Vulnerabilities (CVE)

Filtered by NVD-CWE-noinfo
Total 29523 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-1259 1 Web-app.org 1 Webapp 2024-11-21 7.5 HIGH N/A
Multiple unspecified vulnerabilities in WebAPP before 0.9.9.6 have unknown impact and attack vectors.
CVE-2007-1223 3 Hitachi, Ibm, Sun 4 Hi-ux\/we2, Osas\/ft\/w, Aix and 1 more 2024-11-21 5.0 MEDIUM N/A
Unspecified vulnerability in Hitachi OSAS/FT/W before 20070223 allows attackers to cause a denial of service (responder control processing halt) by sending "data unexpectedly through the port".
CVE-2007-1134 1 Watchtower 1 Watchtower 2024-11-21 10.0 HIGH N/A
Unspecified vulnerability in Watchtower (WT) before 0.12 has unknown impact and attack vectors, related to "unauthorized accounts."
CVE-2007-1032 1 Phpmyfaq 1 Phpmyfaq 2024-11-21 6.8 MEDIUM N/A
Unspecified vulnerability in phpMyFAQ 1.6.9 and earlier, when register_globals is enabled, allows remote attackers to "gain the privilege for uploading files on the server."
CVE-2007-0998 2 Redhat, Xen 3 Enterprise Linux, Fedora Core, Qemu 2024-11-21 4.3 MEDIUM N/A
The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU monitor mode, as demonstrated by mapping files to a CDROM device. NOTE: some of these details are obtained from third party information.
CVE-2007-0980 3 Hp, Redhat, Suse 4 Serviceguard For Linux, Enterprise Linux, Suse Linux and 1 more 2024-11-21 10.0 HIGH N/A
Unspecified vulnerability in HP Serviceguard for Linux; packaged for SuSE SLES8 and United Linux 1.0 before SG A.11.15.07, SuSE SLES9 and SLES10 before SG A.11.16.10, and Red Hat Enterprise Linux (RHEL) before SG A.11.16.10; allows remote attackers to obtain unauthorized access via unspecified vectors.
CVE-2007-0943 1 Microsoft 2 Ie, Internet Explorer 2024-11-21 6.8 MEDIUM N/A
Unspecified vulnerability in Internet Explorer 5.01 and 6 SP1 allows remote attackers to execute arbitrary code via crafted Cascading Style Sheets (CSS) strings that trigger memory corruption during parsing, related to use of out-of-bounds pointers.
CVE-2007-0918 1 Cisco 1 Ios 2024-11-21 7.1 HIGH N/A
The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash and traffic loss) via unspecified manipulations that are not properly handled by the regular expression feature, as demonstrated using the 3123.0 (Netbus Pro Traffic) signature.
CVE-2007-0916 1 Hp 1 Hp-ux 2024-11-21 4.9 MEDIUM N/A
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport functionality in HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors.
CVE-2007-0910 2 Php, Trustix 2 Php, Secure Linux 2024-11-21 10.0 HIGH N/A
Unspecified vulnerability in PHP before 5.2.1 allows attackers to "clobber" certain super-global variables via unspecified vectors.
CVE-2007-0775 1 Mozilla 3 Firefox, Seamonkey, Thunderbird 2024-11-21 3.7 LOW N/A
Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allow remote attackers to cause a denial of service (crash) and potentially execute arbitrary code via certain vectors.
CVE-2007-0771 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2024-11-21 4.9 MEDIUM N/A
The utrace support in Linux kernel 2.6.18, and other versions, allows local users to cause a denial of service (system hang) related to "MT exec + utrace_attach spin failure mode," as demonstrated by ptrace-thrash.c.
CVE-2007-0720 2 Apple, Cups 2 Mac Os X, Cups 2024-11-21 5.0 MEDIUM N/A
The CUPS service on multiple platforms allows remote attackers to cause a denial of service (service hang) via a "partially-negotiated" SSL connection, which prevents other requests from being accepted.
CVE-2007-0671 1 Microsoft 14 Access, Excel, Excel Viewer and 11 more 2024-11-21 9.3 HIGH N/A
Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks.
CVE-2007-0634 1 Sun 1 Solaris 2024-11-21 7.8 HIGH N/A
Unspecified vulnerability in Sun Solaris 10 before 20070130 allows remote attackers to cause a denial of service (system crash) via certain ICMP packets.
CVE-2007-0626 1 Drupal 1 Drupal 2024-11-21 6.5 MEDIUM N/A
The comment_form_add_preview function in comment.module in Drupal before 4.7.6, and 5.x before 5.1, and vbDrupal, allows remote attackers with "post comments" privileges and access to multiple input filters to execute arbitrary code by previewing comments, which are not processed by "normal form validation routines."
CVE-2007-0516 1 Yana Framework 1 Yana Framework 2024-11-21 4.9 MEDIUM N/A
Yana Framework before 2.8.5a allows remote authenticated users with permissions to modify a guestbook profile to modify or delete arbitrary guestbook profiles via unspecified vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-0515 1 Microsoft 4 Office, Word, Word Viewer and 1 more 2024-11-21 9.3 HIGH N/A
Unspecified vulnerability in Microsoft Word allows user-assisted remote attackers to execute arbitrary code on Word 2000, and cause a denial of service on Word 2003, via unknown attack vectors that trigger memory corruption, as exploited by Trojan.Mdropper.W and later by Trojan.Mdropper.X, a different issue than CVE-2006-6456, CVE-2006-5994, and CVE-2006-6561.
CVE-2007-0459 1 Wireshark 1 Wireshark 2024-11-21 5.0 MEDIUM N/A
packet-tcp.c in the TCP dissector in Wireshark (formerly Ethereal) 0.99.2 through 0.99.4 allows remote attackers to cause a denial of service (application crash or hang) via fragmented HTTP packets.
CVE-2007-0458 1 Wireshark 1 Wireshark 2024-11-21 4.3 MEDIUM N/A
Unspecified vulnerability in the HTTP dissector in Wireshark (formerly Ethereal) 0.99.3 and 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors, a different issue than CVE-2006-5468.