Lucene search
K

6797 matches found

NVD
NVD
added 2007/06/11 10:30 p.m.20 views

CVE-2007-3151

rpttop.htm in the web management interface in Packeteer PacketShaper 7.3.0g2 and 7.5.0g1 allows remote attackers to cause a denial of service device reboot via a request with empty values of the OP.MEAS.DATAQUERY and MEAS.TYPE parameters...

5CVSS6.5AI score0.07337EPSS
Exploits1References6
UbuntuCve
UbuntuCve
added 2007/06/06 9:30 p.m.33 views

CVE-2007-3089

Mozilla Firefox before 2.0.0.5 does not prevent use of document.write to replace an IFRAME 1 during the load stage or 2 in the case of an about:blank frame, which allows remote attackers to display arbitrary HTML or execute certain JavaScript code, as demonstrated by code that intercepts keystrok...

4.3CVSS7.5AI score0.02774EPSS
Exploits1References2
Prion
Prion
added 2007/06/06 9:30 p.m.26 views

Code injection

Mozilla Firefox before 2.0.0.5 does not prevent use of document.write to replace an IFRAME 1 during the load stage or 2 in the case of an about:blank frame, which allows remote attackers to display arbitrary HTML or execute certain JavaScript code, as demonstrated by code that intercepts keystrok...

4.3CVSS6.9AI score0.02774EPSS
Exploits1References52Affected Software1
Prion
Prion
added 2007/06/04 4:30 p.m.22 views

Authentication flaw

The Scheduler Service VxSchedService.exe in Symantec Storage Foundation for Windows 5.0 allows remote attackers to bypass authentication and execute arbitrary code via certain requests to the service socket that create 1 PreScript or 2 PostScript registry values under...

9.3CVSS8.4AI score0.05817EPSS
Exploits0References9Affected Software1
NVD
NVD
added 2007/06/04 4:30 p.m.19 views

CVE-2007-2279

The Scheduler Service VxSchedService.exe in Symantec Storage Foundation for Windows 5.0 allows remote attackers to bypass authentication and execute arbitrary code via certain requests to the service socket that create 1 PreScript or 2 PostScript registry values under...

9.3CVSS8AI score0.05817EPSS
Exploits0References9
NVD
NVD
added 2007/05/14 11:19 p.m.11 views

CVE-2007-2669

Multiple cross-site scripting XSS vulnerabilities in PHPChain 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the catid parameter to 1 settings.php or 2 cat.php. NOTE: certain parameter values also trigger path disclosure...

4.3CVSS5.7AI score0.01936EPSS
Exploits0References7
Cvelist
Cvelist
added 2007/05/09 10:0 p.m.34 views

CVE-2006-7195

Cross-site scripting XSS vulnerability in implicit-objects.jsp in Apache Tomcat 5.0.0 through 5.0.30 and 5.5.0 through 5.5.17 allows remote attackers to inject arbitrary web script or HTML via certain header values...

5.4AI score0.05476EPSS
Exploits0References17
Apache Tomcat
Apache Tomcat
added 2007/05/09 12:0 a.m.46 views

Fixed in Apache Tomcat 5.5.18, 5.0.SVN

Moderate: Cross-site scripting CVE-2006-7195 The implicit-objects.jsp in the examples webapp displayed a number of unfiltered header values. This enabled a XSS attack. These values are now filtered. Affects: 5.0.0-5.0.30, 5.5.0-5.5.17...

4.3CVSS5.2AI score0.05476EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2007/05/04 12:0 a.m.15 views

CVE-2007-2494

Multiple stack-based buffer overflows in the PowerPointOCX ActiveX control in PowerPointViewer.ocx 3.1.0.3 allow remote attackers to cause a denial of service Internet Explorer 7 crash via a long 1 DoOleCommand, 2 FTPDownloadFile, 3 FTPUploadFile, 4 HttpUploadFile, 5 Save, 6 SaveWebFile, 7...

6.8AI score0.0519EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2007/05/02 10:19 a.m.20 views

CVE-2007-2437

The X render Xrender extension in X.org X Window System 7.0, 7.1, and 7.2, with Xserver 1.3.0 and earlier, allows remote authenticated users to cause a denial of service daemon crash via crafted values to the 1 XRenderCompositeTrapezoids and 2 XRenderAddTraps functions, which trigger a...

