Total
29523 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-1259 | 1 Web-app.org | 1 Webapp | 2024-11-21 | 7.5 HIGH | N/A |
Multiple unspecified vulnerabilities in WebAPP before 0.9.9.6 have unknown impact and attack vectors. | |||||
CVE-2007-1223 | 3 Hitachi, Ibm, Sun | 4 Hi-ux\/we2, Osas\/ft\/w, Aix and 1 more | 2024-11-21 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in Hitachi OSAS/FT/W before 20070223 allows attackers to cause a denial of service (responder control processing halt) by sending "data unexpectedly through the port". | |||||
CVE-2007-1134 | 1 Watchtower | 1 Watchtower | 2024-11-21 | 10.0 HIGH | N/A |
Unspecified vulnerability in Watchtower (WT) before 0.12 has unknown impact and attack vectors, related to "unauthorized accounts." | |||||
CVE-2007-1032 | 1 Phpmyfaq | 1 Phpmyfaq | 2024-11-21 | 6.8 MEDIUM | N/A |
Unspecified vulnerability in phpMyFAQ 1.6.9 and earlier, when register_globals is enabled, allows remote attackers to "gain the privilege for uploading files on the server." | |||||
CVE-2007-0998 | 2 Redhat, Xen | 3 Enterprise Linux, Fedora Core, Qemu | 2024-11-21 | 4.3 MEDIUM | N/A |
The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU monitor mode, as demonstrated by mapping files to a CDROM device. NOTE: some of these details are obtained from third party information. | |||||
CVE-2007-0980 | 3 Hp, Redhat, Suse | 4 Serviceguard For Linux, Enterprise Linux, Suse Linux and 1 more | 2024-11-21 | 10.0 HIGH | N/A |
Unspecified vulnerability in HP Serviceguard for Linux; packaged for SuSE SLES8 and United Linux 1.0 before SG A.11.15.07, SuSE SLES9 and SLES10 before SG A.11.16.10, and Red Hat Enterprise Linux (RHEL) before SG A.11.16.10; allows remote attackers to obtain unauthorized access via unspecified vectors. | |||||
CVE-2007-0943 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-11-21 | 6.8 MEDIUM | N/A |
Unspecified vulnerability in Internet Explorer 5.01 and 6 SP1 allows remote attackers to execute arbitrary code via crafted Cascading Style Sheets (CSS) strings that trigger memory corruption during parsing, related to use of out-of-bounds pointers. | |||||
CVE-2007-0918 | 1 Cisco | 1 Ios | 2024-11-21 | 7.1 HIGH | N/A |
The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash and traffic loss) via unspecified manipulations that are not properly handled by the regular expression feature, as demonstrated using the 3123.0 (Netbus Pro Traffic) signature. | |||||
CVE-2007-0916 | 1 Hp | 1 Hp-ux | 2024-11-21 | 4.9 MEDIUM | N/A |
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors. | |||||
CVE-2007-0910 | 2 Php, Trustix | 2 Php, Secure Linux | 2024-11-21 | 10.0 HIGH | N/A |
Unspecified vulnerability in PHP before 5.2.1 allows attackers to "clobber" certain super-global variables via unspecified vectors. | |||||
CVE-2007-0775 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2024-11-21 | 3.7 LOW | N/A |
Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allow remote attackers to cause a denial of service (crash) and potentially execute arbitrary code via certain vectors. | |||||
CVE-2007-0771 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | 4.9 MEDIUM | N/A |
The utrace support in Linux kernel 2.6.18, and other versions, allows local users to cause a denial of service (system hang) related to "MT exec + utrace_attach spin failure mode," as demonstrated by ptrace-thrash.c. | |||||
CVE-2007-0720 | 2 Apple, Cups | 2 Mac Os X, Cups | 2024-11-21 | 5.0 MEDIUM | N/A |
The CUPS service on multiple platforms allows remote attackers to cause a denial of service (service hang) via a "partially-negotiated" SSL connection, which prevents other requests from being accepted. | |||||
CVE-2007-0671 | 1 Microsoft | 14 Access, Excel, Excel Viewer and 11 more | 2024-11-21 | 9.3 HIGH | N/A |
Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks. | |||||
CVE-2007-0634 | 1 Sun | 1 Solaris | 2024-11-21 | 7.8 HIGH | N/A |
Unspecified vulnerability in Sun Solaris 10 before 20070130 allows remote attackers to cause a denial of service (system crash) via certain ICMP packets. | |||||
CVE-2007-0626 | 1 Drupal | 1 Drupal | 2024-11-21 | 6.5 MEDIUM | N/A |
The comment_form_add_preview function in comment.module in Drupal before 4.7.6, and 5.x before 5.1, and vbDrupal, allows remote attackers with "post comments" privileges and access to multiple input filters to execute arbitrary code by previewing comments, which are not processed by "normal form validation routines." | |||||
CVE-2007-0516 | 1 Yana Framework | 1 Yana Framework | 2024-11-21 | 4.9 MEDIUM | N/A |
Yana Framework before 2.8.5a allows remote authenticated users with permissions to modify a guestbook profile to modify or delete arbitrary guestbook profiles via unspecified vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | |||||
CVE-2007-0515 | 1 Microsoft | 4 Office, Word, Word Viewer and 1 more | 2024-11-21 | 9.3 HIGH | N/A |
Unspecified vulnerability in Microsoft Word allows user-assisted remote attackers to execute arbitrary code on Word 2000, and cause a denial of service on Word 2003, via unknown attack vectors that trigger memory corruption, as exploited by Trojan.Mdropper.W and later by Trojan.Mdropper.X, a different issue than CVE-2006-6456, CVE-2006-5994, and CVE-2006-6561. | |||||
CVE-2007-0459 | 1 Wireshark | 1 Wireshark | 2024-11-21 | 5.0 MEDIUM | N/A |
packet-tcp.c in the TCP dissector in Wireshark (formerly Ethereal) 0.99.2 through 0.99.4 allows remote attackers to cause a denial of service (application crash or hang) via fragmented HTTP packets. | |||||
CVE-2007-0458 | 1 Wireshark | 1 Wireshark | 2024-11-21 | 4.3 MEDIUM | N/A |
Unspecified vulnerability in the HTTP dissector in Wireshark (formerly Ethereal) 0.99.3 and 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors, a different issue than CVE-2006-5468. |