CVE-2007-4486

CVE-2021-47106 - In the Linux kernel, the following vulnerability has been resolved: ...
8 months ago

CVE-2015-2503 - Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 ...
6 years ago

CVE-2007-4486 - Multiple PHP remote file inclusion vulnerabilities in index.php in Linkliste 1.2 allow remote attackers to execute arbitrary PHP code via a URL in the (1) styl[top], (2) url_eintrag, or (3) styl[themen] parameter. ...
6 years ago

CVE-2005-4486 - ** DISPUTED ** SQL injection vulnerability in Quantum Art QP7.Enterprise (formerly Q-Publishing) allows remote attackers to execute arbitrary SQL commands via the p_news_id parameter to (1) news_and_events_new.asp and (2) news.asp. NOTE: on ...
16 years ago

CVE-2012-4486 - Cross-site request forgery (CSRF) vulnerability in the Subuser module before 6.x-1.8 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that switch the user to a subuser via unspecified vectors. ...
12 years ago

CVE-2009-4486 - Stack-based buffer overflow in the eDirectory plugin in Novell iManager before 2.7.3 allows remote attackers to execute arbitrary code via vectors that trigger long arguments to an unspecified sub-application, related to importing and exporting from ...
7 years ago

CVE-2010-4486 - Use-after-free vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to history handling. ...
7 years ago

CVE-2008-4486 - Directory traversal vulnerability in index.php in SAC.php (SACphp), as used in Yerba 6.3 and earlier, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the mod parameter. ...
7 years ago

CVE-2011-4486 - Cisco Unified Communications Manager (CUCM) with software 6.x and 7.x before 7.1(5b)su5, 8.0 before 8.0(3a)su3, and 8.5 and 8.6 before 8.6(2a)su1 and Cisco Business Edition 3000 with software before 8.6.3 and 5000 and 6000 with software before ...
12 years ago

CVE-2006-4486 - Integer overflow in memory allocation routines in PHP before 5.1.6, when running on a 64-bit system, allows context-dependent attackers to bypass the memory_limit restriction. ...
6 years ago

CVE-2015-4486 - The decrease_ref_count function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via malformed WebM video data. ...
6 years ago

CVE-2014-4486 - IOAcceleratorFamily in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not properly handle resource lists and IOService userclient types, which allows attackers to execute arbitrary code or cause a denial of service ...
5 years ago

CVE-2019-4486 - IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a ...
5 years ago

CVE-2013-4486 - Zanata 3.0.0 through 3.1.2 has RCE due to EL interpolation in logging ...
4 years ago

CVE-2020-4486 - IBM QRadar 7.2.0 thorugh 7.2.9 could allow an authenticated user to overwrite or delete arbitrary files due to a flaw after WinCollect installation. IBM X-Force ID: 181861. ...
4 years ago

CVE-2022-4486 - The Meteor Slides WordPress plugin before 1.5.7 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting ...
1 year ago

CVE-2016-4486 - The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message. ...
1 year ago

CVE-2018-4486 - ** REJECT ** This candidate is unused by its CNA. ...
1 year ago

CVE-2023-4486 - Under certain circumstances, invalid authentication credentials could be sent to the login endpoint of Johnson Controls Metasys NAE55, SNE, and SNC engines prior to version 12.0.4 and Facility Explorer F4-SNC engines prior to versions 11.0.6 and ...
11 months ago Tenable.com

CVE-2017-4486 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none ...
54 years ago Tenable.com

CVE-2024-4486 - The Awesome Contact Form7 for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'AEP Contact Form 7' widget in all versions up to, and including, 2.9 due to insufficient input sanitization and output escaping ...
5 months ago

Johnson Controls Metasys and Facility Explorer - RISK EVALUATION. Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service by sending invalid credentials. Under certain circumstances, invalid authentication credentials could be sent to the login endpoint of ...
11 months ago Cisa.gov

CVE-2013-6078 - The default configuration of EMC RSA BSAFE Toolkits and RSA Data Protection Manager (DPM) 20130918 uses the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm, which makes it easier for context-dependent attackers to ...
10 years ago

CVE-2016-0012 - Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1, ...
6 years ago

CVE-2011-1892 - Microsoft Office Groove 2007 SP2, SharePoint Workspace 2010 Gold and SP1, Office Forms Server 2007 SP2, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Office Groove Data Bridge Server 2007 SP2, Office Groove Management ...
6 years ago