Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0016 | 6 Cisco, Gnu, Hp and 3 more | 8 Ios, Inet, Hp-ux and 5 more | 2008-09-09 | 5.0 MEDIUM | N/A |
| Land IP denial of service. | |||||
| CVE-1999-0066 | 1 John S. Roberts | 1 Anyform | 2008-09-09 | 7.5 HIGH | N/A |
| AnyForm CGI remote execution. | |||||
| CVE-1999-0134 | 1 Sun | 1 Sunos | 2008-09-09 | 7.2 HIGH | N/A |
| vold in Solaris 2.x allows local users to gain root access. | |||||
| CVE-1999-0067 | 2 Apache, Ncsa | 2 Http Server, Ncsa Httpd | 2008-09-09 | 10.0 HIGH | N/A |
| phf CGI program allows remote command execution through shell metacharacters. | |||||
| CVE-1999-0068 | 1 Php | 1 Php | 2008-09-09 | 7.5 HIGH | N/A |
| CGI PHP mylog script allows an attacker to read any file on the target server. | |||||
| CVE-1999-0141 | 1 Netscape | 1 Navigator | 2008-09-09 | 3.7 LOW | N/A |
| Java Bytecode Verifier allows malicious applets to execute arbitrary commands as the user of the applet. | |||||
| CVE-2008-0285 | 1 Ngircd | 1 Ngircd | 2008-09-05 | 5.0 MEDIUM | N/A |
| ngIRCd 0.10.x before 0.10.4 and 0.11.0 before 0.11.0-pre2 allows remote attackers to cause a denial of service (crash) via crafted IRC PART message, which triggers an invalid dereference. | |||||
| CVE-2007-6099 | 1 Ingate | 2 Ingate Firewall, Ingate Siparator | 2008-09-05 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 might leave "media pinholes" open upon a restart of the SIP module, which might make it easier for remote attackers to conduct unauthorized activities. | |||||
| CVE-2007-5551 | 1 Cisco | 1 Ios | 2008-09-05 | 7.1 HIGH | N/A |
| Off-by-one error in Cisco IOS allows remote attackers to execute arbitrary code via unspecified vectors that trigger a heap-based buffer overflow. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2007-5906 | 1 Xensource Inc | 1 Xen | 2008-09-05 | 4.7 MEDIUM | N/A |
| Xen 3.1.1 allows virtual guest system users to cause a denial of service (hypervisor crash) by using a debug register (DR7) to set certain breakpoints. | |||||
| CVE-2007-4500 | 1 Sshkeychain | 1 Sshkeychain | 2008-09-05 | 6.9 MEDIUM | N/A |
| Unspecified vulnerability in TunnelRunner in SSHKeychain before 0.8.2 beta, and possibly later versions, allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2007-4626 | 1 Polipo | 1 Polipo | 2008-09-05 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Polipo before 1.0.2 allows remote attackers to cause a denial of service (daemon crash) via certain network traffic associated with entities larger than 2 Gb. | |||||
| CVE-2007-4462 | 1 Po4a | 1 Po4a | 2008-09-05 | 3.3 LOW | N/A |
| lib/Locale/Po4a/Po.pm in po4a before 0.32 allows local users to overwrite arbitrary files via a symlink attack on the gettextization.failed.po temporary file. | |||||
| CVE-2007-4501 | 1 Sshkeychain | 1 Sshkeychain | 2008-09-05 | 6.9 MEDIUM | N/A |
| Unspecified vulnerability in PassphraseRequester in SSHKeychain before 0.8.2 beta allows attackers to obtain sensitive information (passwords) via unknown vectors, related to "poor protection." | |||||
| CVE-2007-4460 | 1 Id3lib | 1 Id3lib | 2008-09-05 | 7.2 HIGH | N/A |
| The RenderV2ToFile function in tag_file.cpp in id3lib (aka libid3) 3.8.3 allows local users to overwrite arbitrary files via a symlink attack on a temporary file whose name is constructed from the name of a file being tagged. | |||||
| CVE-2007-4535 | 1 Vavoom | 1 Vavoom | 2008-09-05 | 4.3 MEDIUM | N/A |
| The VStr::Resize function in str.cpp in Vavoom 1.24 and earlier allows remote attackers to cause a denial of service (daemon crash) via a string with a negative NewLen value within a certain UDP packet that triggers an assertion error. | |||||
| CVE-2007-4534 | 1 Vavoom | 1 Vavoom | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in the VThinker::BroadcastPrintf function in p_thinker.cpp in Vavoom 1.24 and earlier allows remote attackers to execute arbitrary code via (1) a long string in a chat message and possibly (2) a long name field. | |||||
| CVE-2007-4006 | 1 Mike Dubman | 1 Windows Rsh Daemon | 2008-09-05 | 6.8 MEDIUM | N/A |
| Buffer overflow in Mike Dubman Windows RSH daemon (rshd) 1.7 has unknown impact and remote attack vectors, aka ZD-00000034. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine. | |||||
| CVE-2007-4306 | 1 Phpmyadmin | 1 Phpmyadmin | 2008-09-05 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.10.3 allow remote attackers to inject arbitrary web script or HTML via the (1) unlim_num_rows, (2) sql_query, or (3) pos parameter to (a) tbl_export.php; the (4) session_max_rows or (5) pos parameter to (b) sql.php; the (6) username parameter to (c) server_privileges.php; or the (7) sql_query parameter to (d) main.php. NOTE: vector 5 might be a regression or incomplete fix for CVE-2006-6942.7. | |||||
| CVE-2007-4305 | 5 Netbsd, Openbsd, Sysjail and 2 more | 5 Netbsd, Openbsd, Sysjail and 2 more | 2008-09-05 | 6.2 MEDIUM | N/A |
| Multiple race conditions in the (1) Sudo monitor mode and (2) Sysjail policies in Systrace on NetBSD and OpenBSD allow local users to defeat system call interposition, and consequently bypass access control policy and auditing. | |||||