Total
277464 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-0253 | 1 Grsecurity | 1 Grsecurity Kernel Patch | 2024-11-21 | N/A |
| Unspecified vulnerability in the grsecurity patch has unspecified impact and remote attack vectors, a different vulnerability than the expand_stack vulnerability from the Digital Armaments 20070110 pre-advisory. NOTE: the grsecurity developer has disputed this issue, stating that "the function they claim the vulnerability to be in is a trivial function, which can, and has been, easily checked for any supposed vulnerabilities." The developer also cites a past disclosure that was not proven | ||||
| CVE-2007-0252 | 1 Easy-content Filemanager | 1 Easy-content Filemanager | 2024-11-21 | N/A |
| Unspecified vulnerability in easy-content filemanager allows remote attackers to upload or modify arbitrary files via unspecified vectors. | ||||
| CVE-2007-0251 | 1 Snort | 1 Snort | 2024-11-21 | N/A |
| Integer underflow in the DecodeGRE function in src/decode.c in Snort 2.6.1.2 allows remote attackers to trigger dereferencing of certain memory locations via crafted GRE packets, which may cause corruption of log files or writing of sensitive information into log files. | ||||
| CVE-2007-0250 | 1 Nwom | 1 Nwom Topsites | 2024-11-21 | N/A |
| index.php in Nwom topsites 3.0 allows remote attackers to obtain potentially sensitive information via a ' (quote) character in the o parameter, which forces a SQL error. | ||||
| CVE-2007-0249 | 1 Nwom | 1 Nwom Topsites | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Nwom topsites 3.0 allows remote attackers to inject arbitrary web script or HTML via the o parameter. | ||||
| CVE-2007-0248 | 1 Squid | 1 Squid | 2024-11-21 | N/A |
| The aclMatchExternal function in Squid before 2.6.STABLE7 allows remote attackers to cause a denial of service (crash) by causing an external_acl queue overload, which triggers an infinite loop. | ||||
| CVE-2007-0247 | 1 Squid | 1 Squid | 2024-11-21 | N/A |
| squid/src/ftp.c in Squid before 2.6.STABLE7 allows remote FTP servers to cause a denial of service (core dump) via crafted FTP directory listing responses, possibly related to the (1) ftpListingFinish and (2) ftpHtmlifyListEntry functions. | ||||
| CVE-2007-0246 | 1 Gforge | 1 Gforge | 2024-11-21 | N/A |
| plugins/scmcvs/www/cvsweb.php in the CVSWeb CGI in GForge 4.5.16 before 20070524, aka gforge-plugin-scmcvs, allows remote attackers to execute arbitrary commands via shell metacharacters in the PATH_INFO. | ||||
| CVE-2007-0245 | 2 Openoffice, Redhat | 2 Openoffice, Enterprise Linux | 2024-11-21 | N/A |
| Heap-based buffer overflow in OpenOffice.org (OOo) 2.2.1 and earlier allows remote attackers to execute arbitrary code via a RTF file with a crafted prtdata tag with a length parameter inconsistency, which causes vtable entries to be overwritten. | ||||
| CVE-2007-0244 | 2 Debian, Poptop | 2 Debian Linux, Pptp Server | 2024-11-21 | N/A |
| pptpgre.c in PoPToP Point to Point Tunneling Server (pptpd) before 1.3.4 allows remote attackers to cause a denial of service (PPTP connection tear-down) via (1) GRE packets with out-of-order sequence numbers or (2) certain GRE packets that are processed using a wrong pointer and improperly dequeued. | ||||
| CVE-2007-0243 | 2 Redhat, Sun | 6 Enterprise Linux, Network Satellite, Rhel Extras and 3 more | 2024-11-21 | N/A |
| Buffer overflow in Sun JDK and Java Runtime Environment (JRE) 5.0 Update 9 and earlier, SDK and JRE 1.4.2_12 and earlier, and SDK and JRE 1.3.1_18 and earlier allows applets to gain privileges via a GIF image with a block with a 0 width field, which triggers memory corruption. | ||||
| CVE-2007-0242 | 2 Qt, Redhat | 2 Qt, Enterprise Linux | 2024-11-21 | N/A |
| The UTF-8 decoder in codecs/qutfcodec.cpp in Qt 3.3.8 and 4.2.3 does not reject long UTF-8 sequences as required by the standard, which allows remote attackers to conduct cross-site scripting (XSS) and directory traversal attacks via long sequences that decode to dangerous metacharacters. | ||||
| CVE-2007-0240 | 2 Redhat, Zope | 2 Rhel Cluster, Zope | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in Zope 2.10.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in a HTTP GET request. | ||||
| CVE-2007-0239 | 2 Openoffice, Redhat | 2 Openoffice, Enterprise Linux | 2024-11-21 | N/A |
| OpenOffice.org (OOo) Office Suite allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a prepared link in a crafted document. | ||||
| CVE-2007-0238 | 2 Openoffice, Redhat | 2 Openoffice, Enterprise Linux | 2024-11-21 | N/A |
| Stack-based buffer overflow in filter\starcalc\scflt.cxx in the StarCalc parser in OpenOffice.org (OOo) Office Suite before 2.2, and 1.x before 1.1.5 Patch, allows user-assisted remote attackers to execute arbitrary code via a document with a long Note. | ||||
| CVE-2007-0237 | 1 Lookup | 1 Lookup | 2024-11-21 | N/A |
| The ndeb-binary feature in Lookup (lookup-el) allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2007-0236 | 1 Apple | 1 Mac Os X | 2024-11-21 | N/A |
| Double free vulnerability in the _ATPsndrsp function in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to cause a denial of service (kernel panic) and possibly execute arbitrary code via a crafted AppleTalk request that triggers a heap-based buffer overflow. | ||||
| CVE-2007-0235 | 2 Libgtop, Redhat | 2 Libgtop, Enterprise Linux | 2024-11-21 | N/A |
| Stack-based buffer overflow in the glibtop_get_proc_map_s function in libgtop before 2.14.6 (libgtop2) allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a process with a long filename that is mapped in its address space, which triggers the overflow in gnome-system-monitor. | ||||
| CVE-2007-0233 | 1 Wordpress | 1 Wordpress | 2024-11-21 | N/A |
| wp-trackback.php in WordPress 2.0.6 and earlier does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary SQL commands via the tb_id parameter. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in WordPress. | ||||
| CVE-2007-0232 | 1 Jshop E-commerce | 1 Jshop Server | 2024-11-21 | N/A |
| PHP remote file inclusion vulnerability in routines/fieldValidation.php in Jshop Server 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the jssShopFileSystem parameter. | ||||