Total
2546 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-2415 | 1 Pi3web | 1 Pi3web Web Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Pi3Web Web Server 2.0.3 PL1 allows remote attackers to cause a denial of service (application exit) via a long URI. NOTE: this issue was originally reported as a crash, but the vendor states that the impact is a "clean" exit in which "the server I/O loop finishes and the process exits normally." | |||||
CVE-2006-6601 | 2 Microsoft, Windows | 2 Windows Xp, Media Player | 2024-02-28 | 4.3 MEDIUM | N/A |
Windows Media Player 10.00.00.4036 in Microsoft Windows XP SP2 allows user-assisted remote attackers to cause a denial of service via a .MID (MIDI) file with a malformed header chunk without any track chunks, possibly involving (1) number of tracks of (2) time division fields that are set to 0. | |||||
CVE-2007-6439 | 1 Wireshark | 1 Wireshark | 2024-02-28 | 6.1 MEDIUM | N/A |
Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite or large loop) via the (1) IPv6 or (2) USB dissector, which can trigger resource consumption or a crash. NOTE: this identifier originally included Firebird/Interbase, but it is already covered by CVE-2007-6116. The DCP ETSI issue is already covered by CVE-2007-6119. | |||||
CVE-2006-5568 | 1 Datawizard | 1 Ftpxq | 2024-02-28 | 5.0 MEDIUM | N/A |
FtpXQ Server 3.0.1 allows remote attackers to cause a denial of service (CPU exhaustion) via a long MKD command. | |||||
CVE-2007-4770 | 1 Icu-project | 1 International Components For Unicode | 2024-02-28 | 6.8 MEDIUM | N/A |
libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames. | |||||
CVE-2006-6681 | 1 Chetcpasswd | 1 Chetcpasswd | 2024-02-28 | 7.5 HIGH | N/A |
Pedro Lineu Orso chetcpasswd 2.3.3 does not have a rate limit for client requests, which might allow remote attackers to determine passwords via a dictionary attack. | |||||
CVE-2007-0710 | 1 Apple | 2 Ichat, Mac Os X | 2024-02-28 | 2.1 LOW | N/A |
The Bonjour functionality in iChat in Apple Mac OS X 10.3.9 allows remote attackers to cause a denial of service (persistent application crash) via unspecified vectors, possibly related to CVE-2007-0614. | |||||
CVE-2007-3903 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-28 | 6.8 MEDIUM | N/A |
Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code via uninitialized or deleted objects used in repeated calls to the (1) cloneNode or (2) nodeValue JavaScript function, a different issue than CVE-2007-3902 and CVE-2007-5344, a variant of "Uninitialized Memory Corruption Vulnerability." | |||||
CVE-2008-0153 | 1 Pragma Systems | 1 Pragma Telnetserver | 2024-02-28 | 5.0 MEDIUM | N/A |
telnetd.exe in Pragma TelnetServer 7.0.4.589 allows remote attackers to cause a denial of service (process crash and resource exhaustion) via a crafted TELOPT PRAGMA LOGON telnet option, which triggers a NULL pointer dereference. | |||||
CVE-2006-6723 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2024-02-28 | 7.8 HIGH | N/A |
The Workstation service in Microsoft Windows 2000 SP4 and XP SP2 allows remote attackers to cause a denial of service (memory consumption) via a large maxlen value in an NetrWkstaUserEnum RPC request. | |||||
CVE-2007-4577 | 1 Sophos | 3 Anti-virus, Scanning Engine, Small Business Suite | 2024-02-28 | 7.8 HIGH | N/A |
Sophos Anti-Virus for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (infinite loop) via a malformed BZip file that results in the creation of multiple Engine temporary files (aka a "BZip bomb"). | |||||
CVE-2007-5656 | 1 Tibco | 3 Enterprise Message Service, Rtworks, Smartsockets Rtserver | 2024-02-28 | 10.0 HIGH | N/A |
TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted requests that control loop operations related to memory. | |||||
CVE-2008-0324 | 1 Cisco | 1 Vpn Client | 2024-02-28 | 4.9 MEDIUM | N/A |
Cisco Systems VPN Client IPSec Driver (CVPNDRVA.sys) 5.0.02.0090 allows local users to cause a denial of service (crash) by calling the 0x80002038 IOCTL with a small size value, which triggers memory corruption. | |||||
CVE-2008-0974 | 2 Double-take Software, Hp | 2 Double-take, Storageworks Double-take | 2024-02-28 | 5.0 MEDIUM | N/A |
Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and other names, allows remote attackers to cause a denial of service (daemon termination) via (1) a large vector<T> value, which raises a "vector<T> too long" exception; or (2) a certain packet that raises an ospace/time/src\date.cpp exception. | |||||
CVE-2007-5846 | 1 Net-snmp | 1 Net-snmp | 2024-02-28 | 7.8 HIGH | N/A |
The SNMP agent (snmp_agent.c) in net-snmp before 5.4.1 allows remote attackers to cause a denial of service (CPU and memory consumption) via a GETBULK request with a large max-repeaters value. | |||||
CVE-2008-0596 | 2 Easy Software Products, Redhat | 3 Cups, Desktop, Enterprise Linux | 2024-02-28 | 5.0 MEDIUM | N/A |
Memory leak in CUPS before 1.1.22, and possibly other versions, allows remote attackers to cause a denial of service (memory consumption and daemon crash) via a large number of requests to add and remove shared printers. | |||||
CVE-2007-5707 | 1 Openldap | 1 Openldap | 2024-02-28 | 7.1 HIGH | N/A |
OpenLDAP before 2.3.39 allows remote attackers to cause a denial of service (slapd crash) via an LDAP request with a malformed objectClasses attribute. NOTE: this has been reported as a double free, but the reports are inconsistent. | |||||
CVE-2007-6356 | 1 Aertherwide | 1 Exiftags | 2024-02-28 | 5.0 MEDIUM | N/A |
exiftags before 1.01 allows attackers to cause a denial of service (infinite loop) via recursive IFD references in the EXIF data in a JPEG image. | |||||
CVE-2006-5467 | 1 Yukihiro Matsumoto | 1 Ruby | 2024-02-28 | 5.0 MEDIUM | N/A |
The cgi.rb CGI library for Ruby 1.8 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an HTTP request with a multipart MIME body that contains an invalid boundary specifier, as demonstrated using a specifier that begins with a "-" instead of "--" and contains an inconsistent ID. | |||||
CVE-2007-5901 | 2 Apple, Mit | 3 Mac Os X, Mac Os X Server, Kerberos 5 | 2024-02-28 | 6.9 MEDIUM | N/A |
Use-after-free vulnerability in the gss_indicate_mechs function in lib/gssapi/mechglue/g_initialize.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. NOTE: this might be the result of a typo in the source code. |