CyberSecurityBoard
Sponsor Register Login

CVE-2007-2436

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-1861. Reason: This candidate is a duplicate of CVE-2007-1861. Notes: All CVE users should reference CVE-2007-1861 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage

This Cyber News was published on www.tenable.com. Publication date: Thu, 07 Dec 2023 18:39:41 +0000


Cyber News related to CVE-2007-2436

CVE-2015-2503 - Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 ...
6 years ago
CVE-2007-2436 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-1861. Reason: This candidate is a duplicate of CVE-2007-1861. Notes: All CVE users should reference CVE-2007-1861 instead of this candidate. All references and descriptions in ...
55 years ago Tenable.com
CVE-2011-4185 - The GetPrinterURLList2 method in the ActiveX control in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability ...
13 years ago
CVE-2013-2436 - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to ...
7 years ago
CVE-2011-3817 - Website Baker 2.8.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by admin/media/parameters.php and certain other files. NOTE: ...
12 years ago
CVE-2002-2436 - The Cascading Style Sheets (CSS) implementation in Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about ...
7 years ago
CVE-2009-2436 - SQL injection vulnerability in page.php in Online Dating Software MyPHPDating 1.0 allows remote attackers to execute arbitrary SQL commands via the page_id parameter. ...
15 years ago
CVE-2006-2436 - WebSphere Application Server 5.0.2 (or any earlier cumulative fix) stores admin and LDAP passwords in plaintext in the FFDC logs when a login to WebSphere fails, which allows attackers to gain privileges. ...
14 years ago
CVE-2016-2436 - The NVIDIA video driver in Android before 2016-05-01 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 27299111. ...
9 years ago
CVE-2005-2436 - browse.php in Website Baker Project allows remote attackers to obtain sensitive data via (1) a directory that does not exist in the dir parameter or (2) a direct request to certain php files, which reveal the path in an error message. ...
7 years ago
CVE-2017-2436 - An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "IOFireWireAVC" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory ...
7 years ago
CVE-2012-2436 - Multiple cross-site scripting (XSS) vulnerabilities in Pligg CMS before 1.2.2 allow remote attackers to inject arbitrary web script or HTML via (1) an arbitrary parameter in a move or (2) minimize action to admin/admin_index.php; (3) the ...
7 years ago
CVE-2011-2436 - Heap-based buffer overflow in the image-parsing library in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors. ...
7 years ago
CVE-2010-2436 - SQL injection vulnerability in modules/blog/index.php in AneCMS Blog 1.3 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the PATH_INFO. ...
6 years ago
CVE-2008-2436 - Multiple heap-based buffer overflows in the IppCreateServerRef function in nipplib.dll in Novell iPrint Client 4.x before 4.38 and 5.x before 5.08 allow remote attackers to execute arbitrary code via a long argument to the (1) GetPrinterURLList, (2) ...
6 years ago
CVE-2018-2436 - Executing transaction WRCK in SAP R/3 Enterprise Retail (EHP6) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. ...
5 years ago
CVE-2004-2436 - Computer Associates Unicenter Common Services 3.0 and earlier stores the database "SA" password in cleartext in the TndAddNspTmp.bat file, which could allow local users to gain privileges. ...
4 years ago
CVE-2021-2436 - Vulnerability in the Oracle Common Applications product of Oracle E-Business Suite (component: CRM User Management Framework). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows ...
3 years ago
CVE-2014-2436 - Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RBR. ...
2 years ago
CVE-2019-2436 - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via ...
2 years ago
CVE-2023-2436 - The Blog-in-Blog plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'blog_in_blog' shortcode in versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping on user supplied ...
1 year ago
CVE-2022-2436 - The Download Manager plugin for WordPress is vulnerable to deserialization of untrusted input via the 'file[package_dir]' parameter in versions up to, and including 3.2.49. This makes it possible for authenticated attackers with contributor ...
1 year ago
CVE-2015-2436 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none ...
55 years ago Tenable.com
CVE-2024-2436 - The Lightweight Accordion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 1.5.16 due to insufficient input sanitization and output escaping on user supplied ...
1 year ago Tenable.com
CVE-2025-20634 - In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User ...
3 months ago Tenable.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)