Search Results (29943 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-1716 1 Redhat 1 Enterprise Linux 2026-04-23 N/A
pam_console does not properly restore ownership for certain console devices when there are multiple users logged into the console and one user logs out, which might allow local users to gain privileges.
CVE-2007-4785 1 Sony 1 Micro Vault Fingerprint Access Software 2026-04-23 N/A
Sony Micro Vault Fingerprint Access Software, as distributed with Sony Micro Vault USM-F USB flash drives, installs a driver that hides a directory under %WINDIR%, which might allow remote attackers to bypass malware detection by placing files in this directory.
CVE-2007-1714 1 Cccounter 1 Cccounter 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in index.php in CcCounter 2.0 allows remote attackers to inject arbitrary web script or HTML via dir parameter.
CVE-2007-1657 1 Python Software Foundation 1 Python 2026-04-23 N/A
Stack-based buffer overflow in the file_compress function in minigzip (Modules/zlib) in Python 2.5 allows context-dependent attackers to execute arbitrary code via a long file argument.
CVE-2007-1663 2 Debian, Ekg 2 Debian Linux, Ekg 2026-04-23 N/A
Memory leak in the image message functionality in ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service.
CVE-2007-1978 1 Php Fusion 1 Arcade Module 2026-04-23 N/A
SQL injection vulnerability in index.php in the Arcade 1.00 module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view_game_list action.
CVE-2006-7075 1 Aqualung 1 Aqualung 2026-04-23 N/A
Buffer overflow in the meta_read_flac function in meta_decoder.c for Aqualung 0.9beta5 and earlier, and CVS 0.193.2 and earlier, allows user-assisted attackers to execute arbitrary code via a long Vorbis comment in a Free Lossless Audio Codec (FLAC) file.
CVE-2006-6174 1 Tdiary 1 Tdiary 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in tDiary before 2.0.3 and 2.1.x before 2.1.4.20061126 allows remote attackers to inject arbitrary web script or HTML via the conf parameter in (1) tdiary.rb and (2) skel/conf.rhtml.
CVE-2007-2241 1 Isc 1 Bind 2026-04-23 N/A
Unspecified vulnerability in query.c in ISC BIND 9.4.0, and 9.5.0a1 through 9.5.0a3, when recursion is enabled, allows remote attackers to cause a denial of service (daemon exit) via a sequence of queries processed by the query_addsoa function.
CVE-2006-6182 1 Gabriele Teotino 1 Gnotebook 2026-04-23 N/A
The Gabriele Teotino GNotebook 0.7.0.1 gadget for Google Desktop stores Gmail passwords in plaintext in the %SYSTEMDRIVE%\temp\Gnotebook.txt log file, which allows local users to obtain passwords by reading the file.
CVE-2006-4398 1 Apple 1 Mac Os X 2026-04-23 N/A
Multiple buffer overflows in the Apple Type Services (ATS) server in Mac OS X 10.4 through 10.4.8 allow local users to execute arbitrary code via crafted service requests.
CVE-2006-4169 1 Squirrelmail 1 Gpg Plugin 2026-04-23 N/A
Multiple directory traversal vulnerabilities in the G/PGP (GPG) Plugin 2.0, and 2.1dev before 20070614, for Squirrelmail allow remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the help parameter to (1) gpg_help.php or (2) gpg_help_base.php.
CVE-2007-1792 1 Symantec 2 Mail Security, Mail Security 8820 Appliance 2026-04-23 N/A
libdayzero.dll in the Filter Hub Service (filter-hub.exe) in Symantec Mail Security for SMTP before 5.0.1 Patch 181 and Mail Security Appliance before 5.0.0-36 allows remote attackers to cause a denial of service (crash) via a crafted executable attachment in an e-mail, involving the detection of "PE-Shield v0.2" and "ASPack v1.00-1.08.02".
CVE-2006-6184 1 Alliedtelesyn 1 At-tftp 2026-04-23 N/A
Multiple stack-based buffer overflows in Allied Telesyn TFTP Server (AT-TFTP) 1.9, and possibly earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a long filename in a (1) GET or (2) PUT command.
CVE-2006-4393 1 Apple 1 Mac Os X 2026-04-23 N/A
Unspecified vulnerability in LoginWindow in Apple Mac OS X 10.4 through 10.4.7, when Fast User Switching is enabled, allows local users to gain access to Kerberos tickets of other users.
CVE-2006-6186 1 Enomphp 1 Enomphp 2026-04-23 N/A
Multiple directory traversal vulnerabilities in enomphp 4.0 allow remote attackers to read arbitrary files via a .. (dot dot) in the dir parameter to (1) config.php, (2) ranklv_inside.php, (3) rankml_inside.php, and (4) admin/Restore/config.php.
CVE-2006-5952 1 Asp Smiley 1 Asp Smiley 2026-04-23 N/A
SQL injection vulnerability in admin/default.asp in ASP Smiley 1.0 allows remote attackers to execute arbitrary SQL commands via the Username field.
CVE-2007-2200 1 Pagode 1 Pagode 2026-04-23 N/A
Directory traversal vulnerability in navigator/navigator_ok.php in Pagode 0.5.8 allows remote attackers to read and possibly delete arbitrary files via a .. (dot dot) in the asolute parameter.
CVE-2006-6599 1 Torrentflux 1 Torrentflux 2026-04-23 N/A
maketorrent.php in TorrentFlux 2.2 allows remote authenticated users to execute arbitrary commands via shell metacharacters (";" semicolon) in the announce parameter.
CVE-2007-2204 1 Gpl Php Board 1 Gpl Php Board 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in GPL PHP Board (GPB) unstable-2001.11.14-1 allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) db.mysql.inc.php or (2) gpb.inc.php in include/, or the (3) theme parameter to themes/ubb/login.php.