Total
31204 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-5270 | 1 Bendiken | 1 Boost Module For Drupal | 2024-11-21 | N/A |
| Unspecified vulnerability in the Boost module before 4.7.x-1.0, and 5.x before 5.x-1.0, for Drupal allows remote attackers to create or overwrite arbitrary files, and conduct cross-site scripting attacks (XSS) via unspecified vectors. | ||||
| CVE-2007-5268 | 2 Canonical, Libpng | 2 Ubuntu Linux, Libpng | 2024-11-21 | N/A |
| pngrtran.c in libpng before 1.0.29 and 1.2.x before 1.2.21 use (1) logical instead of bitwise operations and (2) incorrect comparisons, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG image. | ||||
| CVE-2007-5188 | 1 Xoops | 1 Xoops | 2024-11-21 | N/A |
| Unspecified vulnerability in the XOOPS uploader class in Xoops 2.0.17.1-RC1 and earlier allows remote attackers to upload arbitrary files via unspecified vectors related to improper upload configuration settings in class/uploader.php and class/mimetypes.inc.php, possibly an incomplete blacklist that omits the .php4 extension. | ||||
| CVE-2007-5126 | 1 Symantec | 1 Veritas Backup Exec | 2024-11-21 | N/A |
| Unspecified vulnerability in the client in Symantec Veritas Backup Exec for Windows Servers 11d has unknown impact and remote attack vectors. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine. | ||||
| CVE-2007-5118 | 1 Sun | 1 Solaris | 2024-11-21 | N/A |
| Unspecified vulnerability in the HID (Human Interface Device) class driver in Sun Solaris 8, 9, and 10 before 20070925 allows local users to cause a denial of service (panic) via unspecified vectors. | ||||
| CVE-2007-5111 | 1 Eb Design Pty Ltd | 1 Ebcrypt | 2024-11-21 | N/A |
| A certain ActiveX control in EBCRYPT.DLL 2.0 in EB Design ebCrypt allows remote attackers to cause a denial of service (crash) via a string argument to the AddString method. | ||||
| CVE-2007-5108 | 1 Ask.com | 1 Ask Toolbar | 2024-11-21 | N/A |
| Unspecified vulnerability in IAC Search & Media ask.com toolbar has unknown impact and remote attack vectors. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine. NOTE: this might be the same issue as CVE-2007-5107. | ||||
| CVE-2007-5025 | 1 Vmware | 1 Ace | 2024-11-21 | N/A |
| Unspecified vulnerability in EMC VMware ACE before 1.0.3 Build 54075 allows attackers to have an unknown impact via an unspecified manipulation of "images stored in virtual machines downloaded by the user." | ||||
| CVE-2007-5020 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2024-11-21 | N/A |
| Unspecified vulnerability in Adobe Acrobat and Reader 8.1 on Windows allows remote attackers to execute arbitrary code via a crafted PDF file, related to the mailto: option and Internet Explorer 7 on Windows XP. NOTE: this information is based upon a vague pre-advisory by a reliable researcher. | ||||
| CVE-2007-4946 | 1 Jasmine Technologies | 1 Lettergrade | 2024-11-21 | N/A |
| LetterGrade allows remote attackers to obtain sensitive information (installation path or account existence) via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2007-4936 | 1 Office Efficiencies | 1 Safesquid | 2024-11-21 | N/A |
| Unspecified vulnerability in Office Efficiencies SafeSquid 4.1.x has unknown impact and attack vectors, related to a "serious security flaw," possibly specific to Linux. | ||||
| CVE-2007-4910 | 1 Netinvoicing | 1 Netinvoicing | 2024-11-21 | N/A |
| Unspecified vulnerability in netInvoicing before 2.7.3 has unknown impact and attack vectors, related to "security check soap". | ||||
| CVE-2007-4901 | 1 Aol | 3 Aim Lite, Aim Pro, Instant Messenger | 2024-11-21 | N/A |
| The embedded Internet Explorer server control in AOL Instant Messenger (AIM) 6.1.41.2 and 6.2.32.1, AIM Pro, and AIM Lite does not properly constrain the use of mshtml.dll's web script and HTML functionality for incoming instant messages, which allows remote attackers to place HTML into unexpected contexts or execute arbitrary code, as demonstrated by writing arbitrary HTML to a notification window, and writing contents of arbitrary local image files to this window via IMG SRC. | ||||
| CVE-2007-4898 | 1 Xwiki | 1 Xwiki | 2024-11-21 | N/A |
| Unspecified vulnerability in the Multiwiki plugin in XWiki before 1.1 Enterprise RC2 allows remote authenticated users, with administrative access to one wiki in a multiwiki environment, to obtain sensitive information via unknown attack vectors. NOTE: Some of these details are obtained from third party information. | ||||
| CVE-2007-4885 | 1 Avnex | 1 Av Mp3 Player | 2024-11-21 | N/A |
| Avnex AV MP3 Player allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed .au file that triggers a divide-by-zero error. | ||||
| CVE-2007-4884 | 1 Media Player Classic | 1 Media Player Classic | 2024-11-21 | N/A |
| Media Player Classic (MPC) allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed .au file that triggers a divide-by-zero error. | ||||
| CVE-2007-4839 | 1 Ibm | 1 Websphere Application Server | 2024-11-21 | N/A |
| Unspecified vulnerability in the PD tools component in IBM WebSphere Application Server (WAS) 6.1 before Fix Pack 11 (6.1.0.11) has unknown impact and attack vectors, aka PK33803. | ||||
| CVE-2007-4833 | 1 Ibm | 1 Websphere Application Server | 2024-11-21 | N/A |
| Unspecified vulnerability in the Edge Component in IBM WebSphere Application Server (WAS) 6.1 before Fix Pack 11 (6.1.0.11) has unknown impact and attack vectors, aka PK44789. | ||||
| CVE-2007-4826 | 2 Quagga, Redhat | 2 Quagga, Enterprise Linux | 2024-11-21 | N/A |
| bgpd in Quagga before 0.99.9 allows explicitly configured BGP peers to cause a denial of service (crash) via a malformed (1) OPEN message or (2) a COMMUNITY attribute, which triggers a NULL pointer dereference. NOTE: vector 2 only exists when debugging is enabled. | ||||
| CVE-2007-4788 | 1 Cisco | 2 Content Switching Module With Ssl, Content Switching Modules | 2024-11-21 | N/A |
| Cisco Content Switching Modules (CSM) 4.2 before 4.2.3a, and Cisco Content Switching Module with SSL (CSM-S) 2.1 before 2.1.2a, allow remote attackers to cause a denial of service (CPU consumption or reboot) via sets of out-of-order TCP packets with unspecified characteristics, aka CSCsd27478. | ||||