|
267801
|
- |
|
oracle
|
enterprise_grid_console_server
opmn_daemon
|
Format string vulnerability in the logging function in the Oracle OPMN daemon, as used on Oracle Enterprise Grid Console server 10.2.0.1, allows remote attackers to execute arbitrary code via format …
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2007-5561
|
2008-09-6 06:31 |
2007-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267802
|
- |
|
xscreensaver
|
xscreensaver
|
xscreensaver 5.03 and earlier, when running without xscreensaver-gl-extras (GL extras) installed, crashes when /usr/bin/xscreensaver-gl-helper does not exist and a user attempts to unlock the screen,…
|
CWE-399
Resource Management Errors
|
CVE-2007-5585
|
2008-09-6 06:31 |
2007-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267803
|
- |
|
gentoo
|
mldonkey_ebuild
|
The Gentoo ebuild of MLDonkey before 2.9.0-r3 has a p2p user account with an empty default password and valid login shell, which might allow remote attackers to obtain login access and execute arbitr…
|
CWE-287
Improper Authentication
|
CVE-2007-5714
|
2008-09-6 06:31 |
2007-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267804
|
- |
|
ibm
|
db2_universal_database
|
Untrusted search path vulnerability in db2pd in IBM DB2 Universal Database (UDB) 8 before FixPak 16 and 9 before Fix Pack 4 allows local users to gain root privileges via a modified DB2INSTANCE envir…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-5757
|
2008-09-6 06:31 |
2008-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267805
|
- |
|
netkit-ftp
|
netkit_ftp
|
Double free vulnerability in the getreply function in ftp.c in netkit ftp (netkit-ftp) 0.17 20040614 and later allows remote FTP servers to cause a denial of service (application crash) and possibly …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-5769
|
2008-09-6 06:31 |
2007-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267806
|
- |
|
xensource_inc
|
xen
|
Xen 3.1.1 allows virtual guest system users to cause a denial of service (hypervisor crash) by using a debug register (DR7) to set certain breakpoints.
|
NVD-CWE-Other
|
CVE-2007-5906
|
2008-09-6 06:31 |
2007-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267807
|
- |
|
solidweb
|
novus
|
Cross-site scripting (XSS) vulnerability in buscar.asp in Solidweb Novus 1.0 allows remote attackers to inject arbitrary web script or HTML via the p parameter. NOTE: the provenance of this informat…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5142
|
2008-09-6 06:30 |
2007-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267808
|
- |
|
puzzle_apps_cms
|
puzzle_apps_cms
|
Multiple PHP remote file inclusion vulnerabilities in Puzzle Apps CMS 2.2.1 allow remote attackers to execute arbitrary PHP code via a URL in the MODULEDIR parameter to (1) core/modules/my/my.module.…
|
CWE-94
Code Injection
|
CVE-2007-5147
|
2008-09-6 06:30 |
2007-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267809
|
- |
|
ntfs-3g
|
ntfs-3g
|
The ntfs-3g package before 1.913-2.fc7 in Fedora 7, and an ntfs-3g package in Ubuntu 7.10/Gutsy, assign incorrect permissions (setuid root) to mount.ntfs-3g, which allows local users with fuse group …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-5159
|
2008-09-6 06:30 |
2007-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267810
|
- |
|
restaurant_management_system
|
restaurant_management_system
|
Multiple PHP remote file inclusion vulnerabilities in Thierry Leriche Restaurant Management System (ReMaSys) 0.5 allow remote attackers to execute arbitrary PHP code via a URL in (1) the DIR_ROOT par…
|
CWE-94
Code Injection
|
CVE-2007-5160
|
2008-09-6 06:30 |
2007-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