5.5CVSS5.9AI score0.04401EPSS
Exploits0References1
OSV
OSV
added 2007/05/02 10:19 a.m.2 views

DEBIAN-CVE-2007-2437

The X render Xrender extension in X.org X Window System 7.0, 7.1, and 7.2, with Xserver 1.3.0 and earlier, allows remote authenticated users to cause a denial of service daemon crash via crafted values to the 1 XRenderCompositeTrapezoids and 2 XRenderAddTraps functions, which trigger a...

5.5CVSS6.2AI score0.04401EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2007/05/02 10:0 a.m.39 views

CVE-2007-2437

The X render Xrender extension in X.org X Window System 7.0, 7.1, and 7.2, with Xserver 1.3.0 and earlier, allows remote authenticated users to cause a denial of service daemon crash via crafted values to the 1 XRenderCompositeTrapezoids and 2 XRenderAddTraps functions, which trigger a...

5.5CVSS4.9AI score0.04401EPSS
Exploits0
seebug.org
seebug.org
added 2007/04/15 12:0 a.m.43 views

Kerberos 1.5.1 Kadmind Remote Root Buffer Overflow Vulnerability

No description provided by source. Kerberos Version 1.5.1 Kadmind Remote Root Buffer Overflow Vulnerability The Issue: Remotely exploitable buffer overflow vulnerability in Kerberos kadmind service The Versions: krb5-1.5.1 Latest version from http://eb.mit.edu/Kerberos/ krb5-server-1.4.3-5.1 Late...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2007/04/15 12:0 a.m.20 views

ZoneAlarm 6.1.744.0016.5.737.000 - Vsdatant.SYS Driver Local Denial of Service

ZoneAlarm 6.1.744.0016.5.737.000 - Vsdatant.SYS Driver Local Denial of Service // source: https://www.securityfocus.com/bid/23494/info ZoneAlarm is prone to a local denial-of-service vulnerability. This issue occurs when attackers supply invalid argument values to the 'vsdatant.sys' driver. A loc...

7.3AI score
Exploits0
Cvelist
Cvelist
added 2007/04/12 10:0 a.m.17 views

CVE-2007-1995

bgpd/bgpattr.c in Quagga 0.98.6 and earlier, and 0.99.6 and earlier 0.99 versions, does not validate length values in the MPREACHNLRI and MPUNREACHNLRI attributes, which allows remote attackers to cause a denial of service daemon crash or exit via crafted UPDATE messages that trigger an assertion...

6.3AI score0.0174EPSS
Exploits0References26
Cvelist
Cvelist
added 2007/04/06 1:0 a.m.31 views

CVE-2007-1890

Integer overflow in the msgreceive function in PHP 4 before 4.4.5 and PHP 5 before 5.2.1, on FreeBSD and possibly other platforms, allows context-dependent attackers to execute arbitrary code via certain maxsize values, as demonstrated by 0xffffffff...

7.6AI score0.07836EPSS
Exploits1References3
Exploit DB
Exploit DB
added 2007/04/01 12:0 a.m.24 views

Symantec (Multiple Products) - 'SPBBCDrv' Driver Local Denial of Service

// source: https://www.securityfocus.com/bid/23241/info Multiple Symantec products are prone to a local denial-of-service vulnerability. This issue occurs when attackers supply invalid argument values to the 'SPBBCDrv.sys' driver. A local attacker may exploit this issue to crash affected computer...

7.4AI score
Exploits0
Atlassian
Atlassian
added 2007/03/21 11:3 p.m.21 views

Make anonymiser more strict about the translation of values

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/JRACLOUD-12420. panel the anonymiser replaces letter and number characters in string values during xml backup. A more strict anonymiser would replace...

1.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/03/21 11:3 p.m.16 views

Make anonymiser more strict about the translation of values

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion|http://jira.atlassian.com/browse/JRASERVER-12420. panel the anonymiser replaces letter and number characters in string values during xml backup. A more strict anonymiser would replace...

1.4AI score
Exploits0Affected Software1
Prion
Prion
added 2007/03/10 10:19 p.m.18 views

Integer overflow

Multiple vulnerabilities in 1 bank.php, 2 landfill.php, 3 outposts.php, 4 tribes.php, 5 house.php, 6 tribearmor.php, 7 tribeastral.php, 8 tribeware.php, and 9 includes/head.php in Bartek Jasicki Vallheru before 1.3 beta have unknown impact and remote attack vectors, probably related to large...

10CVSS7.4AI score0.01446EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder