|
303421
|
6.1 |
MEDIUM
Network
|
ajaxlife_project
|
ajaxlife
|
A vulnerability has been found in cfire24 ajaxlife up to 0.3.2 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. The attack can b…
|
-
|
CVE-2008-10002
|
2024-11-21 09:43 |
2023-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303422
|
6.1 |
MEDIUM
Network
|
pro2col
|
stingray_fts
|
A vulnerability, which was classified as problematic, has been found in Pro2col Stingray FTS. The manipulation of the argument Username leads to cross site scripting. The attack may be initiated remo…
|
CWE-79
Cross-site Scripting
|
CVE-2008-10001
|
2024-11-21 09:43 |
2022-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303423
|
7.5 |
HIGH
Network
|
sencha
|
ext_js
|
Server-side request forgery (SSRF) vulnerability in feed-proxy.php in extjs 5.0.0.
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2007-6758
|
2024-11-21 09:40 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303424
|
9.8 |
CRITICAL
Network
|
clamav
debian
|
clamav
debian_linux
|
clamav 0.91.2 suffers from a floating point exception when using ScanOLE2.
|
NVD-CWE-Other
|
CVE-2007-6745
|
2024-11-21 09:40 |
2019-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303425
|
8.8 |
HIGH
Network
|
sas
|
sas_drug_development
|
SAS Drug Development (SDD) before 32DRG02 mishandles logout actions, which allows a user (who was previously logged in) to access resources by pressing a back or forward button in a web browser.
|
CWE-20
Improper Input Validation
|
CVE-2007-6763
|
2024-11-21 09:40 |
2019-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303426
|
9.8 |
CRITICAL
Network
|
linux
|
linux_kernel
|
In the Linux kernel before 2.6.20, there is an off-by-one bug in net/netlabel/netlabel_cipso_v4.c where it is possible to overflow the doi_def->tags[] array.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-6762
|
2024-11-21 09:40 |
2019-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303427
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
drivers/media/video/videobuf-vmalloc.c in the Linux kernel before 2.6.24 does not initialize videobuf_mapping data structures, which allows local users to trigger an incorrect count value and videobu…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-6761
|
2024-11-21 09:40 |
2017-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303428
|
9.8 |
CRITICAL
Network
|
dataprobe
|
ibootbar_firmware
|
Dataprobe iBootBar (with 2007-09-20 and possibly later beta firmware) allows remote attackers to bypass authentication, and conduct power-cycle attacks on connected devices, via a DCCOOKIE cookie.
|
CWE-287
Improper Authentication
|
CVE-2007-6760
|
2024-11-21 09:40 |
2017-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303429
|
9.8 |
CRITICAL
Network
|
dataprobe
|
ibootbar_firmware
|
Dataprobe iBootBar (with 2007-09-20 and possibly later released firmware) allows remote attackers to bypass authentication, and conduct power-cycle attacks on connected devices, via a DCRABBIT cookie.
|
CWE-287
Improper Authentication
|
CVE-2007-6759
|
2024-11-21 09:40 |
2017-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303430
|
- |
|
gehealthcare
|
centricity_dms_firmware
|
GE Healthcare Centricity DMS 4.2, 4.1, and 4.0 has a password of Muse!Admin for the Museadmin user, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is de…
|
CWE-255
Credentials Management
|
CVE-2007-6757
|
2024-11-21 09:40 |
2015-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
