Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-0853 | 1 Techexcel Inc. | 1 Devtrack | 2017-07-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in DevTrack 6.0.3 allows remote attackers to execute arbitrary SQL commands via the Username form field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-0855 | 1 Rarlab | 1 Unrar | 2017-07-28 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in RARLabs Unrar, as packaged in WinRAR and possibly other products, allows user-assisted remote attackers to execute arbitrary code via a crafted, password-protected archive. | |||||
| CVE-2007-0856 | 1 Trend Micro | 8 Client-server-messaging Security, Damage Cleanup Services, Pc-cillin Internet Security and 5 more | 2017-07-28 | 7.2 HIGH | N/A |
| TmComm.sys 1.5.0.1052 in the Trend Micro Anti-Rootkit Common Module (RCM), with the VsapiNI.sys 3.320.0.1003 scan engine, as used in Trend Micro PC-cillin Internet Security 2007, Antivirus 2007, Anti-Spyware for SMB 3.2 SP1, Anti-Spyware for Consumer 3.5, Anti-Spyware for Enterprise 3.0 SP2, Client / Server / Messaging Security for SMB 3.5, Damage Cleanup Services 3.2, and possibly other products, assigns Everyone write permission for the \\.\TmComm DOS device interface, which allows local users to access privileged IOCTLs and execute arbitrary code or overwrite arbitrary memory in the kernel context. | |||||
| CVE-2007-0857 | 1 Moinmoin | 1 Moinmoin | 2017-07-28 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin before 1.5.7 allow remote attackers to inject arbitrary web script or HTML via (1) the page info, or the page name in a (2) AttachFile, (3) RenamePage, or (4) LocalSiteMap action. | |||||
| CVE-2007-0872 | 1 Plain Old Webserver | 1 Plain Old Webserver | 2017-07-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Plain Old Webserver (POW) add-on before 0.0.9 for Mozilla Firefox allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | |||||
| CVE-2007-0879 | 1 Smidgeonsoft | 1 Pebrowse | 2017-07-28 | 9.3 HIGH | N/A |
| Buffer overflow in SmidgeonSoft PEBrowse Professional 8.2.1.0 allows user-assisted remote attackers to execute arbitrary code via certain executable files in PE format. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-0884 | 1 Roaring Penguin | 1 Mimedefang | 2017-07-28 | 7.5 HIGH | N/A |
| Buffer overflow in Roaring Penguin MIMEDefang 2.59 and 2.60 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unspecified vectors. | |||||
| CVE-2007-0896 | 2 Mozilla, Sage | 2 Firefox, Sage | 2017-07-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the (1) Sage before 1.3.10, and (2) Sage++ extensions for Firefox, allows remote attackers to inject arbitrary web script or HTML via a "<SCRIPT/=''SRC='" sequence in an RSS feed, a different vulnerability than CVE-2006-4712. | |||||
| CVE-2007-0897 | 1 Clam Anti-virus | 1 Clamav | 2017-07-28 | 4.3 MEDIUM | N/A |
| Clam AntiVirus ClamAV before 0.90 does not close open file descriptors under certain conditions, which allows remote attackers to cause a denial of service (file descriptor consumption and failed scans) via CAB archives with a cabinet header record length of zero, which causes a function to return without closing a file descriptor. | |||||
| CVE-2007-0898 | 1 Clam Anti-virus | 1 Clamav | 2017-07-28 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in clamd in Clam AntiVirus ClamAV before 0.90 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the id MIME header parameter in a multi-part message. | |||||
| CVE-2007-0900 | 1 Tagit | 1 Tagboard | 2017-07-28 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in TagIt! Tagboard 2.1.B Build 2 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) configpath parameter to (a) tagviewer.php, (b) tag_process.php, and (c) CONFIG/errmsg.inc.php; and (d) addTagmin.php, (e) ban_watch.php, (f) delTagmin.php, (g) delTag.php, (h) editTagmin.php, (i) editTag.php, (j) manageTagmins.php, and (k) verify.php in tagmin/; the (2) adminpath parameter to (l) tagviewer.php, (m) tag_process.php, and (n) tagmin/index.php; and the (3) admin parameter to (o) readconf.php, (p) updateconf.php, (q) updatefilter.php, and (r) wordfilter.php in tagmin/; different vectors than CVE-2006-5249. | |||||
| CVE-2007-0903 | 1 Process-one | 1 Ejabberd | 2017-07-28 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the mod_roster_odbc module in ejabberd before 1.1.3 has unknown impact and attack vectors. | |||||
| CVE-2007-0915 | 1 Hp | 1 Hp-ux | 2017-07-28 | 10.0 HIGH | N/A |
| Distributed SLS daemon (SLSd) on HP-UX B.11.11 allows remote attackers to overwrite arbitrary files and gain privileges via a crafted RPC request. | |||||
| CVE-2007-0933 | 2 D-link, Microsoft | 2 Dwl-g650\+, Windows Xp | 2017-07-28 | 7.8 HIGH | N/A |
| Buffer overflow in the wireless driver 6.0.0.18 for D-Link DWL-G650+ (Rev. A1) on Windows XP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a beacon frame with a long TIM Information Element. | |||||
| CVE-2007-0952 | 1 Scriptsez.net | 1 Virtual Calendar | 2017-07-28 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Scriptsez.net Virtual Calendar allow remote attackers to inject arbitrary web script or HTML via the (1) t and (2) yr parameters, and the (3) sho parameter when the m parameter is outside the intended range. | |||||
| CVE-2007-0953 | 1 Atmail | 1 Atmail Webmail | 2017-07-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in search.pl in @Mail 4.61 and earlier allows remote attackers to inject arbitrary web script or HTML via the keywords parameter. | |||||
| CVE-2007-0966 | 1 Cisco | 1 Firewall Services Module | 2017-07-28 | 7.8 HIGH | N/A |
| Cisco Firewall Services Module (FWSM) 3.x before 3.1(3.11), when the HTTPS server is enabled, allows remote attackers to cause a denial of service (device reboot) via certain HTTPS traffic. | |||||
| CVE-2007-0967 | 1 Cisco | 1 Firewall Services Module | 2017-07-28 | 7.8 HIGH | N/A |
| Cisco Firewall Services Module (FWSM) 3.x before 3.1(3.1) allows remote attackers to cause a denial of service (device reboot) via malformed SNMP requests. | |||||
| CVE-2007-0968 | 1 Cisco | 1 Firewall Services Module | 2017-07-28 | 9.0 HIGH | N/A |
| Unspecified vulnerability in Cisco Firewall Services Module (FWSM) before 2.3(4.7) and 3.x before 3.1(3.1) causes the access control entries (ACE) in an ACL to be improperly evaluated, which allows remote authenticated users to bypass intended certain ACL protections. | |||||
| CVE-2007-0978 | 1 Ibm | 1 Aix | 2017-07-28 | 7.2 HIGH | N/A |
| Buffer overflow in swcons in IBM AIX 5.3 allows local users to gain privileges via long input data. | |||||