CVE-2007-3273

CVE-2015-2503 - Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 ...
6 years ago

CVE-2007-3301 - SQL injection vulnerability in forum/include/error/autherror.cfm in FuseTalk allows remote attackers to execute arbitrary SQL commands via the errorcode parameter. NOTE: a patch may have been released privately between April and June 2007. NOTE: ...
6 years ago

CVE-2007-3273 - SQL injection vulnerability in index.cfm in FuseTalk 2.0 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party ...
12 years ago

CVE-2008-3519 - The default configuration of the JBossAs component in Red Hat JBoss Enterprise Application Platform (aka JBossEAP or EAP), possibly 4.2 before CP04 and 4.3 before CP02, when a production environment is enabled, sets the DownloadServerClasses property ...
7 years ago

CVE-2010-1429 - Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 allows remote attackers to obtain sensitive information about "deployed web contexts" via a request to the status servlet, ...
2 years ago

Critical takeover vulnerabilities in 92,000 D-Link devices under active exploitation - Hackers are actively exploiting a pair of recently discovered vulnerabilities to remotely commandeer network-attached storage devices manufactured by D-Link, researchers said Monday. Roughly 92,000 devices are vulnerable to the remote takeover ...
1 year ago Packetstormsecurity.com CVE-2024-3272 CVE-2024-3273

CVE-2014-3273 - The LLDP implementation in Cisco IOS allows remote attackers to cause a denial of service (device reload) via a malformed packet, aka Bug ID CSCum96282. ...
8 years ago

CVE-2008-3273 - JBoss Enterprise Application Platform (aka JBossEAP or EAP) before 4.2.0.CP03, and 4.3.0 before 4.3.0.CP01, allows remote attackers to obtain sensitive information about "deployed web contexts" via a request to the status servlet, as ...
7 years ago

CVE-2010-3273 - ZOHO ManageEngine ADSelfService Plus before 4.5 Build 4500 allows remote attackers to reset user passwords, and consequently obtain access to arbitrary user accounts, by providing a user id to accounts/ValidateUser, and then providing a new password ...
6 years ago

CVE-2016-3273 - The XSS Filter in Microsoft Internet Explorer 9 through 11 and Microsoft Edge does not properly restrict JavaScript code, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information ...
6 years ago

CVE-2006-3273 - Cross-site scripting (XSS) vulnerability in menu.php in Some Chess 1.5 rc1 allows remote attackers to inject arbitrary web script or HTML via the user parameter ("New Name" field). ...
6 years ago

CVE-2005-3273 - The rose_rt_ioctl function in rose_route.c for Radionet Open Source Environment (ROSE) in Linux 2.6 kernels before 2.6.12, and 2.4 before 2.4.29, does not properly verify the ndigis argument for a new route, which allows attackers to trigger array ...
6 years ago

CVE-2017-3273 - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network ...
6 years ago

CVE-2009-3273 - iPhone Mail in Apple iPhone OS, and iPhone OS for iPod touch, does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL e-mail servers via a crafted certificate. ...
5 years ago

CVE-2013-3273 - EMC RSA Authentication Manager 8.0 before P2 and 7.1 before SP4 P26, as used in Appliance 3.0, does not omit the cleartext administrative password from trace logging in custom SDK applications, which allows local users to obtain sensitive information ...
5 years ago

CVE-2011-3273 - Memory leak in Cisco IOS 15.0 through 15.1, when IPS or Zone-Based Firewall (aka ZBFW) is configured, allows remote attackers to cause a denial of service (memory consumption or device crash) via vectors that trigger many session creation flows, aka ...
13 years ago

CVE-2012-3273 - Multiple unspecified vulnerabilities on the HP LaserJet Pro 400 MFP M425 with firmware 20120625 and LaserJet 400 M401 with firmware 20120621 allow remote attackers to obtain sensitive information via unknown vectors. ...
12 years ago

CVE-2018-3273 - Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Remote Administration Daemon (RAD)). The supported version that is affected is 11.3. Easily exploitable vulnerability allows unauthenticated attacker with ...
5 years ago

CVE-2020-3273 - A vulnerability in the 802.11 Generic Advertisement Service (GAS) frame processing function of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial ...
5 years ago

CVE-2015-3273 - mod/forum/post.php in Moodle 2.9.x before 2.9.1 does not consider the mod/forum:canposttomygroups capability before authorizing "Post a copy to all groups" actions, which allows remote authenticated users to bypass intended access ...
4 years ago

CVE-2021-3273 - Nagios XI below 5.7 is affected by code injection in the /nagiosxi/admin/graphtemplates.php component. To exploit this vulnerability, someone must have an admin user account in Nagios XI's web system. ...
4 years ago

CVE-2022-3273 - Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a4. ...
2 years ago

CVE-2023-3273 - ...
1 year ago

CVE-2024-3273 - ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nas_sharing.cgi of the component HTTP ...
1 year ago Tenable.com

Over 90,000 D-Link NAS Devices Are Under Attack - Network attached storage vendor D-Link has urged users of end-of-life products to retire and replace them, after news emerged of mass exploitation of legacy kit via a newly discovered vulnerability. Now described as CVE-2024-3273, the high-severity ...
1 year ago Infosecurity-magazine.com CVE-2024-3273