Total
5442 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2007-6441 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2024-08-07 | N/A |
The WiMAX dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors related to "unaligned access on some platforms." | ||||
CVE-2007-6413 | 1 Sun | 1 Solaris | 2024-08-07 | N/A |
Sun Solaris 10 with the 120011-04 and 120012-04 patches, and later 120011-* and 120012-* patches, allows remote attackers to bypass certain netgroup restrictions and obtain root access to a filesystem via NFS requests from a client root user. | ||||
CVE-2007-6416 | 2 Redhat, Xen | 2 Enterprise Linux, Xen | 2024-08-07 | N/A |
The copy_to_user function in the PAL emulation functionality for Xen 3.1.2 and earlier, when running on ia64 systems, allows HVM guest users to access arbitrary physical memory by triggering certain mapping operations. | ||||
CVE-2007-6319 | 1 Lyris | 1 List Manager | 2024-08-07 | N/A |
Multiple unspecified vulnerabilities in Lyris ListManager 8.x before 8.95d, 9.2 before 9.2c, and 9.3 before 9.3b allow remote attackers to (1) gain list administrator privileges or (2) access arbitrary mailing lists via unknown vectors related to modification of client-side information; and (3) allow remote authenticated administrators to modify other account data by creating "new accounts that collide with existing accounts." | ||||
CVE-2007-6294 | 1 Ibm | 1 Hardware Management Console | 2024-08-07 | N/A |
Multiple unspecified vulnerabilities in IBM Hardware Management Console (HMC) 3 R3.7 allow attackers to gain privileges via "some HMC commands." | ||||
CVE-2007-6350 | 1 Scponly | 1 Scponly | 2024-08-07 | N/A |
scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute code by invoking dangerous subcommands including (1) unison, (2) rsync, (3) svn, and (4) svnserve, as originally demonstrated by creating a Subversion (SVN) repository with malicious hooks, then using svn to trigger execution of those hooks. | ||||
CVE-2007-6313 | 1 Mysql | 1 Mysql Community Server | 2024-08-07 | N/A |
MySQL Server 5.1.x before 5.1.23 and 6.0.x before 6.0.4 does not check the rights of the entity executing BINLOG, which allows remote authorized users to execute arbitrary BINLOG statements. | ||||
CVE-2007-6305 | 3 Ibm, Linux, Unix | 3 Hardware Management Console, Linux Kernel, Unix | 2024-08-07 | N/A |
Multiple unspecified vulnerabilities in IBM Hardware Management Console (HMC) 7 R3.2.0 allow attackers to gain privileges via "some HMC commands." | ||||
CVE-2007-6334 | 2 Ingres, Microsoft | 2 Ingres, Windows Nt | 2024-08-07 | N/A |
Ingres 2.5 and 2.6 on Windows, as used in multiple CA products and possibly other products, assigns the privileges and identity of users to be the same as the first user, which allows remote attackers to gain privileges. | ||||
CVE-2007-6243 | 2 Adobe, Redhat | 2 Flash Player, Rhel Extras | 2024-08-07 | N/A |
Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 does not sufficiently restrict the interpretation and usage of cross-domain policy files, which makes it easier for remote attackers to conduct cross-domain and cross-site scripting (XSS) attacks. | ||||
CVE-2007-6278 | 1 Flac | 1 Libflac | 2024-08-07 | N/A |
Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1 allows user-assisted remote attackers to force a client to download arbitrary files via the MIME-Type URL flag (-->) for the FLAC image file in a crafted .FLAC file. | ||||
CVE-2007-6246 | 3 Adobe, Linux, Redhat | 3 Flash Player, Linux Kernel, Rhel Extras | 2024-08-07 | N/A |
Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0, when running on Linux, uses insecure permissions for memory, which might allow local users to gain privileges. | ||||
CVE-2007-6222 | 1 Crm Ctt | 1 Interleave | 2024-08-07 | N/A |
The CheckCustomerAccess function in functions.php in CRM-CTT Interleave before 4.2.0 (formerly CRM-CTT) does not properly verify user privileges, which allows remote authenticated users with the LIMITTOCUSTOMERS privilege to bypass intended access restrictions and edit non-active user settings. NOTE: some of these details are obtained from third party information. | ||||
CVE-2007-6051 | 4 Ibm, Linux, Microsoft and 1 more | 4 Db2 Universal Database, Linux Kernel, Windows and 1 more | 2024-08-07 | N/A |
IBM DB2 UDB 9.1 before Fixpak 4 assigns incorrect privileges to the (1) DB2ADMNS and (2) DB2USERS alternative groups, which has unknown impact. NOTE: the vendor description of this issue is too vague to be certain that it is security-related. | ||||
CVE-2007-6211 | 2 Debian, Sing | 2 Debian Linux, Sing | 2024-08-07 | N/A |
Send ICMP Nasty Garbage (sing) on Debian GNU/Linux allows local users to append to arbitrary files and gain privileges via the -L (output log file) option. NOTE: this issue is only a vulnerability in limited environments, since sing is not installed setuid, and the administrator would need to override a non-setuid default during installation. | ||||
CVE-2007-6200 | 3 Redhat, Rsync, Slackware | 3 Enterprise Linux, Rsync, Slackware Linux | 2024-08-07 | N/A |
Unspecified vulnerability in rsync before 3.0.0pre6, when running a writable rsync daemon, allows remote attackers to bypass exclude, exclude_from, and filter and read or write hidden files via (1) symlink, (2) partial-dir, (3) backup-dir, and unspecified (4) dest options. | ||||
CVE-2007-6182 | 1 Growth | 1 Ispmanager | 2024-08-07 | N/A |
The responder program in ISPsystem ISPmanager (aka ISPmgr) 4.2.15.1 allows local users to gain privileges via shell metacharacters in command line arguments. | ||||
CVE-2007-6209 | 2 Linux, Zsh | 2 Linux Kernel, Zsh | 2024-08-07 | N/A |
Util/difflog.pl in zsh 4.3.4 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
CVE-2007-6167 | 1 Suse | 1 Suse Linux | 2024-08-07 | N/A |
Untrusted search path vulnerability in yast2-core in SUSE Linux might allow local users to execute arbitrary code by creating a malicious yast2 module in the current working directory. | ||||
CVE-2007-6174 | 1 Phpdevshell | 1 Phpdevshell | 2024-08-07 | N/A |
PHPDevShell before 0.7.0 allows remote authenticated users to gain privileges via a crafted request to update a user profile. NOTE: some of these details are obtained from third party information. |