268701
|
- |
|
fsp
|
c_library
|
Multiple stack-based buffer overflows in fsplib.c in fsplib before 0.9 might allow remote attackers to execute arbitrary code via (1) a long filename that is not properly handled by the fsp_readdir_n…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-3962
|
2008-11-15 14:00 |
2007-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268702
|
- |
|
opera
|
opera_browser
|
The canvas.createPattern function in Opera 9.x before 9.22 for Linux, FreeBSD, and Solaris does not clear memory before using it to process a new pattern, which allows remote attackers to obtain sens…
|
NVD-CWE-Other
|
CVE-2007-4944
|
2008-11-15 14:00 |
2007-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268703
|
- |
|
wilson_windowware
|
webbatch
|
webbatch.exe in WebBatch allows remote attackers to obtain sensitive information via the dumpinputdata parameter.
|
CWE-200
Information Exposure
|
CVE-2007-5011
|
2008-11-15 14:00 |
2007-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268704
|
- |
|
suse
|
suse_linux
|
Untrusted search path vulnerability in yast2-core in SUSE Linux might allow local users to execute arbitrary code by creating a malicious yast2 module in the current working directory.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-6167
|
2008-11-15 14:00 |
2007-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268705
|
- |
|
debian
|
unp
|
unp 1.0.12, and other versions before 1.0.14, does not properly escape file names, which might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename a…
|
NVD-CWE-noinfo
|
CVE-2007-6610
|
2008-11-15 14:00 |
2008-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268706
|
- |
|
bea
|
weblogic_server
|
BEA WebLogic Server 9.1 does not properly handle propagation of an admin server's security policy change log to temporarily unavailable managed servers, which might allow attackers to bypass intended…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-4614
|
2008-11-13 15:46 |
2007-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268707
|
- |
|
vtiger
|
vtiger_crm
|
SQL injection vulnerability in the dashboard (include/utils/SearchUtils.php) in vtiger CRM before 5.0.3 allows remote authenticated users to execute arbitrary SQL commands via the assigned_user_id pa…
|
NVD-CWE-Other
|
CVE-2007-3603
|
2008-11-13 15:42 |
2007-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268708
|
- |
|
vtiger
|
vtiger_crm
|
vtiger CRM before 5.0.3 allows remote authenticated users with access to the Analytics DashBoard menu to bypass data restrictions and read the pipeline of the entire organization, possibly involving …
|
NVD-CWE-Other
|
CVE-2007-3604
|
2008-11-13 15:42 |
2007-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268709
|
- |
|
vtiger
|
vtiger_crm
|
The report module in vtiger CRM before 5.0.3 does not properly apply security rules, which allows remote authenticated users to read arbitrary private module entries.
|
NVD-CWE-Other
|
CVE-2007-3617
|
2008-11-13 15:42 |
2007-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268710
|
- |
|
phpecho_cms
|
phpecho_cms
|
Multiple SQL injection vulnerabilities in the admin panel in PHPEcho CMS before 1.6 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
NVD-CWE-Other
|
CVE-2007-3335
|
2008-11-13 15:41 |
2007-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|