Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-0745 | 1 Apple | 1 Mac Os X Server | 2017-07-28 | 7.1 HIGH | N/A |
| The Apple Security Update 2007-004 uses an incorrect configuration file for FTPServer in Apple Mac OS X Server 10.4.9, which might allow remote authenticated users to access additional directories. | |||||
| CVE-2007-0748 | 1 Apple | 2 Darwin Streaming Server, Mac Os X Server | 2017-07-28 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allows remote attackers to execute arbitrary code via multiple trackID values in a SETUP RTSP request. | |||||
| CVE-2007-0749 | 1 Apple | 2 Darwin Streaming Server, Mac Os X Server | 2017-07-28 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in the is_command function in proxy.c in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allow remote attackers to execute arbitrary code via a long (1) cmd or (2) server value in an RTSP request. | |||||
| CVE-2007-0750 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-28 | 9.3 HIGH | N/A |
| Integer overflow in CoreGraphics in Apple Mac OS X 10.4 up to 10.4.9 allows remote user-assisted attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted PDF file. | |||||
| CVE-2007-0751 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-28 | 2.1 LOW | N/A |
| A cleanup script in crontabs in Apple Mac OS X 10.3.9 and 10.4.9 might delete filesystems that have been mounted in /tmp, which might allow local users to cause a denial of service, related to the find command. | |||||
| CVE-2007-0752 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-28 | 7.2 HIGH | N/A |
| The PPP daemon (pppd) in Apple Mac OS X 10.4.8 checks ownership of the stdin file descriptor to determine if the invoker has sufficient privileges, which allows local users to load arbitrary plugins and gain root privileges by bypassing this check. | |||||
| CVE-2007-0758 | 1 Phpprobid | 1 Phpprobid | 2017-07-28 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in lang.php in PHPProbid 5.24 allows remote attackers to execute arbitrary PHP code via a URL in the SRC attribute of an HTML element in the lang parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-0767 | 1 Phorum | 1 Phorum | 2017-07-28 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the core in Phorum before 5.1.18 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2007-0772 | 1 Linux | 1 Linux Kernel | 2017-07-28 | 7.8 HIGH | N/A |
| The Linux kernel 2.6.13 and other versions before 2.6.20.1 allows remote attackers to cause a denial of service (oops) via a crafted NFSACL 2 ACCESS request that triggers a free of an incorrect pointer. | |||||
| CVE-2007-0787 | 1 Simple Invoices | 1 Simple Invoices | 2017-07-28 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in controller.php in Simple Invoices before 20070202 allows remote attackers to execute arbitrary PHP code via a URL in the (1) module or (2) view parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-0788 | 1 Mediawiki | 1 Mediawiki | 2017-07-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in MediaWiki 1.9.x before 1.9.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "sortable tables JavaScript." | |||||
| CVE-2007-0796 | 1 Bluecoat | 1 Winproxy | 2017-07-28 | 7.5 HIGH | N/A |
| Blue Coat Systems WinProxy 6.1a and 6.0 r1c, and possibly earlier, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long HTTP CONNECT request, which triggers heap corruption. | |||||
| CVE-2007-0819 | 1 Hp | 1 Network Node Manager | 2017-07-28 | 7.2 HIGH | N/A |
| HP Network Node Manager (NNM) Remote Console 7.50, 7.51, and 7.53 assigns Everyone Full Control permission for the %PROGRAMFILES%\HP OpenView directory tree, which allows local users to gain privileges via a Trojan horse executable file or ActiveX component, or a modified bin\ovtrcsvc.exe for the HP Open View Shared Trace Service. | |||||
| CVE-2007-0820 | 1 Cedric | 1 Claire Portailphp | 2017-07-28 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Cedric CLAIRE PortailPhp 2 allow remote attackers to execute arbitrary PHP code via a URL in the chemin parameter to (1) mod_news/index.php, (2) mod_news/goodies.php, or (3) mod_search/index.php. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-0829 | 1 Alwil | 1 Avast Antivirus | 2017-07-28 | 4.4 MEDIUM | N/A |
| avast! Server Edition before 4.7.726 does not demand a password in a certain intended context, even when a password has been set, which allows local users to bypass authentication requirements. | |||||
| CVE-2007-0834 | 1 Darrens 5-dollar Script Archive | 1 Flashchat | 2017-07-28 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in FlashChat 4.7.8 allows remote attackers to inject arbitrary web script or HTML via the user name field when the user joins a chat room, a different vulnerability than CVE-2007-0807. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-0835 | 1 Coppermine | 1 Coppermine Photo Gallery | 2017-07-28 | 6.5 MEDIUM | N/A |
| admin.php in Coppermine Photo Gallery 1.4.10, and possibly earlier, allows remote authenticated users to execute arbitrary shell commands via shell metacharacters (";" semicolon) in the "Command line options for ImageMagick" form field, when used as an option to ImageMagick's convert command. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-0836 | 1 Coppermine | 1 Coppermine Photo Gallery | 2017-07-28 | 4.0 MEDIUM | N/A |
| admin.php in Coppermine Photo Gallery 1.4.10, and possibly earlier, allows remote authenticated users to include arbitrary local and possibly remote files via the (1) "Path to custom header include" and (2) "Path to custom footer include" form fields. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-0838 | 1 Freeproxy | 1 Freeproxy | 2017-07-28 | 5.0 MEDIUM | N/A |
| FreeProxy before 3.92 Build 1626 allows malicious users to cause a denial of service (infinite loop) via a HOST: header with a hostname and port number that refers to the server itself. | |||||
| CVE-2007-0851 | 1 Trend Micro | 23 Client-server-messaging Suite Smb, Client-server Suite Smb, Control Manager and 20 more | 2017-07-28 | 9.3 HIGH | N/A |
| Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable. | |||||