Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-4495 | 1 Sun | 1 Solaris | 2011-03-07 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the ata disk driver in Sun Solaris 10 on the x86 platform before 20070821 allows local users to cause a denial of service (system panic) via an unspecified ioctl function, aka Bug 6433124. | |||||
| CVE-2007-4516 | 1 Symantec Veritas | 1 Storage Foundation | 2011-03-07 | 4.3 MEDIUM | N/A |
| The Volume Manager Scheduler Service (aka VxSchedService.exe) in Symantec Veritas Storage Foundation 5.0 for Windows allows remote attackers to cause a denial of service (daemon crash or hang) via malformed packets. | |||||
| CVE-2007-4542 | 1 University Of Minnesota | 1 Mapserver | 2011-03-07 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MapServer before 4.10.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the (1) processLine function in maptemplate.c and the (2) writeError function in mapserv.c in the mapserv CGI program. | |||||
| CVE-2007-4559 | 1 Python Software Foundation | 1 Python | 2011-03-07 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267. | |||||
| CVE-2007-4561 | 1 Realnetworks | 1 Helix Dna Server | 2011-03-07 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the RTSP service in Helix DNA Server before 11.1.4 allows remote attackers to execute arbitrary code via an RSTP command containing multiple Require headers. | |||||
| CVE-2007-4650 | 1 Bharat Mediratta | 1 Gallery | 2011-03-07 | 6.4 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in Gallery before 2.2.3 allow attackers to (1) rename items, (2) read and modify item properties, or (3) lock and replace items via unknown vectors in (a) the WebDAV module; and (4) edit unspecified data files using "linked items" in WebDAV and (b) Reupload modules. | |||||
| CVE-2007-4668 | 1 Firebirdsql | 1 Firebird | 2011-03-07 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the server in Firebird before 2.0.2 allows remote attackers to determine the existence of arbitrary files, and possibly obtain other "file access," via unknown vectors, aka CORE-1312. | |||||
| CVE-2007-3763 | 1 Asterisk | 4 Asterisk, Asterisk Appliance Developer Kit, Asterisknow and 1 more | 2011-03-07 | 5.0 MEDIUM | N/A |
| The IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (crash) via a crafted (1) LAGRQ or (2) LAGRP frame that contains information elements of IAX frames, which results in a NULL pointer dereference when Asterisk does not properly set an associated variable. | |||||
| CVE-2007-3794 | 6 Hitachi, Hp, Ibm and 3 more | 16 Cosminexus Application Server, Cosminexus Client, Cosminexus Developer and 13 more | 2011-03-07 | 10.0 HIGH | N/A |
| Buffer overflow in Hitachi Cosminexus V4 through V7, Processing Kit for XML before 20070511, Developer's Kit for Java before 20070312, and third-party products that use this software, allows attackers to have an unknown impact via certain GIF images, related to use of GIF image processing APIs by a Java application. | |||||
| CVE-2007-3918 | 1 Gforge | 1 Gforge | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in account/verify.php in GForge 4.6b2 allows remote attackers to inject arbitrary web script or HTML via the confirm_hash parameter. | |||||
| CVE-2007-3926 | 1 Ipswitch | 1 Imail Server | 2011-03-07 | 7.8 HIGH | N/A |
| Ipswitch IMail Server 2006 before 2006.21 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors involving an "overwritten destructor." | |||||
| CVE-2007-3959 | 1 Ipswitch | 2 Imserver, Ipswitch Collaboration Suite | 2011-03-07 | 5.0 MEDIUM | N/A |
| The IM Server (aka IMserve or IMserver) 2.0.5.30 and probably earlier in Ipswitch Instant Messaging before 2.07 in Ipswitch Collaboration Suite (ICS) allows remote attackers to cause a denial of service (daemon crash) via certain data to TCP port 5179 that overwrites a destructor, as reachable by the (1) DoAttachVideoSender, (2) DoAttachVideoReceiver, (3) DoAttachAudioSender, and (4) DoAttachAudioReceiver functions. | |||||
| CVE-2007-3960 | 1 Ibm | 1 Websphere Application Server | 2011-03-07 | 9.3 HIGH | N/A |
| Multiple unspecified vulnerabilities in IBM WebSphere Application Server (WAS) before Fix Pack 21 (6.0.2.21) have unknown impact and attack vectors, aka (1) PK33799, or (2) a "Potential security exposure" in the Samples component (PK40213). | |||||
| CVE-2007-3991 | 1 Asp Indir | 1 Cvmatik | 2011-03-07 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in cv.asp in Asp cvmatik 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) Adiniz (Ady), (2) Soyadiniz (Soyady), (3) Ehliyet, (4) Askerlik, and (5) GSM parameters; and possibly other unspecified vectors. | |||||
| CVE-2007-4013 | 2 Citrix, Mozilla | 3 Access Gateway, Endpoint Analysis Client, Firefox | 2011-03-07 | 9.3 HIGH | N/A |
| Multiple unspecified vulnerabilities in (1) Net6Helper.DLL (aka Net6Launcher Class) 4.5.2 and earlier, (2) npCtxCAO.dll (aka Citrix Endpoint Analysis Client) in a Firefox plugin directory, and (3) a second npCtxCAO.dll (aka CCAOControl Object) before 4.5.0.0 in Citrix Access Gateway Standard Edition before 4.5.5 and Advanced Edition before 4.5 HF1 have unknown impact and attack vectors, possibly related to buffer overflows. NOTE: vector 3 might overlap CVE-2007-3679. | |||||
| CVE-2007-4016 | 1 Citrix | 1 Access Gateway | 2011-03-07 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the client components in Citrix Access Gateway Standard Edition before 4.5.5 and Advanced Edition before 4.5 HF1 allows attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2007-4096 | 1 Tor | 1 Tor | 2011-03-07 | 5.8 MEDIUM | N/A |
| Buffer overflow in Tor before 0.1.2.15, when using BSD natd support, allows remote attackers to cause a denial of service via unspecified vectors. | |||||
| CVE-2007-4097 | 1 Tor | 1 Tor | 2011-03-07 | 6.4 MEDIUM | N/A |
| Tor before 0.1.2.15 sends "destroy cells" containing the reason for tearing down a circuit, which allows remote attackers to obtain sensitive information, contrary to specifications. | |||||
| CVE-2007-4098 | 1 Tor | 1 Tor | 2011-03-07 | 5.8 MEDIUM | N/A |
| Tor before 0.1.2.15 does not properly distinguish "streamids from different exits," which might allow remote attackers with control over Tor routers to inject cells into arbitrary streams. | |||||
| CVE-2007-4099 | 1 Tor | 1 Tor | 2011-03-07 | 5.8 MEDIUM | N/A |
| Tor before 0.1.2.15 can select a guard node beyond the first listed never-before-connected-to guard node, which allows remote attackers with control of certain guard nodes to obtain sensitive information and possibly leverage further attacks. | |||||