Total
2548 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-6044 | 1 Ibm | 1 Websphere Mq | 2024-11-21 | 10.0 HIGH | N/A |
Multiple unspecified vulnerabilities in IBM WebSphere MQ 6.0 have unknown impact and remote attack vectors involving "memory corruption." NOTE: as of 20071116, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | |||||
CVE-2007-6040 | 1 Belkin | 1 F5d7230-4 | 2024-11-21 | 5.0 MEDIUM | N/A |
The Belkin F5D7230-4 Wireless G Router allows remote attackers to cause a denial of service (degraded networking and logging) via a flood of TCP SYN packets, a related issue to CVE-1999-0116. | |||||
CVE-2007-6005 | 1 Webex Communications | 1 Webex Gpccontainer Activex Control | 2024-11-21 | 4.3 MEDIUM | N/A |
Unspecified vulnerability in the GpcContainer.GpcContainer.1 ActiveX control in WebEx allows remote attackers to cause a denial of service (memory access violation and crash) via (1) an invalid argument to the InitParam method or (2) an unspecified vector involving the SetParam method. | |||||
CVE-2007-6000 | 1 Kde | 1 Konqueror | 2024-11-21 | 5.0 MEDIUM | N/A |
KDE Konqueror 3.5.6 and earlier allows remote attackers to cause a denial of service (crash) via large HTTP cookie parameters. | |||||
CVE-2007-5971 | 2 Apple, Mit | 3 Mac Os X, Mac Os X Server, Kerberos 5 | 2024-11-21 | 6.9 MEDIUM | N/A |
Double free vulnerability in the gss_krb5int_make_seal_token_v3 function in lib/gssapi/krb5/k5sealv3.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. | |||||
CVE-2007-5962 | 3 Foresight Linux, Redhat, Rpath | 4 Appliances, Enterprise Linux, Fedora and 1 more | 2024-11-21 | 7.1 HIGH | N/A |
Memory leak in a certain Red Hat patch, applied to vsftpd 2.0.5 on Red Hat Enterprise Linux (RHEL) 5 and Fedora 6 through 8, and on Foresight Linux and rPath appliances, allows remote attackers to cause a denial of service (memory consumption) via a large number of CWD commands, as demonstrated by an attack on a daemon with the deny_file configuration option. | |||||
CVE-2007-5901 | 2 Apple, Mit | 3 Mac Os X, Mac Os X Server, Kerberos 5 | 2024-11-21 | 6.9 MEDIUM | N/A |
Use-after-free vulnerability in the gss_indicate_mechs function in lib/gssapi/mechglue/g_initialize.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. NOTE: this might be the result of a typo in the source code. | |||||
CVE-2007-5896 | 1 Mozilla | 1 Firefox | 2024-11-21 | 7.1 HIGH | N/A |
Mozilla Firefox 2.0.0.9 allows remote attackers to cause a denial of service (CPU consumption and crash) via an iframe with Javascript that sets the document.location to contain a leading NULL byte (\x00) and a (1) res://, (2) about:config, or (3) file:/// URI. | |||||
CVE-2007-5861 | 1 Apple | 1 Mac Os X | 2024-11-21 | 6.8 MEDIUM | N/A |
Unspecified vulnerability in Spotlight in Apple Mac OS X 10.4.11 allows user-assisted attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted .XLS file that triggers memory corruption in the Microsoft Office Spotlight Importer. | |||||
CVE-2007-5859 | 1 Apple | 2 Mac Os X, Safari | 2024-11-21 | 9.3 HIGH | N/A |
Unspecified vulnerability in Safari RSS in Apple Mac OS X 10.4.11 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted feed: URL that triggers memory corruption. | |||||
CVE-2007-5846 | 1 Net-snmp | 1 Net-snmp | 2024-11-21 | 7.8 HIGH | N/A |
The SNMP agent (snmp_agent.c) in net-snmp before 5.4.1 allows remote attackers to cause a denial of service (CPU and memory consumption) via a GETBULK request with a large max-repeaters value. | |||||
CVE-2007-5712 | 1 Django Project | 1 Django | 2024-11-21 | 2.6 LOW | N/A |
The internationalization (i18n) framework in Django 0.91, 0.95, 0.95.1, and 0.96, and as used in other products such as PyLucid, when the USE_I18N option and the i18n component are enabled, allows remote attackers to cause a denial of service (memory consumption) via many HTTP requests with large Accept-Language headers. | |||||
CVE-2007-5708 | 1 Openldap | 1 Openldap | 2024-11-21 | 7.1 HIGH | N/A |
slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, when running as a proxy-caching server, allocates memory using a malloc variant instead of calloc, which prevents an array from being initialized properly and might allow attackers to cause a denial of service (segmentation fault) via unknown vectors that prevent the array from being null terminated. | |||||
CVE-2007-5707 | 1 Openldap | 1 Openldap | 2024-11-21 | 7.1 HIGH | N/A |
OpenLDAP before 2.3.39 allows remote attackers to cause a denial of service (slapd crash) via an LDAP request with a malformed objectClasses attribute. NOTE: this has been reported as a double free, but the reports are inconsistent. | |||||
CVE-2007-5656 | 1 Tibco | 3 Enterprise Message Service, Rtworks, Smartsockets Rtserver | 2024-11-21 | 10.0 HIGH | N/A |
TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted requests that control loop operations related to memory. | |||||
CVE-2007-5622 | 1 3proxy | 1 3proxy | 2024-11-21 | 5.0 MEDIUM | N/A |
Double free vulnerability in the ftpprchild function in ftppr in 3proxy 0.5 through 0.5.3i allows remote attackers to cause a denial of service (daemon crash) via multiple OPEN commands to the FTP proxy. | |||||
CVE-2007-5612 | 1 Ibm | 1 Director | 2024-11-21 | 7.8 HIGH | N/A |
CIM Server in IBM Director 5.20.1 and earlier allows remote attackers to cause a denial of service (CPU consumption, connection slot exhaustion, and daemon crash) via a large number of idle connections. | |||||
CVE-2007-5585 | 1 Xscreensaver | 1 Xscreensaver | 2024-11-21 | 5.0 MEDIUM | N/A |
xscreensaver 5.03 and earlier, when running without xscreensaver-gl-extras (GL extras) installed, crashes when /usr/bin/xscreensaver-gl-helper does not exist and a user attempts to unlock the screen, which allows attackers with physical access to gain access to the locked session. | |||||
CVE-2007-5537 | 1 Cisco | 2 Unified Callmanager, Unified Communications Manager | 2024-11-21 | 7.8 HIGH | N/A |
Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(2), and Unified CallManager 5.0, allow remote attackers to cause a denial of service (kernel panic) via a flood of SIP INVITE messages to UDP port 5060, which triggers resource exhaustion, aka CSCsi75822. | |||||
CVE-2007-5506 | 1 Oracle | 1 Database Server | 2024-11-21 | 7.8 HIGH | N/A |
The Core RDBMS component in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote attackers to cause a denial of service (CPU consumption) via a crafted type 6 Data packet, aka DB20. |