Search Results (5493 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2007-5851 1 Apple 1 Mac Os X 2026-04-23 N/A
iChat in Apple Mac OS X 10.4.11 allows network-adjacent remote attackers to automatically initiate a video connection to another user via unknown vectors.
CVE-2008-1931 2 Microsoft, Realtek 3 Windows-nt, Windows Vista, Hd Audio Codec Drivers 2026-04-23 N/A
Realtek HD Audio Codec Drivers RTKVHDA.sys and RTKVHDA64.sys before 6.0.1.5605 on Windows Vista allow local users to create, write, and read registry keys via a crafted IOCTL request.
CVE-2007-4669 1 Firebirdsql 1 Firebird 2026-04-23 N/A
The Services API in Firebird before 2.0.2 allows remote authenticated users without SYSDBA privileges to read the server log (firebird.log), aka CORE-1148.
CVE-2008-1255 1 Zyxel 1 P-660hw 2026-04-23 N/A
The ZyXEL P-660HW series router maintains authentication state by IP address, which allows remote attackers to bypass authentication by establishing a session from a source IP address of a previously authenticated user.
CVE-2007-4679 1 Apple 1 Mac Os X 2026-04-23 N/A
CFFTP in CFNetwork for Apple Mac OS X 10.4 through 10.4.10 allows remote FTP servers to force clients to connect to other hosts via crafted responses to FTP PASV commands.
CVE-2007-1309 1 Novell 1 Access Manager 2026-04-23 N/A
Novell Access Management 3 SSLVPN Server allows remote authenticated users to bypass VPN restrictions by making policy.txt read-only, disconnecting, then manually modifying policy.txt.
CVE-2008-1186 2 Redhat, Sun 4 Rhel Extras, Jdk, Jre and 1 more 2026-04-23 N/A
Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1185, aka "the second issue."
CVE-2008-1937 1 Moinmoin 1 Moinmoin 2026-04-23 N/A
The user form processing (userform.py) in MoinMoin before 1.6.3, when using ACLs or a non-empty superusers list, does not properly manage users, which allows remote attackers to gain privileges.
CVE-2007-6049 3 Ibm, Linux, Unix 3 Db2 Universal Database, Linux Kernel, Unix 2026-04-23 N/A
Unspecified vulnerability in the SSL LOAD GSKIT action in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors, involving a call to dlopen when the effective uid is root.
CVE-2006-5909 1 Paul Tarjan 1 Stanford Conference And Research Forum 2026-04-23 N/A
generaloptions.php in Paul Tarjan Stanford Conference And Research Forum (SCARF) before 20070227 does not require the admin privilege, which allows remote attackers to reconfigure the application or its user accounts.
CVE-2008-6357 1 Donnafontenot 1 Mycal Personal Events Calendar 2026-04-23 N/A
MyCal Personal Events Calendar stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing the username and password via a direct request to mycal.mdb.
CVE-2007-5835 1 Bosdev 1 Bosnews 2026-04-23 N/A
Install.php in BosDev BosNews 4 and 5 does not require authentication for replacing an existing product installation or creating a new admin account, which allows remote attackers to cause a denial of service (overwritten files) and possibly obtain administrative access.
CVE-2008-3852 1 Ibm 1 Db2 Universal Database 2026-04-23 N/A
Unspecified vulnerability in the CLR stored procedure deployment from IBM Database Add-Ins for Visual Studio in the Visual Studio Net component in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 2 allows remote authenticated users to execute arbitrary code via unknown vectors.
CVE-2008-5340 2 Redhat, Sun 4 Rhel Extras, Jdk, Jre and 1 more 2026-04-23 N/A
Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted JWS applications to gain privileges to access local files or applications via unknown vectors, aka 6727081.
CVE-2008-0704 1 Hp 3 Alpha, Integrity, Open Vms Tcp-ip Services 2026-04-23 N/A
Unspecified vulnerability in the SSH server in HP OpenVMS TCP/IP Services on OpenVMS on the Alpha platform with 5.4 before ECO 7, and on the Integrity and Alpha platforms with 5.5 before ECO 3 and 5.6 before ECO 2, allows remote attackers to obtain unspecified access via unknown vectors.
CVE-2007-5761 1 Motorola 1 Netoctopus 2026-04-23 N/A
The NantSys device 5.0.0.115 in Motorola netOctopus 5.1.2 build 1011 has weak permissions for the \\.\NantSys device interface (nantsys.sys), which allows local users to gain privileges or cause a denial of service (system crash), as demonstrated by modifying the SYSENTER_EIP_MSR CPU Model Specific Register (MSR) value.
CVE-2008-3655 2 Redhat, Ruby-lang 2 Enterprise Linux, Ruby 2026-04-23 N/A
Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not properly restrict access to critical variables and methods at various safe levels, which allows context-dependent attackers to bypass intended access restrictions via (1) untrace_var, (2) $PROGRAM_NAME, and (3) syslog at safe level 4, and (4) insecure methods at safe levels 1 through 3.
CVE-2008-0573 1 Safenet 3 Ipsecdrv.sys, Safenet Highassurance Remote, Softremote Vpn Client 2026-04-23 N/A
IPSecDrv.sys 10.4.0.12 in SafeNET HighAssurance Remote and SoftRemote allows local users to gain privileges via a crafted IPSECDRV_IOCTL IOCTL request.
CVE-2009-0062 1 Cisco 3 Catalyst 3750 Series Integrated Wireless Lan Controller, Catalyst 6500 Wireless Services Modules, Wireless Lan Controller Software 2026-04-23 N/A
Unspecified vulnerability in the Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.2.173.0 allows remote authenticated users to gain privileges via unknown vectors, as demonstrated by escalation from the (1) Lobby Admin and (2) Local Management User privilege levels.
CVE-2008-2827 1 Perl 1 Perl 2026-04-23 N/A
The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack, a different vulnerability than CVE-2005-0448 and CVE-2004-0452.