| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Multiple directory traversal vulnerabilities in GenCMS 2006 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) p parameter to show.php and the (2) Template parameter to admin/pages/SiteNew.php. |
| Multiple buffer overflows in squidGuard 1.4 allow remote attackers to bypass intended URL blocking via a long URL, related to (1) the relationship between a certain buffer size in squidGuard and a certain buffer size in Squid and (2) a redirect URL that contains information about the originally requested URL. |
| Opera before 10.01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted domain name. |
| Opera before 10.01 on Windows does not prevent use of Web fonts in rendering the product's own user interface, which allows remote attackers to spoof the address field via a crafted web site. |
| Cross-site scripting (XSS) vulnerability in index.php in TFTgallery 0.13 allows remote attackers to inject arbitrary web script or HTML via the album parameter. |
| ArubaOS 3.3.1.x, 3.3.2.x, RN 3.1.x, 3.4.x, and 3.3.2.x-FIPS on the Aruba Mobility Controller allows remote attackers to cause a denial of service (Access Point crash) via a malformed 802.11 Association Request management frame. |
| Stack-based buffer overflow in Pegasus Mail (PMail) 4.41 and possibly 4.51 allows remote POP3 servers to cause a denial of service (application crash) or possibly execute arbitrary code via a long error message. |
| Unspecified vulnerability in HP Discovery & Dependency Mapping Inventory (DDMI) 2.5x, 7.5x, and 7.60 on Windows allows remote authenticated users to execute arbitrary code via unknown vectors. |
| Unspecified vulnerability on the HP Color LaserJet M3530 Multifunction Printer with firmware 05.058.4 and the Color LaserJet CP3525 Printer with firmware 53.021.2 allows remote attackers to obtain "access to data" or cause a denial of service via unknown vectors. |
| Stack-based buffer overflow in the OmniInet process in HP OpenView Data Protector Application Recovery Manager 5.50 and 6.0 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted MSG_PROTOCOL packet. |
| Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via unknown vectors. |
| Multiple unspecified vulnerabilities in the (1) UNIX and (2) Linux backup-archive clients, and the (3) OS/400 API client, in IBM Tivoli Storage Manager (TSM) 5.3 before 5.3.6.6, 5.4 before 5.4.2, and 5.5 before 5.5.1, when the MAILPROG option is enabled, allow attackers to read, modify, or delete arbitrary files via unknown vectors. |
| The web interface for Everfocus EDR1600 DVR allows remote attackers to bypass authentication and access live cams via certain vectors. |
| Buffer overflow in Softonic International SciTE 1.72 allows user-assisted remote attackers to cause a denial of service (application crash) via a Ruby (.rb) file containing a long string, which triggers the crash when a scroll bar is used. |
| Cross-site scripting (XSS) vulnerability in GejoSoft allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI in photos/tags. |
| Multiple directory traversal vulnerabilities in CGI RESCUE Shopping Basket Professional 7.51 and earlier allow remote attackers to list arbitrary directories, and possibly read arbitrary files, via directory traversal sequences in unspecified parameters to (1) list.cgi or (2) list2.cgi. |
| Multiple insecure method vulnerabilities in Idefense Labs COMRaider allow remote attackers to create or overwrite arbitrary files via the (1) CreateFolder and (2) Copy methods. NOTE: this might only be a vulnerability in certain insecure configurations of Internet Explorer. |
| Stack-based buffer overflow in SafeNet SoftRemote 10.8.5 (Build 2) and 10.3.5 (Build 6), and possibly other versions before 10.8.9, allows local users to execute arbitrary code via a long string in a (1) TREENAME or (2) GROUPNAME Policy file (spd). |
| The NDSD process in Novell eDirectory 8.7.3 before 8.7.3.10 ftf2 and eDirectory 8.8 before 8.8.5 ftf1 does not properly handle certain LDAP search requests, which allows remote attackers to cause a denial of service (application hang) via a search request with a NULL BaseDN value. |
| Buffer overflow in the gxmim1.dll ActiveX control in Novell Groupwise Client 7.0.3.1294 allows remote attackers to cause a denial of service (application crash) via a long argument to the SetFontFace method. |
