.4 allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .pdf file attachment, a different vulnerability than CVE-2008-3246 and CVE-2009-0219. | ||||
| CVE-2009-2651 | 1 Digium | 1 Asterisk | 2026-04-23 | N/A |
| main/rtp.c in Asterisk Open Source 1.6.1 before 1.6.1.2 allows remote attackers to cause a denial of service (crash) via an RTP text frame without a certain delimiter, which triggers a NULL pointer dereference and the subsequent calculation of an invalid pointer. | ||||
| CVE-2008-5343 | 2 Redhat, Sun | 4 Rhel Extras, Jdk, Jre and 1 more | 2026-04-23 | N/A |
| Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows remote attackers to make unauthorized network connections and hijack HTTP sessions via a crafted file that validates as both a GIF and a Java JAR file, aka "GIFAR" and CR 6707535. | ||||
| CVE-2007-2118 | 1 Oracle | 1 Database Server | 2026-04-23 | N/A |
| Unspecified vulnerability in the Upgrade/Downgrade component of Oracle Database 9.0.1.5 and 9.2.0.7 has unknown impact and attack vectors, aka DB13. NOTE: as of 20070424, Oracle has not disputed reliable claims that this is a buffer overflow involving the "mig utility." | ||||
| CVE-2008-5395 | 2 Hp, Linux | 2 Pa-risc, Linux Kernel | 2026-04-23 | N/A |
| The parisc_show_stack function in arch/parisc/kernel/traps.c in the Linux kernel before 2.6.28-rc7 on PA-RISC allows local users to cause a denial of service (system crash) via vectors associated with an attempt to unwind a stack that contains userspace addresses. | ||||