Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-6273 | 1 Sonicwall | 1 Global Vpn Client | 2011-03-07 | 9.3 HIGH | N/A |
| Multiple format string vulnerabilities in the configuration file in SonicWALL GLobal VPN Client 3.1.556 and 4.0.0.810 allow user-assisted remote attackers to execute arbitrary code via format string specifiers in the (1) Hostname tag or the (2) name attribute in the Connection tag. NOTE: there might not be any realistic circumstances in which this issue crosses privilege boundaries. | |||||
| CVE-2007-6293 | 1 Ibm | 1 Hardware Management Console | 2011-03-07 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in IBM Hardware Management Console (HMC) 6 R1.3 allow attackers to gain privileges via "some HMC commands." | |||||
| CVE-2007-6305 | 3 Ibm, Linux, Unix | 3 Hardware Management Console, Linux Kernel, Unix | 2011-03-07 | 4.6 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in IBM Hardware Management Console (HMC) 7 R3.2.0 allow attackers to gain privileges via "some HMC commands." | |||||
| CVE-2007-6313 | 1 Mysql | 1 Mysql Community Server | 2011-03-07 | 6.5 MEDIUM | N/A |
| MySQL Server 5.1.x before 5.1.23 and 6.0.x before 6.0.4 does not check the rights of the entity executing BINLOG, which allows remote authorized users to execute arbitrary BINLOG statements. | |||||
| CVE-2007-6337 | 2 Clam Anti-virus, Gentoo | 2 Clamav, Linux | 2011-03-07 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the bzip2 decompression algorithm in nsis/bzlib_private.h in ClamAV before 0.92 has unknown impact and remote attack vectors. | |||||
| CVE-2007-6343 | 1 Hp | 1 Openview Network Node Manager | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2007-6356 | 1 Aertherwide | 1 Exiftags | 2011-03-07 | 5.0 MEDIUM | N/A |
| exiftags before 1.01 allows attackers to cause a denial of service (infinite loop) via recursive IFD references in the EXIF data in a JPEG image. | |||||
| CVE-2007-6371 | 1 Nokia | 1 N95 | 2011-03-07 | 7.1 HIGH | N/A |
| Nokia N95 cell phone with RM-159 12.0.013 firmware allows remote attackers to cause a denial of service (device inoperability) via a SIP INVITE message accompanied by an immediately subsequent SIP CANCEL message, followed by a second SIP INVITE message in a different session. | |||||
| CVE-2007-6383 | 1 Chandler Project | 1 Chandler Server | 2011-03-07 | 5.5 MEDIUM | N/A |
| The DAV component in Chandler Server (Cosmo) before 0.10.1 does not check resource creation permissions, which allows remote authenticated users to create arbitrary resources in another user's home collection. | |||||
| CVE-2007-6433 | 1 Jboss | 1 Seam | 2011-03-07 | 7.5 HIGH | N/A |
| The getRenderedEjbql method in the org.jboss.seam.framework.Query class in JBoss Seam 2.x before 2.0.0.CR3 allows remote attackers to inject and execute arbitrary EJBQL commands via the order parameter. | |||||
| CVE-2007-6434 | 1 Linux | 1 Linux Kernel | 2011-03-07 | 2.1 LOW | N/A |
| Linux kernel 2.6.23 allows local users to create low pages in virtual userspace memory and bypass mmap_min_addr protection via a crafted executable file that calls the do_brk function. | |||||
| CVE-2007-6465 | 1 Ganglia | 1 Ganglia | 2011-03-07 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ganglia-web in Ganglia before 3.0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) c and (2) h parameters to (a) web/host_gmetrics.php; the (3) G, (4) me, (5) x, (6) n, (7) v, (8) l, (9) vl, and (10) st parameters to (b) web/graph.php; and the (11) c, (12) G, (13) h, (14) r, (15) m, (16) s, (17) cr, (18) hc, (19) sh, (20) p, (21) t, (22) jr, (23) js, (24) gw, (25) z, and (26) gs parameters to (c) web/get_context.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-6468 | 1 Hammer Of Thyrion | 1 Hammer Of Thyrion | 2011-03-07 | 9.3 HIGH | N/A |
| Buffer overflow in the HuffDecode function in hw_utils/hwrcon/huffman.c and hexenworld/Client/huffman.c in Hammer of Thyrion 1.4.2 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted huffman encoded packet. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-5602 | 1 Swiftview | 1 Viewer | 2011-03-07 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in SwiftView Viewer before 8.3.5, as used by SwiftView and SwiftSend, allow remote attackers to execute arbitrary code via unspecified vectors to the (1) svocx.ocx ActiveX control or the (2) npsview.dll plugin for Mozilla and Firefox. | |||||
| CVE-2007-5623 | 1 Nagios | 1 Plugins | 2011-03-07 | 5.0 MEDIUM | N/A |
| Buffer overflow in the check_snmp function in Nagios Plugins (nagios-plugins) 1.4.10 allows remote attackers to cause a denial of service (crash) via crafted snmpget replies. | |||||
| CVE-2007-5665 | 1 Novell | 1 Zenworks Endpoint Security Management | 2011-03-07 | 7.2 HIGH | N/A |
| STEngine.exe 3.5.0.20 in Novell ZENworks Endpoint Security Management (ESM) 3.5, and other ESM versions before 3.5.0.82, dynamically creates scripts in a world-writable directory when generating diagnostic reports, which allows local users to gain privileges, as demonstrated by creating a cmd.exe binary in the diagnostic report directory. | |||||
| CVE-2007-5767 | 1 Novell | 1 Bordermanager | 2011-03-07 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the Client Trust application (clntrust.exe) in Novell BorderManager 3.8 before Update 1.5 allows remote attackers to execute arbitrary code via a validation request in which the Novell tree name is not properly delimited with a wide-character backslash or NULL character. | |||||
| CVE-2007-5793 | 1 Stonesoft | 1 Stonegate Ips | 2011-03-07 | 7.1 HIGH | N/A |
| Stonesoft StoneGate IPS before 4.0 does not properly decode Fullwidth/Halfwidth Unicode encoded data, which makes it easier for remote attackers to scan or penetrate systems and avoid detection. | |||||
| CVE-2007-5797 | 1 Apache | 1 Geronimo | 2011-03-07 | 7.5 HIGH | N/A |
| SQLLoginModule in Apache Geronimo 2.0 through 2.1 does not throw an exception for a nonexistent username, which allows remote attackers to bypass authentication via a login attempt with any username not contained in the database. | |||||
| CVE-2007-5809 | 1 Hitachi | 14 Cosminexus Application Server Enterprise, Cosminexus Application Server Standard, Cosminexus Developer Light Version 6 and 11 more | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Hitachi Web Server 01-00 through 03-10, as used by certain Cosminexus products, allows remote attackers to inject arbitrary web script or HTML via unspecified HTTP requests that trigger creation of a server-status page. | |||||