Total
13605 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-5569 | 1 Cisco | 3 Adaptive Security Appliance, Adaptive Security Appliance Software, Pix 500 | 2026-04-23 | N/A |
| Cisco PIX and ASA appliances with 7.1 and 7.2 software, when configured for TLS sessions to the device, allow remote attackers to cause a denial of service (device reload) via a crafted TLS packet, aka CSCsg43276 and CSCsh97120. | ||||
| CVE-2007-5570 | 1 Cisco | 1 Firewall Services Module | 2026-04-23 | N/A |
| Cisco Firewall Services Module (FWSM) 3.2(1), and 3.1(5) and earlier, allows remote attackers to cause a denial of service (device reload) via a crafted HTTPS request, aka CSCsi77844. | ||||
| CVE-2007-5568 | 1 Cisco | 2 Adaptive Security Appliance Software, Firewall Services Module | 2026-04-23 | N/A |
| Cisco PIX and ASA appliances with 7.0 through 8.0 software, and Cisco Firewall Services Module (FWSM) 3.1(5) and earlier, allow remote attackers to cause a denial of service (device reload) via a crafted MGCP packet, aka CSCsi90468 (appliance) and CSCsi00694 (FWSM). | ||||
| CVE-2007-4738 | 1 Speedtech | 1 Stphplibrary | 2026-04-23 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in SpeedTech PHP Library (STPHPLibrary) 0.8.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) db_conf or (2) ADODB_DIR parameter to utils/stphpimage_show.php; or a URL in the STPHPLIB_DIR parameter to (3) stphpbutton.php, (4) stphpcheckbox.php, (5) stphpcheckboxwithcaption.php, (6) stphpcheckgroup.php, (7) stphpcomponent.php, (8) stphpcontrolwithcaption.php, (9) stphpedit.php, (10) stphpeditwithcaption.php, (11) stphphr.php, (12) stphpimage.php, (13) stphpimagewithcaption.php, (14) stphplabel.php, (15) stphplistbox.php, (16) stphplistboxwithcaption.php, (17) stphplocale.php, (18) stphppanel.php, (19) stphpradiobutton.php, (20) stphpradiobuttonwithcaption.php, (21) stphpradiogroup.php, (22) stphprichbutton.php, (23) stphpspacer.php, (24) stphptable.php, (25) stphptablecell.php, (26) stphptablerow.php, (27) stphptabpanel.php, (28) stphptabtitle.php, (29) stphptextarea.php, (30) stphptextareawithcaption.php, (31) stphptoolbar.php, (32) stphpwindow.php, (33) stphpxmldoc.php, or (34) stphpxmlelement.php, a different set of vectors than CVE-2007-4737. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-5563 | 1 Virtuemart | 1 Virtuemart | 2026-04-23 | N/A |
| Unspecified vulnerability in VirtueMart before 1.0.13 allows remote attackers to execute arbitrary PHP code via unspecified vectors. | ||||
| CVE-2007-4732 | 1 Sun | 1 Solaris | 2026-04-23 | N/A |
| Unspecified vulnerability in the strfreectty function in the Special File System (SPECFS) in Sun Solaris 8 through 10 allows local users to cause a denial of service (system panic), related to passing a NULL pointer to the pgsignal function. | ||||
| CVE-2007-5557 | 1 Nec | 1 Mobile Handset | 2026-04-23 | N/A |
| Unspecified vulnerability in the NEC mobile handset allows remote attackers to cause a denial of service (reboot) via crafted packets. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | ||||
| CVE-2007-5556 | 1 Avaya | 1 Voip Handset | 2026-04-23 | N/A |
| Unspecified vulnerability in the Avaya VoIP Handset allows remote attackers to cause a denial of service (reboot) via crafted packets. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | ||||
| CVE-2007-5541 | 1 Opera | 1 Opera Browser | 2026-04-23 | N/A |
| Unspecified vulnerability in Opera before 9.24, when using an "external" newsgroup or e-mail client, allows remote attackers to execute arbitrary commands via unknown vectors. | ||||
| CVE-2008-5537 | 2 Microsoft, Pctools | 2 Internet Explorer, Pctools Antivirus | 2026-04-23 | N/A |
| PC Tools AntiVirus 4.4.2.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit. | ||||
| CVE-2008-4133 | 1 D-link | 1 Dir-100 | 2026-04-23 | N/A |
| The web proxy service on the D-Link DIR-100 with firmware 1.12 and earlier does not properly filter web requests with large URLs, which allows remote attackers to bypass web restriction filters. | ||||
| CVE-2008-5543 | 2 Microsoft, Symantec | 2 Internet Explorer, Antivirus | 2026-04-23 | N/A |
| Symantec AntiVirus (SAV) 10, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit. | ||||
| CVE-2008-5547 | 1 Hauri | 1 Virobot | 2026-04-23 | N/A |
| HAURI ViRobot 2008.12.4.1499 and possibly 2008.9.12.1375, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit. | ||||
| CVE-2008-5887 | 1 Tincan | 1 Phplist | 2026-04-23 | N/A |
| phplist before 2.10.8 allows remote attackers to include files via unknown vectors, related to a "local file include vulnerability." | ||||
| CVE-2007-3391 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2026-04-23 | N/A |
| Wireshark 0.99.5 allows remote attackers to cause a denial of service (memory consumption) via a malformed DCP ETSI packet that triggers an infinite loop. | ||||
| CVE-2009-2583 | 1 Ibm | 1 Tivoli Identity Manager | 2026-04-23 | N/A |
| Multiple session fixation vulnerabilities in IBM Tivoli Identity Manager (ITIM) 5.0.0.6 allow remote attackers to hijack web sessions via unspecified vectors involving the (1) console and (2) self service interfaces. | ||||
| CVE-2008-6171 | 1 Drupal | 1 Drupal | 2026-04-23 | N/A |
| includes/bootstrap.inc in Drupal 5.x before 5.12 and 6.x before 6.6, when the server is configured for "IP-based virtual hosts," allows remote attackers to include and execute arbitrary files via the HTTP Host header. | ||||
| CVE-2008-6298 | 1 Rocketeer.dip | 1 Sisapilocation | 2026-04-23 | N/A |
| Unspecified vulnerability in sISAPILocation before 1.0.2.2 allows remote attackers to bypass intended access restrictions for character encoding and the cookie secure flag via unknown vectors related to the "HTTP header rewrite function." | ||||
| CVE-2009-2622 | 1 Squid-cache | 1 Squid | 2026-04-23 | N/A |
| Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 allows remote attackers to cause a denial of service via malformed requests including (1) "missing or mismatched protocol identifier," (2) missing or negative status value," (3) "missing version," or (4) "missing or invalid status number," related to (a) HttpMsg.cc and (b) HttpReply.cc. | ||||
| CVE-2008-5014 | 4 Canonical, Debian, Mozilla and 1 more | 6 Ubuntu Linux, Debian Linux, Firefox and 3 more | 2026-04-23 | N/A |
| jslock.cpp in Mozilla Firefox 3.x before 3.0.2, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying the window.__proto__.__proto__ object in a way that causes a lock on a non-native object, which triggers an assertion failure related to the OBJ_IS_NATIVE function. | ||||