Total
9170 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-5541 | 1 Opera | 1 Opera Browser | 2017-07-28 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Opera before 9.24, when using an "external" newsgroup or e-mail client, allows remote attackers to execute arbitrary commands via unknown vectors. | |||||
| CVE-2007-5657 | 1 Tibco | 4 Ems Server, Enterprise Message Service, Rtworks and 1 more | 2017-07-28 | 10.0 HIGH | N/A |
| TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointer offsets. | |||||
| CVE-2007-5658 | 1 Tibco | 3 Enterprise Message Service, Rtworks, Smartsockets Rtserver | 2017-07-28 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing size and copy-length values that trigger the overflow. | |||||
| CVE-2007-5711 | 1 Massive Entertainment | 1 World In Conflict | 2017-07-28 | 5.0 MEDIUM | N/A |
| Massive Entertainment World in Conflict 1.001 and earlier allows remote attackers to cause a denial of service (failed assertion and daemon crash) via a large packet to TCP or UDP port 48000. | |||||
| CVE-2007-5762 | 1 Novell | 1 Netware Client | 2017-07-28 | 7.2 HIGH | N/A |
| NICM.SYS driver 3.0.0.4, as used in Novell NetWare Client 4.91 SP4, allows local users to execute arbitrary code by opening the \\.\nicm device and providing crafted kernel addresses via IOCTLs with the METHOD_NEITHER buffering mode. | |||||
| CVE-2007-5893 | 1 Alhem | 1 C\+\+ Sockets Library | 2017-07-28 | 5.0 MEDIUM | N/A |
| HTTPSocket.cpp in the C++ Sockets Library before 2.2.5 allows remote attackers to cause a denial of service (crash) via an HTTP request with a missing protocol version number, which triggers an exception. NOTE: some of these details were obtained from third party information. | |||||
| CVE-2007-5926 | 1 Openbase International Ltd | 1 Openbase | 2017-07-28 | 9.0 HIGH | N/A |
| OpenBase 10.0.5 and earlier allows remote authenticated users to execute arbitrary commands via shell metacharacters in arguments to the (1) AsciiBackup, (2) OEMLicenseInstall, and possibly other stored procedures. | |||||
| CVE-2007-4221 | 1 Motorola | 1 Timbuktu | 2017-07-28 | 10.0 HIGH | N/A |
| Multiple buffer overflows in Motorola Timbuktu Pro before 8.6.5 for Windows allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via (1) a long user name and (2) certain malformed requests; and (3) allow remote Timbuktu servers to have an unknown impact via a malformed HELLO response, related to the Scanner component and possibly related to a malformed computer name. | |||||
| CVE-2007-4391 | 1 Yahoo | 1 Messenger | 2017-07-28 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Kakadu kdu_v32m.dll in Yahoo! Messenger 8.1.0.413 allows remote attackers to cause a denial of service (application crash) via a certain length field in JPEG2000 data, as demonstrated by sending an "invite to view my webcam" request, and then injecting a DLL into the attacker's peer Yahoo! Messenger application when this request is accepted. | |||||
| CVE-2007-4459 | 1 Cisco | 2 Voip Phone Cp-7940, Voip Phone Cp-7960 | 2017-07-28 | 7.1 HIGH | N/A |
| Cisco IP Phone 7940 and 7960 with P0S3-08-6-00 firmware, and other SIP firmware before 8.7(0), allows remote attackers to cause a denial of service (device reboot) via (1) a certain sequence of 10 invalid SIP INVITE and OPTIONS messages; or (2) a certain invalid SIP INVITE message that contains a remote tag, followed by a certain set of two related SIP OPTIONS messages. | |||||
| CVE-2007-3654 | 1 Netbsd | 1 Netbsd | 2017-07-28 | 2.1 LOW | N/A |
| The display driver allocattr functions in NetBSD 3.0 through 4.0_BETA2, and NetBSD-current before 20070728, allow local users to cause a denial of service (panic) via a (1) negative or (2) large value in an ioctl call, as demonstrated by the vga_allocattr function. | |||||
| CVE-2007-3912 | 1 Debian | 1 Debian-goodies | 2017-07-28 | 7.2 HIGH | N/A |
| checkrestart in debian-goodies before 0.34 allows local users to gain privileges via shell metacharacters in the name of the executable file for a running process. | |||||
| CVE-2007-3913 | 1 Gforge | 1 Gforge | 2017-07-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Gforge before 3.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2007-2408 | 1 Apple | 1 Safari | 2017-07-28 | 6.8 MEDIUM | N/A |
| WebKit in Apple Safari 3 Beta before Update 3.0.3 does not properly recognize an unchecked "Enable Java" setting, which allows remote attackers to execute Java applets via a crafted web page. | |||||
| CVE-2007-2322 | 1 Nero | 2 Mediahome, Mediahome Ce | 2017-07-28 | 7.8 HIGH | N/A |
| NMMediaServer.exe in Nero MediaHome 2.5.5.0 and CE 1.3.0.4 allows remote attackers to cause a denial of service (NULL dereference and application crash) via a crafted packet that contains two CRLF sequences. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-1803 | 1 Maildwarf | 1 Maildwarf | 2017-07-28 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in MailDwarf 3.01 and earlier allows remote attackers to send e-mail to addresses different from the configured addresses. | |||||
| CVE-2007-1666 | 1 Datarescue | 1 Ida Pro | 2017-07-28 | 10.0 HIGH | N/A |
| The processor_request function in the debugger server for DataRescue IDA Pro 5.0 and 5.1 does not verify that authentication has taken place before invoking the perform_request function, which allows remote attackers to perform unauthorized actions. | |||||
| CVE-2007-1097 | 1 Wiclear | 1 Wiclear | 2017-07-28 | 10.0 HIGH | N/A |
| Unrestricted file upload vulnerability in the onAttachFiles function in the upload tool (inc/lib/attachment.lib.php) in Wiclear before 0.11.1 allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors related to filename validation. NOTE: some details were obtained from third party information. | |||||
| CVE-2003-1365 | 1 Perl | 1 Cgi Lite | 2017-07-28 | 5.0 MEDIUM | N/A |
| The escape_dangerous_chars function in CGI::Lite 2.0 and earlier does not correctly remove special characters including (1) "\" (backslash), (2) "?", (3) "~" (tilde), (4) "^" (carat), (5) newline, or (6) carriage return, which could allow remote attackers to read or write arbitrary files, or execute arbitrary commands, in shell scripts that rely on CGI::Lite to filter such dangerous inputs. | |||||
| CVE-2002-2237 | 1 Tftp | 1 Tftp Server | 2017-07-28 | 5.0 MEDIUM | N/A |
| tftp32 TFTP server 2.21 and earlier allows remote attackers to cause a denial of service via a GET request with a DOS device name such as com1 or aux. | |||||